',
+ ],
+ ],
+ ],
+ ]);
+ $pablo_format->save();
+ return $pablo_format;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/filter_format/filter_format/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'filter_format--filter_format',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'filters' => [
+ 'filter_html' => [
+ 'id' => 'filter_html',
+ 'provider' => 'filter',
+ 'status' => TRUE,
+ 'weight' => -10,
+ 'settings' => [
+ 'allowed_html' => ' ',
+ 'filter_html_help' => TRUE,
+ 'filter_html_nofollow' => FALSE,
+ ],
+ ],
+ ],
+ 'format' => 'pablo',
+ 'langcode' => 'es',
+ 'name' => 'Pablo Piccasso',
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ 'weight' => 0,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ImageStyleTest.php b/core/modules/jsonapi/tests/src/Functional/ImageStyleTest.php
new file mode 100644
index 0000000..80ce98a
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ImageStyleTest.php
@@ -0,0 +1,130 @@
+grantPermissionsToTestedRole(['administer image styles']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" image style.
+ $camelids = ImageStyle::create([
+ 'name' => 'camelids',
+ 'label' => 'Camelids',
+ ]);
+
+ // Add an image effect.
+ $effect = [
+ 'id' => 'image_scale_and_crop',
+ 'data' => [
+ 'width' => 120,
+ 'height' => 121,
+ ],
+ 'weight' => 0,
+ ];
+ $this->effectUuid = $camelids->addImageEffect($effect);
+
+ $camelids->save();
+
+ return $camelids;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/image_style/image_style/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'image_style--image_style',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'effects' => [
+ $this->effectUuid => [
+ 'uuid' => $this->effectUuid,
+ 'id' => 'image_scale_and_crop',
+ 'weight' => 0,
+ 'data' => [
+ 'width' => 120,
+ 'height' => 121,
+ ],
+ ],
+ ],
+ 'label' => 'Camelids',
+ 'langcode' => 'en',
+ 'name' => 'camelids',
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/InternalEntitiesTest.php b/core/modules/jsonapi/tests/src/Functional/InternalEntitiesTest.php
new file mode 100644
index 0000000..4029ed5
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/InternalEntitiesTest.php
@@ -0,0 +1,203 @@
+testUser = $this->drupalCreateUser([
+ 'access jsonapi resource list',
+ 'view test entity',
+ 'administer entity_test_with_bundle content',
+ ], $this->randomString(), TRUE);
+ EntityTestBundle::create([
+ 'id' => 'internal_referencer',
+ 'label' => 'Entity Test Internal Referencer',
+ ])->save();
+ $this->createEntityReferenceField(
+ 'entity_test_with_bundle',
+ 'internal_referencer',
+ 'field_internal',
+ 'Internal Entities',
+ 'entity_test_no_label'
+ );
+ $this->internalEntity = EntityTestNoLabel::create([]);
+ $this->internalEntity->save();
+ $this->referencingEntity = EntityTestWithBundle::create([
+ 'type' => 'internal_referencer',
+ 'field_internal' => $this->internalEntity->id(),
+ ]);
+ $this->referencingEntity->save();
+ drupal_flush_all_caches();
+ }
+
+ /**
+ * Ensures that internal resources types aren't present in the entry point.
+ */
+ public function testEntryPoint() {
+ $this->skipIfIsInternalIsNotSupported();
+ $document = $this->jsonapiGet('/jsonapi');
+ $this->assertArrayNotHasKey(
+ "{$this->internalEntity->getEntityTypeId()}--{$this->internalEntity->bundle()}",
+ $document['links'],
+ 'The entry point should not contain links to internal resource type routes.'
+ );
+ }
+
+ /**
+ * Ensures that internal resources types aren't present in the routes.
+ */
+ public function testRoutes() {
+ $this->skipIfIsInternalIsNotSupported();
+ // This cannot be in a data provider because it needs values created by the
+ // setUp method.
+ $paths = [
+ 'individual' => $this->getIndividual($this->internalEntity),
+ 'collection' => $this->jsonapiGet("/jsonapi/{$this->internalEntity->getEntityTypeId()}/{$this->internalEntity->bundle()}"),
+ 'related' => $this->getRelated($this->referencingEntity, 'field_internal'),
+ ];
+ foreach ($paths as $type => $document) {
+ $this->assertSame(
+ 404,
+ $document['errors'][0]['status'],
+ "The '{$type}' route should not be available for internal resource types.'"
+ );
+ }
+ }
+
+ /**
+ * Asserts that internal entities are not included in compound documents.
+ */
+ public function testIncludes() {
+ $this->skipIfIsInternalIsNotSupported();
+ $document = $this->getIndividual($this->referencingEntity, [
+ 'query' => ['include' => 'field_internal'],
+ ]);
+ $this->assertArrayNotHasKey(
+ 'included',
+ $document,
+ 'Internal entities should not be included in compound documents.'
+ );
+ }
+
+ /**
+ * Asserts that links to internal relationships aren't generated.
+ */
+ public function testLinks() {
+ $this->skipIfIsInternalIsNotSupported();
+ $document = $this->getIndividual($this->referencingEntity);
+ $this->assertArrayNotHasKey(
+ 'related',
+ $document['data']['relationships']['field_internal']['links'],
+ 'Links to internal-only related routes should not be in the document.'
+ );
+ }
+
+ /**
+ * Returns the decoded JSON API document for the for the given entity.
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ * The entity to request.
+ * @param array $options
+ * URL options.
+ *
+ * @return array
+ * The decoded response document.
+ */
+ protected function getIndividual(EntityInterface $entity, array $options = []) {
+ $entity_type_id = $entity->getEntityTypeId();
+ $bundle = $entity->bundle();
+ $path = "/jsonapi/{$entity_type_id}/{$bundle}/{$entity->uuid()}";
+ return $this->jsonapiGet($path, $options);
+ }
+
+ /**
+ * Performs an authenticated request and returns the decoded document.
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ * The entity to request.
+ * @param string $relationship
+ * The field name of the relationship to request.
+ * @param array $options
+ * URL options.
+ *
+ * @return array
+ * The decoded response document.
+ */
+ protected function getRelated(EntityInterface $entity, $relationship, array $options = []) {
+ $entity_type_id = $entity->getEntityTypeId();
+ $bundle = $entity->bundle();
+ $path = "/jsonapi/{$entity_type_id}/{$bundle}/{$entity->uuid()}/{$relationship}";
+ return $this->jsonapiGet($path, $options);
+ }
+
+ /**
+ * Performs an authenticated request and returns the decoded document.
+ */
+ protected function jsonapiGet($path, array $options = []) {
+ $this->drupalLogin($this->testUser);
+ $response = $this->drupalGet($path, $options, ['Accept' => 'application/vnd.api+json']);
+ return Json::decode($response);
+ }
+
+ /**
+ * Only run tests when Drupal version is >= 8.5.
+ */
+ protected function skipIfIsInternalIsNotSupported() {
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ $this->markTestSkipped('The Drupal Core version must be >= 8.5');
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ItemTest.php b/core/modules/jsonapi/tests/src/Functional/ItemTest.php
new file mode 100644
index 0000000..b643228
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ItemTest.php
@@ -0,0 +1,172 @@
+grantPermissionsToTestedRole(['access news feeds']);
+ break;
+
+ case 'POST':
+ case 'PATCH':
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['administer news feeds']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" feed.
+ $feed = Feed::create([
+ 'title' => 'Camelids',
+ 'url' => 'https://groups.drupal.org/not_used/167169',
+ 'refresh' => 900,
+ 'checked' => 1389919932,
+ 'description' => 'Drupal Core Group feed',
+ ]);
+ $feed->save();
+
+ // Create a "Llama" item.
+ $item = Item::create();
+ $item->setTitle('Llama')
+ ->setFeedId($feed->id())
+ ->setLink('https://www.drupal.org/')
+ ->setPostedTime(123456789)
+ ->save();
+
+ return $item;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createAnotherEntity() {
+ $entity = $this->entity->createDuplicate();
+ $entity->setLink('https://www.example.org/');
+ $label_key = $entity->getEntityType()->getKey('label');
+ if ($label_key) {
+ $entity->set($label_key, $entity->label() . '_dupe');
+ }
+ $entity->save();
+ return $entity;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ return [];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET':
+ return "The 'access news feeds' permission is required.";
+
+ case 'POST':
+ case 'PATCH':
+ case 'DELETE':
+ return "The 'administer news feeds' permission is required.";
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testGetIndividual() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testRelated() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testGetRelationships() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testPostIndividual() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testPatchIndividual() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testDeleteIndividual() {
+ $this->markTestSkipped('Remove this override in https://www.drupal.org/project/drupal/issues/2149851');
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalMultilingualTest.php b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalMultilingualTest.php
new file mode 100644
index 0000000..eaa215d
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalMultilingualTest.php
@@ -0,0 +1,72 @@
+save();
+
+ // In order to reflect the changes for a multilingual site in the container
+ // we have to rebuild it.
+ $this->rebuildContainer();
+
+ \Drupal::configFactory()->getEditable('language.negotiation')
+ ->set('url.prefixes.ca', 'ca')
+ ->save();
+ }
+
+ /**
+ * Tests reading multilingual content.
+ */
+ public function testReadMultilingual() {
+ $this->createDefaultContent(5, 5, TRUE, TRUE, static::IS_MULTILINGUAL);
+
+ // Test reading an individual entity.
+ $output = Json::decode($this->drupalGet('/ca/jsonapi/node/article/' . $this->nodes[0]->uuid(), ['query' => ['include' => 'field_tags,field_image']]));
+ $this->assertEquals($this->nodes[0]->getTranslation('ca')->getTitle(), $output['data']['attributes']['title']);
+
+ $included_tags = array_filter($output['included'], function ($entry) {
+ return $entry['type'] === 'taxonomy_term--tags';
+ });
+ $tag_name = $this->nodes[0]->get('field_tags')->entity
+ ->getTranslation('ca')->getName();
+ // TODO figure out how to fetcht the alt text of an image.
+ $this->assertEquals($tag_name, reset($included_tags)['attributes']['name']);
+
+ $output = Json::decode($this->drupalGet('/ca/jsonapi/node/article/' . $this->nodes[0]->uuid()));
+ $this->assertEquals($this->nodes[0]->getTranslation('ca')->getTitle(), $output['data']['attributes']['title']);
+
+ // Test reading a collection of entities.
+ $output = Json::decode($this->drupalGet('/ca/jsonapi/node/article'));
+ $this->assertEquals($this->nodes[0]->getTranslation('ca')->getTitle(), $output['data'][0]['attributes']['title']);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTest.php b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTest.php
new file mode 100644
index 0000000..81e9d41
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTest.php
@@ -0,0 +1,839 @@
+createDefaultContent(61, 5, TRUE, TRUE, static::IS_NOT_MULTILINGUAL);
+ // Unpublish the last entity, so we can check access.
+ $this->nodes[60]->setUnpublished()->save();
+
+ // 0. HEAD request allows a client to verify that JSON API is installed.
+ $this->httpClient->request('HEAD', $this->buildUrl('/jsonapi/node/article'));
+ $this->assertSession()->statusCodeEquals(200);
+ // 1. Load all articles (1st page).
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ $this->assertSession()
+ ->responseHeaderEquals('Content-Type', 'application/vnd.api+json');
+ // 2. Load all articles (Offset 3).
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['page' => ['offset' => 3]],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ $this->assertContains('page%5Boffset%5D=53', $collection_output['links']['next']);
+ // 3. Load all articles (1st page, 2 items)
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['page' => ['limit' => 2]],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(2, count($collection_output['data']));
+ // 4. Load all articles (2nd page, 2 items).
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => [
+ 'page' => [
+ 'limit' => 2,
+ 'offset' => 2,
+ ],
+ ],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(2, count($collection_output['data']));
+ $this->assertContains('page%5Boffset%5D=4', $collection_output['links']['next']);
+ // 5. Single article.
+ $uuid = $this->nodes[0]->uuid();
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertArrayHasKey('type', $single_output['data']);
+ $this->assertEquals($this->nodes[0]->getTitle(), $single_output['data']['attributes']['title']);
+
+ // 5.1 Single article with access denied.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $this->nodes[60]->uuid()));
+ $this->assertSession()->statusCodeEquals(403);
+
+ $this->assertEquals('/data', $single_output['errors'][0]['source']['pointer']);
+ $this->assertEquals('/node--article/' . $this->nodes[60]->uuid(), $single_output['errors'][0]['id']);
+
+ // 6. Single relationship item.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/type'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertArrayHasKey('type', $single_output['data']);
+ $this->assertArrayNotHasKey('attributes', $single_output['data']);
+ $this->assertArrayHasKey('related', $single_output['links']);
+ // 7. Single relationship image.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/field_image'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertArrayHasKey('type', $single_output['data']);
+ $this->assertArrayNotHasKey('attributes', $single_output['data']);
+ $this->assertArrayHasKey('related', $single_output['links']);
+ // 8. Multiple relationship item.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/field_tags'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertArrayHasKey('type', $single_output['data'][0]);
+ $this->assertArrayNotHasKey('attributes', $single_output['data'][0]);
+ $this->assertArrayHasKey('related', $single_output['links']);
+ // 8b. Single related item, empty.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/field_heroless'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertSame([], $single_output['data']);
+ // 9. Related tags with includes.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/field_tags', [
+ 'query' => ['include' => 'vid'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals('taxonomy_term--tags', $single_output['data'][0]['type']);
+ $this->assertArrayHasKey('tid', $single_output['data'][0]['attributes']);
+ $this->assertContains(
+ '/taxonomy_term/tags/',
+ $single_output['data'][0]['links']['self']
+ );
+ $this->assertEquals(
+ 'taxonomy_vocabulary--taxonomy_vocabulary',
+ $single_output['included'][0]['type']
+ );
+ // 10. Single article with includes.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid, [
+ 'query' => ['include' => 'uid,field_tags'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals('node--article', $single_output['data']['type']);
+ $first_include = reset($single_output['included']);
+ $this->assertEquals(
+ 'user--user',
+ $first_include['type']
+ );
+ $last_include = end($single_output['included']);
+ $this->assertEquals(
+ 'taxonomy_term--tags',
+ $last_include['type']
+ );
+
+ // 10b. Single article with nested includes.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid, [
+ 'query' => ['include' => 'field_tags,field_tags.vid'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals('node--article', $single_output['data']['type']);
+ $first_include = reset($single_output['included']);
+ $this->assertEquals(
+ 'taxonomy_term--tags',
+ $first_include['type']
+ );
+ $last_include = end($single_output['included']);
+ $this->assertEquals(
+ 'taxonomy_vocabulary--taxonomy_vocabulary',
+ $last_include['type']
+ );
+
+ // 11. Includes with relationships.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/' . $uuid . '/relationships/uid', [
+ 'query' => ['include' => 'uid'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals('user--user', $single_output['data']['type']);
+ $this->assertArrayHasKey('related', $single_output['links']);
+ $first_include = reset($single_output['included']);
+ $this->assertEquals(
+ 'user--user',
+ $first_include['type']
+ );
+ $this->assertFalse(empty($first_include['attributes']));
+ $this->assertTrue(empty($first_include['attributes']['mail']));
+ $this->assertTrue(empty($first_include['attributes']['pass']));
+ // 12. Collection with one access denied.
+ $this->nodes[1]->set('status', FALSE);
+ $this->nodes[1]->save();
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['page' => ['limit' => 2]],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(1, count($single_output['data']));
+ $this->assertEquals(1, count($single_output['meta']['errors']));
+ $this->assertEquals(403, $single_output['meta']['errors'][0]['status']);
+ $this->assertEquals('/node--article/' . $this->nodes[1]->uuid(), $single_output['meta']['errors'][0]['id']);
+ $this->assertFalse(empty($single_output['meta']['errors'][0]['source']['pointer']));
+ $this->nodes[1]->set('status', TRUE);
+ $this->nodes[1]->save();
+ // 13. Test filtering when using short syntax.
+ $filter = [
+ 'uid.uuid' => ['value' => $this->user->uuid()],
+ 'field_tags.uuid' => ['value' => $this->tags[0]->uuid()],
+ ];
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter, 'include' => 'uid,field_tags'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThan(0, count($single_output['data']));
+ // 14. Test filtering when using long syntax.
+ $filter = [
+ 'and_group' => ['group' => ['conjunction' => 'AND']],
+ 'filter_user' => [
+ 'condition' => [
+ 'path' => 'uid.uuid',
+ 'value' => $this->user->uuid(),
+ 'memberOf' => 'and_group',
+ ],
+ ],
+ 'filter_tags' => [
+ 'condition' => [
+ 'path' => 'field_tags.uuid',
+ 'value' => $this->tags[0]->uuid(),
+ 'memberOf' => 'and_group',
+ ],
+ ],
+ ];
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter, 'include' => 'uid,field_tags'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThan(0, count($single_output['data']));
+ // 15. Test filtering when using invalid syntax.
+ $filter = [
+ 'and_group' => ['group' => ['conjunction' => 'AND']],
+ 'filter_user' => [
+ 'condition' => [
+ 'name-with-a-typo' => 'uid.uuid',
+ 'value' => $this->user->uuid(),
+ 'memberOf' => 'and_group',
+ ],
+ ],
+ ];
+ $this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]);
+ $this->assertSession()->statusCodeEquals(400);
+ // 16. Test filtering on the same field.
+ $filter = [
+ 'or_group' => ['group' => ['conjunction' => 'OR']],
+ 'filter_tags_1' => [
+ 'condition' => [
+ 'path' => 'field_tags.uuid',
+ 'value' => $this->tags[0]->uuid(),
+ 'memberOf' => 'or_group',
+ ],
+ ],
+ 'filter_tags_2' => [
+ 'condition' => [
+ 'path' => 'field_tags.uuid',
+ 'value' => $this->tags[1]->uuid(),
+ 'memberOf' => 'or_group',
+ ],
+ ],
+ ];
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter, 'include' => 'field_tags'],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(2, count($single_output['included']));
+ // 17. Single user (check fields lacking 'view' access).
+ $user_url = Url::fromRoute('jsonapi.user--user.individual', [
+ 'user' => $this->user->uuid(),
+ ]);
+ $response = $this->request('GET', $user_url, [
+ 'auth' => [
+ $this->userCanViewProfiles->getUsername(),
+ $this->userCanViewProfiles->pass_raw,
+ ],
+ ]);
+ $single_output = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(200, $response->getStatusCode());
+ $this->assertEquals('user--user', $single_output['data']['type']);
+ $this->assertEquals($this->user->get('name')->value, $single_output['data']['attributes']['name']);
+ $this->assertTrue(empty($single_output['data']['attributes']['mail']));
+ $this->assertTrue(empty($single_output['data']['attributes']['pass']));
+ // 18. Test filtering on the column of a link.
+ $filter = [
+ 'linkUri' => [
+ 'condition' => [
+ 'path' => 'field_link.uri',
+ 'value' => 'https://',
+ 'operator' => 'STARTS_WITH',
+ ],
+ ],
+ ];
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(1, count($single_output['data']));
+ // 19. Test non-existing route without 'Accept' header.
+ $this->drupalGet('/jsonapi/node/article/broccoli');
+ $this->assertSession()->statusCodeEquals(404);
+ // Without the 'Accept' header we cannot know we want the 404 error
+ // formatted as JSON API.
+ $this->assertSession()->responseHeaderContains('Content-Type', 'text/html');
+ // 20. Test non-existing route with 'Accept' header.
+ $single_output = Json::decode($this->drupalGet('/jsonapi/node/article/broccoli', [], [
+ 'Accept' => 'application/vnd.api+json',
+ ]));
+ $this->assertEquals(404, $single_output['errors'][0]['status']);
+ $this->assertSession()->statusCodeEquals(404);
+ // With the 'Accept' header we can know we want the 404 error formatted as
+ // JSON API.
+ $this->assertSession()->responseHeaderContains('Content-Type', 'application/vnd.api+json');
+ // 21. Test the value of the computed 'url' field.
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/file/file'));
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ $expected_url = (floatval(\Drupal::VERSION) < 8.5)
+ ? $collection_output['data'][0]['attributes']['uri']
+ : $collection_output['data'][0]['attributes']['uri']['value'];
+ $this->assertEquals($collection_output['data'][0]['attributes']['url'], $expected_url);
+ // 22. Test sort criteria on multiple fields: both ASC.
+ $output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => [
+ 'page[limit]' => 6,
+ 'sort' => 'field_sort1,field_sort2',
+ ],
+ ]));
+ $output_nids = array_map(function ($result) {
+ return $result['attributes']['nid'];
+ }, $output['data']);
+ $this->assertCount(6, $output_nids);
+ $this->assertEquals([5, 4, 3, 2, 1, 10], $output_nids);
+ // 23. Test sort criteria on multiple fields: first ASC, second DESC.
+ $output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => [
+ 'page[limit]' => 6,
+ 'sort' => 'field_sort1,-field_sort2',
+ ],
+ ]));
+ $output_nids = array_map(function ($result) {
+ return $result['attributes']['nid'];
+ }, $output['data']);
+ $this->assertCount(6, $output_nids);
+ $this->assertEquals([1, 2, 3, 4, 5, 6], $output_nids);
+ // 24. Test sort criteria on multiple fields: first DESC, second ASC.
+ $output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => [
+ 'page[limit]' => 6,
+ 'sort' => '-field_sort1,field_sort2',
+ ],
+ ]));
+ $output_nids = array_map(function ($result) {
+ return $result['attributes']['nid'];
+ }, $output['data']);
+ $this->assertCount(5, $output_nids);
+ $this->assertCount(1, $output['meta']['errors']);
+ $this->assertEquals([60, 59, 58, 57, 56], $output_nids);
+ // 25. Test sort criteria on multiple fields: both DESC.
+ $output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => [
+ 'page[limit]' => 6,
+ 'sort' => '-field_sort1,-field_sort2',
+ ],
+ ]));
+ $output_nids = array_map(function ($result) {
+ return $result['attributes']['nid'];
+ }, $output['data']);
+ $this->assertCount(5, $output_nids);
+ $this->assertCount(1, $output['meta']['errors']);
+ $this->assertEquals([56, 57, 58, 59, 60], $output_nids);
+ // 25. Test collection count.
+ $this->container->get('module_installer')->install(['jsonapi_test_collection_count']);
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article'));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(61, $collection_output['meta']['count']);
+ $this->container->get('module_installer')->uninstall(['jsonapi_test_collection_count']);
+
+ // Test documentation filtering examples.
+ // 1. Only get published nodes.
+ $filter = [
+ 'status-filter' => [
+ 'condition' => [
+ 'path' => 'status',
+ 'value' => 1,
+ ],
+ ],
+ ];
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ // 2. Nested Filters: Get nodes created by user admin.
+ $filter = [
+ 'name-filter' => [
+ 'condition' => [
+ 'path' => 'uid.name',
+ 'value' => $this->user->getAccountName(),
+ ],
+ ],
+ ];
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ // 3. Filtering with arrays: Get nodes created by users [admin, john].
+ $filter = [
+ 'name-filter' => [
+ 'condition' => [
+ 'path' => 'uid.name',
+ 'operator' => 'IN',
+ 'value' => [
+ $this->user->getAccountName(),
+ $this->getRandomGenerator()->name(),
+ ],
+ ],
+ ],
+ ];
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ // 4. Grouping filters: Get nodes that are published and create by admin.
+ $filter = [
+ 'and-group' => [
+ 'group' => [
+ 'conjunction' => 'AND',
+ ],
+ ],
+ 'name-filter' => [
+ 'condition' => [
+ 'path' => 'uid.name',
+ 'value' => $this->user->getAccountName(),
+ 'memberOf' => 'and-group',
+ ],
+ ],
+ 'status-filter' => [
+ 'condition' => [
+ 'path' => 'status',
+ 'value' => 1,
+ 'memberOf' => 'and-group',
+ ],
+ ],
+ ];
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertGreaterThanOrEqual(OffsetPage::SIZE_MAX, count($collection_output['data']));
+ // 5. Grouping grouped filters: Get nodes that are promoted or sticky and
+ // created by admin.
+ $filter = [
+ 'and-group' => [
+ 'group' => [
+ 'conjunction' => 'AND',
+ ],
+ ],
+ 'or-group' => [
+ 'group' => [
+ 'conjunction' => 'OR',
+ 'memberOf' => 'and-group',
+ ],
+ ],
+ 'admin-filter' => [
+ 'condition' => [
+ 'path' => 'uid.name',
+ 'value' => $this->user->getAccountName(),
+ 'memberOf' => 'and-group',
+ ],
+ ],
+ 'sticky-filter' => [
+ 'condition' => [
+ 'path' => 'sticky',
+ 'value' => 1,
+ 'memberOf' => 'or-group',
+ ],
+ ],
+ 'promote-filter' => [
+ 'condition' => [
+ 'path' => 'promote',
+ 'value' => 0,
+ 'memberOf' => 'or-group',
+ ],
+ ],
+ ];
+ $collection_output = Json::decode($this->drupalGet('/jsonapi/node/article', [
+ 'query' => ['filter' => $filter],
+ ]));
+ $this->assertSession()->statusCodeEquals(200);
+ $this->assertEquals(0, count($collection_output['data']));
+ }
+
+ /**
+ * Test POST, PATCH and DELETE.
+ */
+ public function testWrite() {
+ $this->createDefaultContent(0, 3, FALSE, FALSE, static::IS_NOT_MULTILINGUAL);
+ // 1. Successful post.
+ $collection_url = Url::fromRoute('jsonapi.node--article.collection');
+ $body = [
+ 'data' => [
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'langcode' => 'en',
+ 'title' => 'My custom title',
+ 'default_langcode' => '1',
+ 'body' => [
+ 'value' => 'Custom value',
+ 'format' => 'plain_text',
+ 'summary' => 'Custom summary',
+ ],
+ ],
+ 'relationships' => [
+ 'type' => [
+ 'data' => [
+ 'type' => 'node_type--node_type',
+ 'id' => 'article',
+ ],
+ ],
+ 'field_tags' => [
+ 'data' => [
+ [
+ 'type' => 'taxonomy_term--tags',
+ 'id' => $this->tags[0]->uuid(),
+ ],
+ [
+ 'type' => 'taxonomy_term--tags',
+ 'id' => $this->tags[1]->uuid(),
+ ],
+ ],
+ ],
+ ],
+ ],
+ ];
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(201, $response->getStatusCode());
+ $this->assertArrayHasKey('uuid', $created_response['data']['attributes']);
+ $uuid = $created_response['data']['attributes']['uuid'];
+ $this->assertEquals(2, count($created_response['data']['relationships']['field_tags']['data']));
+ $this->assertEquals($created_response['data']['links']['self'], $response->getHeader('Location')[0]);
+
+ // 2. Authorization error.
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($body),
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(403, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertEquals('Forbidden', $created_response['errors'][0]['title']);
+
+ // 2.1 Authorization error with a user without create permissions.
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->userCanViewProfiles->getUsername(), $this->userCanViewProfiles->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(403, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertEquals('Forbidden', $created_response['errors'][0]['title']);
+
+ // @todo Uncomment when https://www.drupal.org/project/jsonapi/issues/2934149 lands, and make more strict.
+ /*
+ * // 3. Missing Content-Type error.
+ *
+ * $response = $this->request('POST', $collection_url, [
+ * 'body' => Json::encode($body),
+ * 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ * 'headers' => ['Accept' => 'application/vnd.api+json'],
+ * ]);
+ * $created_response = Json::decode($response->getBody()->__toString());
+ * $this->assertEquals(422, $response->getStatusCode());
+ * $this->assertNotEmpty($created_response['errors']);
+ * $this->assertEquals(
+ * 'Unprocessable Entity',
+ * $created_response['errors'][0]['title']
+ * );
+ */
+
+ // 4. Article with a duplicate ID.
+ $invalid_body = $body;
+ $invalid_body['data']['id'] = Node::load(1)->uuid();
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($invalid_body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Accept' => 'application/vnd.api+json',
+ 'Content-Type' => 'application/vnd.api+json',
+ ],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(409, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertEquals('Conflict', $created_response['errors'][0]['title']);
+ // 5. Article with wrong reference UUIDs for tags.
+ $body_invalid_tags = $body;
+ $body_invalid_tags['data']['relationships']['field_tags']['data'][0]['id'] = 'lorem';
+ $body_invalid_tags['data']['relationships']['field_tags']['data'][1]['id'] = 'ipsum';
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($body_invalid_tags),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(201, $response->getStatusCode());
+ $this->assertEquals(0, count($created_response['data']['relationships']['field_tags']['data']));
+ // 6. Serialization error.
+ $response = $this->request('POST', $collection_url, [
+ 'body' => '{"bad json",,,}',
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Content-Type' => 'application/vnd.api+json',
+ 'Accept' => 'application/vnd.api+json',
+ ],
+ ]);
+ $created_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(422, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertEquals('Unprocessable Entity', $created_response['errors'][0]['title']);
+ // 6.1 Relationships are not included in "data".
+ $malformed_body = $body;
+ unset($malformed_body['data']['relationships']);
+ $malformed_body['relationships'] = $body['data']['relationships'];
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($malformed_body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Accept' => 'application/vnd.api+json',
+ 'Content-Type' => 'application/vnd.api+json',
+ ],
+ ]);
+ $created_response = Json::decode((string) $response->getBody());
+ $this->assertSame(400, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertSame("Bad Request", $created_response['errors'][0]['title']);
+ $this->assertSame("Found \"relationships\" within the document's top level. The \"relationships\" key must be within resource object.", $created_response['errors'][0]['detail']);
+ // 6.2 "type" not included in "data".
+ $missing_type = $body;
+ unset($missing_type['data']['type']);
+ $response = $this->request('POST', $collection_url, [
+ 'body' => Json::encode($missing_type),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Accept' => 'application/vnd.api+json',
+ 'Content-Type' => 'application/vnd.api+json',
+ ],
+ ]);
+ $created_response = Json::decode((string) $response->getBody());
+ $this->assertSame(400, $response->getStatusCode());
+ $this->assertNotEmpty($created_response['errors']);
+ $this->assertSame("Bad Request", $created_response['errors'][0]['title']);
+ $this->assertSame("Resource object must include a \"type\".", $created_response['errors'][0]['detail']);
+ // 7. Successful PATCH.
+ $body = [
+ 'data' => [
+ 'id' => $uuid,
+ 'type' => 'node--article',
+ 'attributes' => ['title' => 'My updated title'],
+ ],
+ ];
+ $individual_url = Url::fromRoute('jsonapi.node--article.individual', [
+ 'node' => $uuid,
+ ]);
+ $response = $this->request('PATCH', $individual_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(200, $response->getStatusCode());
+ $this->assertEquals('My updated title', $updated_response['data']['attributes']['title']);
+
+ // 7.1 Unsuccessful PATCH due to access restrictions.
+ $body = [
+ 'data' => [
+ 'id' => $uuid,
+ 'type' => 'node--article',
+ 'attributes' => ['title' => 'My updated title'],
+ ],
+ ];
+ $individual_url = Url::fromRoute('jsonapi.node--article.individual', [
+ 'node' => $uuid,
+ ]);
+ $response = $this->request('PATCH', $individual_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->userCanViewProfiles->getUsername(), $this->userCanViewProfiles->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $this->assertEquals(403, $response->getStatusCode());
+
+ // 8. Field access forbidden check.
+ $body = [
+ 'data' => [
+ 'id' => $uuid,
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'title' => 'My updated title',
+ 'status' => 0,
+ ],
+ ],
+ ];
+ $response = $this->request('PATCH', $individual_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(403, $response->getStatusCode());
+ $this->assertEquals("The current user is not allowed to PATCH the selected field (status). The 'administer nodes' permission is required.",
+ $updated_response['errors'][0]['detail']);
+
+ $node = \Drupal::entityManager()->loadEntityByUuid('node', $uuid);
+ $this->assertEquals(1, $node->get('status')->value, 'Node status was not changed.');
+ // 9. Successful POST to related endpoint.
+ $body = [
+ 'data' => [
+ [
+ 'id' => $this->tags[2]->uuid(),
+ 'type' => 'taxonomy_term--tags',
+ ],
+ ],
+ ];
+ $relationship_url = Url::fromRoute('jsonapi.node--article.relationship', [
+ 'node' => $uuid,
+ 'related' => 'field_tags',
+ ]);
+ $response = $this->request('POST', $relationship_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(201, $response->getStatusCode());
+ $this->assertEquals(3, count($updated_response['data']));
+ $this->assertEquals('taxonomy_term--tags', $updated_response['data'][2]['type']);
+ $this->assertEquals($this->tags[2]->uuid(), $updated_response['data'][2]['id']);
+ // 10. Successful PATCH to related endpoint.
+ $body = [
+ 'data' => [
+ [
+ 'id' => $this->tags[1]->uuid(),
+ 'type' => 'taxonomy_term--tags',
+ ],
+ ],
+ ];
+ $response = $this->request('PATCH', $relationship_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(200, $response->getStatusCode());
+ $this->assertCount(1, $updated_response['data']);
+ $this->assertEquals('taxonomy_term--tags', $updated_response['data'][0]['type']);
+ $this->assertEquals($this->tags[1]->uuid(), $updated_response['data'][0]['id']);
+ // 11. Successful DELETE to related endpoint.
+ $payload = $updated_response;
+ $response = $this->request('DELETE', $relationship_url, [
+ // Send a request with no body.
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Content-Type' => 'application/vnd.api+json',
+ 'Accept' => 'application/vnd.api+json',
+ ],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(
+ 'You need to provide a body for DELETE operations on a relationship (field_tags).',
+ $updated_response['errors'][0]['detail']
+ );
+ $this->assertEquals(400, $response->getStatusCode());
+ $response = $this->request('DELETE', $relationship_url, [
+ // Send a request with no authentication.
+ 'body' => Json::encode($payload),
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $this->assertEquals(403, $response->getStatusCode());
+ $response = $this->request('DELETE', $relationship_url, [
+ // Remove the existing relationship item.
+ 'body' => Json::encode($payload),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => ['Content-Type' => 'application/vnd.api+json'],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(201, $response->getStatusCode());
+ $this->assertCount(0, $updated_response['data']);
+ // 12. PATCH with invalid title and body format.
+ $body = [
+ 'data' => [
+ 'id' => $uuid,
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'title' => '',
+ 'body' => [
+ 'value' => 'Custom value',
+ 'format' => 'invalid_format',
+ 'summary' => 'Custom summary',
+ ],
+ ],
+ ],
+ ];
+ $response = $this->request('PATCH', $individual_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Content-Type' => 'application/vnd.api+json',
+ 'Accept' => 'application/vnd.api+json',
+ ],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(422, $response->getStatusCode());
+ $this->assertCount(2, $updated_response['errors']);
+ for ($i = 0; $i < 2; $i++) {
+ $this->assertEquals("Unprocessable Entity", $updated_response['errors'][$i]['title']);
+ $this->assertEquals(422, $updated_response['errors'][$i]['status']);
+ }
+ $this->assertEquals("title: This value should not be null.", $updated_response['errors'][0]['detail']);
+ $this->assertEquals("body.0.format: The value you selected is not a valid choice.", $updated_response['errors'][1]['detail']);
+ $this->assertEquals("/data/attributes/title", $updated_response['errors'][0]['source']['pointer']);
+ $this->assertEquals("/data/attributes/body/format", $updated_response['errors'][1]['source']['pointer']);
+ // 13. PATCH with field that doesn't exist on Entity.
+ $body = [
+ 'data' => [
+ 'id' => $uuid,
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'field_that_doesnt_exist' => 'foobar',
+ ],
+ ],
+ ];
+ $response = $this->request('PATCH', $individual_url, [
+ 'body' => Json::encode($body),
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ 'headers' => [
+ 'Content-Type' => 'application/vnd.api+json',
+ 'Accept' => 'application/vnd.api+json',
+ ],
+ ]);
+ $updated_response = Json::decode($response->getBody()->__toString());
+ $this->assertEquals(400, $response->getStatusCode());
+ $this->assertEquals("The provided field (field_that_doesnt_exist) does not exist in the entity with ID $uuid.",
+ $updated_response['errors']['0']['detail']);
+ // 14. Successful DELETE.
+ $response = $this->request('DELETE', $individual_url, [
+ 'auth' => [$this->user->getUsername(), $this->user->pass_raw],
+ ]);
+ $this->assertEquals(204, $response->getStatusCode());
+ $response = $this->request('GET', $individual_url, []);
+ $this->assertEquals(404, $response->getStatusCode());
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTestBase.php b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTestBase.php
new file mode 100644
index 0000000..f683a22
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/JsonApiFunctionalTestBase.php
@@ -0,0 +1,317 @@
+httpClient = $this->container->get('http_client_factory')
+ ->fromOptions(['base_uri' => $this->baseUrl]);
+
+ // Create Basic page and Article node types.
+ if ($this->profile != 'standard') {
+ $this->drupalCreateContentType([
+ 'type' => 'article',
+ 'name' => 'Article',
+ ]);
+
+ // Setup vocabulary.
+ Vocabulary::create([
+ 'vid' => 'tags',
+ 'name' => 'Tags',
+ ])->save();
+
+ // Add tags and field_image to the article.
+ $this->createEntityReferenceField(
+ 'node',
+ 'article',
+ 'field_tags',
+ 'Tags',
+ 'taxonomy_term',
+ 'default',
+ [
+ 'target_bundles' => [
+ 'tags' => 'tags',
+ ],
+ 'auto_create' => TRUE,
+ ],
+ FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED
+ );
+ $this->createImageField('field_image', 'article');
+ $this->createImageField('field_heroless', 'article');
+ }
+
+ FieldStorageConfig::create([
+ 'field_name' => 'field_link',
+ 'entity_type' => 'node',
+ 'type' => 'link',
+ 'settings' => [],
+ 'cardinality' => 1,
+ ])->save();
+
+ $field_config = FieldConfig::create([
+ 'field_name' => 'field_link',
+ 'label' => 'Link',
+ 'entity_type' => 'node',
+ 'bundle' => 'article',
+ 'required' => FALSE,
+ 'settings' => [],
+ 'description' => '',
+ ]);
+ $field_config->save();
+
+ // Field for testing sorting.
+ FieldStorageConfig::create([
+ 'field_name' => 'field_sort1',
+ 'entity_type' => 'node',
+ 'type' => 'integer',
+ ])->save();
+ FieldConfig::create([
+ 'field_name' => 'field_sort1',
+ 'entity_type' => 'node',
+ 'bundle' => 'article',
+ ])->save();
+
+ // Another field for testing sorting.
+ FieldStorageConfig::create([
+ 'field_name' => 'field_sort2',
+ 'entity_type' => 'node',
+ 'type' => 'integer',
+ ])->save();
+ FieldConfig::create([
+ 'field_name' => 'field_sort2',
+ 'entity_type' => 'node',
+ 'bundle' => 'article',
+ ])->save();
+
+ $this->user = $this->drupalCreateUser([
+ 'create article content',
+ 'edit any article content',
+ 'delete any article content',
+ ]);
+
+ // Create a user that can.
+ $this->userCanViewProfiles = $this->drupalCreateUser([
+ 'access user profiles',
+ ]);
+
+ $this->grantPermissions(Role::load(RoleInterface::ANONYMOUS_ID), [
+ 'access user profiles',
+ 'administer taxonomy',
+ ]);
+
+ drupal_flush_all_caches();
+ }
+
+ /**
+ * Performs a HTTP request. Wraps the Guzzle HTTP client.
+ *
+ * Why wrap the Guzzle HTTP client? Because any error response is returned via
+ * an exception, which would make the tests unnecessarily complex to read.
+ *
+ * @param string $method
+ * HTTP method.
+ * @param \Drupal\Core\Url $url
+ * URL to request.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return \Psr\Http\Message\ResponseInterface
+ * The request response.
+ *
+ * @throws \GuzzleHttp\Exception\GuzzleException
+ *
+ * @see \GuzzleHttp\ClientInterface::request
+ */
+ protected function request($method, Url $url, array $request_options) {
+ try {
+ $response = $this->httpClient->request($method, $url->toString(), $request_options);
+ }
+ catch (ClientException $e) {
+ $response = $e->getResponse();
+ }
+ catch (ServerException $e) {
+ $response = $e->getResponse();
+ }
+
+ return $response;
+ }
+
+ /**
+ * Creates default content to test the API.
+ *
+ * @param int $num_articles
+ * Number of articles to create.
+ * @param int $num_tags
+ * Number of tags to create.
+ * @param bool $article_has_image
+ * Set to TRUE if you want to add an image to the generated articles.
+ * @param bool $article_has_link
+ * Set to TRUE if you want to add a link to the generated articles.
+ * @param bool $is_multilingual
+ * (optional) Set to TRUE if you want to enable multilingual content.
+ */
+ protected function createDefaultContent($num_articles, $num_tags, $article_has_image, $article_has_link, $is_multilingual) {
+ $random = $this->getRandomGenerator();
+ for ($created_tags = 0; $created_tags < $num_tags; $created_tags++) {
+ $term = Term::create([
+ 'vid' => 'tags',
+ 'name' => $random->name(),
+ ]);
+
+ if ($is_multilingual) {
+ $term->addTranslation('ca', ['name' => $term->getName() . ' (ca)']);
+ }
+
+ $term->save();
+ $this->tags[] = $term;
+ }
+ for ($created_nodes = 0; $created_nodes < $num_articles; $created_nodes++) {
+ // Get N random tags.
+ $selected_tags = mt_rand(1, $num_tags);
+ $tags = [];
+ while (count($tags) < $selected_tags) {
+ $tags[] = mt_rand(1, $num_tags);
+ $tags = array_unique($tags);
+ }
+ $values = [
+ 'uid' => ['target_id' => $this->user->id()],
+ 'type' => 'article',
+ 'field_tags' => array_map(function ($tag) {
+ return ['target_id' => $tag];
+ }, $tags),
+ ];
+ if ($article_has_image) {
+ $file = File::create([
+ 'uri' => 'vfs://' . $random->name() . '.png',
+ ]);
+ $file->setPermanent();
+ $file->save();
+ $this->files[] = $file;
+ $values['field_image'] = ['target_id' => $file->id(), 'alt' => 'alt text'];
+ }
+ if ($article_has_link) {
+ $values['field_link'] = [
+ 'title' => $this->getRandomGenerator()->name(),
+ 'uri' => sprintf(
+ '%s://%s.%s',
+ 'http' . (mt_rand(0, 2) > 1 ? '' : 's'),
+ $this->getRandomGenerator()->name(),
+ 'org'
+ ),
+ ];
+ }
+
+ // Create values for the sort fields, to allow for testing complex
+ // sorting:
+ // - field_sort1 increments every 5 articles, starting at zero
+ // - field_sort2 decreases every article, ending at zero.
+ $values['field_sort1'] = ['value' => floor($created_nodes / 5)];
+ $values['field_sort2'] = ['value' => $num_articles - $created_nodes];
+
+ $node = $this->createNode($values);
+
+ if ($is_multilingual === static::IS_MULTILINGUAL) {
+ $values['title'] = $node->getTitle() . ' (ca)';
+ $values['field_image']['alt'] = 'alt text (ca)';
+ $node->addTranslation('ca', $values);
+ }
+ $node->save();
+
+ $this->nodes[] = $node;
+ }
+ if ($article_has_link) {
+ // Make sure that there is at least 1 https link for ::testRead() #19.
+ $this->nodes[0]->field_link = [
+ 'title' => 'Drupal',
+ 'uri' => 'https://drupal.org',
+ ];
+ $this->nodes[0]->save();
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/MediaTest.php b/core/modules/jsonapi/tests/src/Functional/MediaTest.php
new file mode 100644
index 0000000..41f2a15
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/MediaTest.php
@@ -0,0 +1,332 @@
+ NULL,
+ ];
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ switch ($method) {
+ case 'GET':
+ $this->grantPermissionsToTestedRole(['view media']);
+ break;
+
+ case 'POST':
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ $this->grantPermissionsToTestedRole(['create media']);
+ }
+ $this->grantPermissionsToTestedRole(['create camelids media']);
+ break;
+
+ case 'PATCH':
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ $this->grantPermissionsToTestedRole(['update any media']);
+ }
+ $this->grantPermissionsToTestedRole(['edit any camelids media']);
+ // @todo Remove this in https://www.drupal.org/node/2824851.
+ $this->grantPermissionsToTestedRole(['access content']);
+ break;
+
+ case 'DELETE':
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ $this->grantPermissionsToTestedRole(['delete any media']);
+ }
+ $this->grantPermissionsToTestedRole(['delete any camelids media']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ if (!MediaType::load('camelids')) {
+ // Create a "Camelids" media type.
+ $media_type = MediaType::create([
+ 'name' => 'Camelids',
+ 'id' => 'camelids',
+ 'description' => 'Camelids are large, strictly herbivorous animals with slender necks and long legs.',
+ 'source' => 'file',
+ ]);
+ $media_type->save();
+ // Create the source field.
+ $source_field = $media_type->getSource()->createSourceField($media_type);
+ $source_field->getFieldStorageDefinition()->save();
+ $source_field->save();
+ $media_type
+ ->set('source_configuration', [
+ 'source_field' => $source_field->getName(),
+ ])
+ ->save();
+ }
+
+ // Create a file to upload.
+ $file = File::create([
+ 'uri' => 'public://llama.txt',
+ ]);
+ $file->setPermanent();
+ $file->save();
+
+ // Create a "Llama" media item.
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ $file_field_name = floatval(\Drupal::VERSION) >= 8.5 ? 'field_media_file' : 'field_media_file_1';
+ $media = Media::create([
+ 'bundle' => 'camelids',
+ $file_field_name => [
+ 'target_id' => $file->id(),
+ ],
+ ]);
+ $media
+ ->setName('Llama')
+ ->setPublished(TRUE)
+ ->setCreatedTime(123456789)
+ ->setOwnerId($this->account->id())
+ ->setRevisionUserId($this->account->id())
+ ->save();
+
+ return $media;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $file = File::load(1);
+ $thumbnail = File::load(2);
+ $author = User::load($this->entity->getOwnerId());
+ $self_url = Url::fromUri('base:/jsonapi/media/camelids/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ $normalization = [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'media--camelids',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'mid' => 1,
+ 'vid' => 1,
+ 'langcode' => 'en',
+ 'name' => 'Llama',
+ 'status' => TRUE,
+ 'created' => 123456789,
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'created' => $this->formatExpectedTimestampItemValues(123456789), */
+ 'changed' => $this->entity->getChangedTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'changed' => $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()), */
+ 'revision_created' => (int) $this->entity->getRevisionCreationTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'revision_created' => $this->formatExpectedTimestampItemValues((int) $this->entity->getRevisionCreationTime()), */
+ 'default_langcode' => TRUE,
+ 'revision_log_message' => NULL,
+ // @todo Attempt to remove this in https://www.drupal.org/project/drupal/issues/2933518.
+ 'revision_translation_affected' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ 'relationships' => [
+ 'field_media_file' => [
+ 'data' => [
+ 'id' => $file->uuid(),
+ 'meta' => [
+ 'description' => NULL,
+ 'display' => NULL,
+ ],
+ 'type' => 'file--file',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/field_media_file',
+ 'self' => $self_url . '/relationships/field_media_file',
+ ],
+ ],
+ 'thumbnail' => [
+ 'data' => [
+ 'id' => $thumbnail->uuid(),
+ 'meta' => [
+ 'alt' => 'Thumbnail',
+ 'width' => '180',
+ 'height' => '180',
+ 'title' => 'Llama',
+ ],
+ 'type' => 'file--file',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/thumbnail',
+ 'self' => $self_url . '/relationships/thumbnail',
+ ],
+ ],
+ 'bundle' => [
+ 'data' => [
+ 'id' => MediaType::load('camelids')->uuid(),
+ 'type' => 'media_type--media_type',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/bundle',
+ 'self' => $self_url . '/relationships/bundle',
+ ],
+ ],
+ 'uid' => [
+ 'data' => [
+ 'id' => $author->uuid(),
+ 'type' => 'user--user',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/uid',
+ 'self' => $self_url . '/relationships/uid',
+ ],
+ ],
+ 'revision_user' => [
+ 'data' => [
+ 'id' => $author->uuid(),
+ 'type' => 'user--user',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/revision_user',
+ 'self' => $self_url . '/relationships/revision_user',
+ ],
+ ],
+ ],
+ ],
+ ];
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ unset($normalization['data']['attributes']['revision_default']);
+ $normalization['data']['relationships']['field_media_file_1'] = $normalization['data']['relationships']['field_media_file'];
+ $normalization['data']['relationships']['field_media_file_1']['links']['related'] .= '_1';
+ $normalization['data']['relationships']['field_media_file_1']['links']['self'] .= '_1';
+ unset($normalization['data']['relationships']['field_media_file']);
+ }
+ return $normalization;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'media--camelids',
+ 'attributes' => [
+ 'name' => 'Dramallama',
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET';
+ return "The 'view media' permission is required and the media item must be published.";
+
+ default:
+ return '';
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessCacheability() {
+ // @see \Drupal\media\MediaAccessControlHandler::checkAccess()
+ return parent::getExpectedUnauthorizedAccessCacheability()
+ ->addCacheTags(['media:1']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testPostIndividual() {
+ $this->markTestSkipped('POSTing File Media items is not supported until https://www.drupal.org/node/1927648 is solved.');
+ }
+
+ /**
+ * {@inheritdoc}
+ *
+ * @todo Determine if this override should be removed in https://www.drupal.org/project/jsonapi/issues/2952522
+ */
+ protected function getExpectedGetRelationshipDocumentData($relationship_field_name) {
+ $data = parent::getExpectedGetRelationshipDocumentData($relationship_field_name);
+ switch ($relationship_field_name) {
+ case 'thumbnail':
+ $data['meta'] = [
+ 'alt' => 'Thumbnail',
+ 'width' => '180',
+ 'height' => '180',
+ 'title' => 'Llama',
+ ];
+ return $data;
+
+ case 'field_media_file':
+ $data['meta'] = [
+ 'description' => NULL,
+ 'display' => NULL,
+ ];
+ return $data;
+
+ default:
+ return $data;
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/MediaTypeTest.php b/core/modules/jsonapi/tests/src/Functional/MediaTypeTest.php
new file mode 100644
index 0000000..6da5a35
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/MediaTypeTest.php
@@ -0,0 +1,111 @@
+grantPermissionsToTestedRole(['administer media types']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" media type.
+ $camelids = MediaType::create([
+ 'name' => 'Camelids',
+ 'id' => 'camelids',
+ 'description' => 'Camelids are large, strictly herbivorous animals with slender necks and long legs.',
+ 'source' => 'file',
+ ]);
+
+ $camelids->save();
+
+ return $camelids;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/media_type/media_type/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'media_type--media_type',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'description' => 'Camelids are large, strictly herbivorous animals with slender necks and long legs.',
+ 'field_map' => [],
+ 'id' => 'camelids',
+ 'label' => NULL,
+ 'langcode' => 'en',
+ 'new_revision' => FALSE,
+ 'queue_thumbnail_downloads' => FALSE,
+ 'source' => 'file',
+ 'source_configuration' => [
+ 'source_field' => '',
+ ],
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/MenuLinkContentTest.php b/core/modules/jsonapi/tests/src/Functional/MenuLinkContentTest.php
new file mode 100644
index 0000000..cb258fc
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/MenuLinkContentTest.php
@@ -0,0 +1,152 @@
+ NULL,
+ ];
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ $this->grantPermissionsToTestedRole(['administer menu']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $menu_link = MenuLinkContent::create([
+ 'id' => 'llama',
+ 'title' => 'Llama Gabilondo',
+ 'description' => 'Llama Gabilondo',
+ 'link' => 'https://nl.wikipedia.org/wiki/Llama',
+ 'weight' => 0,
+ 'menu_name' => 'main',
+ ]);
+ $menu_link->save();
+
+ return $menu_link;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/menu_link_content/menu_link_content/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'menu_link_content--menu_link_content',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'bundle' => 'menu_link_content',
+ 'id' => 1,
+ 'link' => [
+ 'uri' => 'https://nl.wikipedia.org/wiki/Llama',
+ 'title' => NULL,
+ 'options' => [],
+ ],
+ 'changed' => $this->entity->getChangedTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'changed' => $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()), */
+ 'default_langcode' => TRUE,
+ 'description' => 'Llama Gabilondo',
+ 'enabled' => TRUE,
+ 'expanded' => FALSE,
+ 'external' => FALSE,
+ 'langcode' => 'en',
+ 'menu_name' => 'main',
+ 'parent' => NULL,
+ 'rediscover' => FALSE,
+ 'title' => 'Llama Gabilondo',
+ 'uuid' => $this->entity->uuid(),
+ 'weight' => 0,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'menu_link_content--menu_link_content',
+ 'attributes' => [
+ 'title' => 'Dramallama',
+ 'link' => [
+ 'uri' => 'http://www.urbandictionary.com/define.php?term=drama%20llama',
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'DELETE':
+ return '';
+
+ default:
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/MenuTest.php b/core/modules/jsonapi/tests/src/Functional/MenuTest.php
new file mode 100644
index 0000000..ea7e8c2
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/MenuTest.php
@@ -0,0 +1,102 @@
+grantPermissionsToTestedRole(['administer menu']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $menu = Menu::create([
+ 'id' => 'menu',
+ 'label' => 'Menu',
+ 'description' => 'Menu',
+ ]);
+ $menu->save();
+
+ return $menu;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/menu/menu/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'menu--menu',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'description' => 'Menu',
+ 'id' => 'menu',
+ 'label' => 'Menu',
+ 'langcode' => 'en',
+ 'locked' => FALSE,
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/MessageTest.php b/core/modules/jsonapi/tests/src/Functional/MessageTest.php
new file mode 100644
index 0000000..279e433
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/MessageTest.php
@@ -0,0 +1,144 @@
+grantPermissionsToTestedRole(['access site-wide contact form']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ if (!ContactForm::load('camelids')) {
+ // Create a "Camelids" contact form.
+ ContactForm::create([
+ 'id' => 'camelids',
+ 'label' => 'Llama',
+ 'message' => 'Let us know what you think about llamas',
+ 'reply' => 'Llamas are indeed awesome!',
+ 'recipients' => [
+ 'llama@example.com',
+ 'contact@example.com',
+ ],
+ ])->save();
+ }
+
+ $message = Message::create([
+ 'contact_form' => 'camelids',
+ 'subject' => 'Llama Gabilondo',
+ 'message' => 'Llamas are awesome!',
+ ]);
+ $message->save();
+
+ return $message;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ throw new \Exception('Not yet supported.');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'contact_message--camelids',
+ 'attributes' => [
+ 'subject' => 'Dramallama',
+ 'message' => 'http://www.urbandictionary.com/define.php?term=drama%20llama',
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ if ($method === 'POST') {
+ return "The 'access site-wide contact form' permission is required.";
+ }
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testGetIndividual() {
+ $this->markTestSkipped('Change this override in https://www.drupal.org/project/jsonapi/issues/2944977');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testPatchIndividual() {
+ $this->markTestSkipped('Change this override in https://www.drupal.org/project/jsonapi/issues/2944977');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testDeleteIndividual() {
+ $this->markTestSkipped('Change this override in https://www.drupal.org/project/jsonapi/issues/2944977');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testRelated() {
+ $this->markTestSkipped('Change this override in https://www.drupal.org/project/jsonapi/issues/2944977');
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testGetRelationships() {
+ $this->markTestSkipped('Change this override in https://www.drupal.org/project/jsonapi/issues/2944977');
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/NodeTest.php b/core/modules/jsonapi/tests/src/Functional/NodeTest.php
new file mode 100644
index 0000000..fb611c5
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/NodeTest.php
@@ -0,0 +1,343 @@
+ NULL,
+ // @todo This is a relationship, and cannot be tested in the same way. Fix in https://www.drupal.org/project/jsonapi/issues/2939810.
+ // 'revision_uid' => NULL,
+ 'created' => "The 'administer nodes' permission is required.",
+ 'changed' => NULL,
+ 'promote' => "The 'administer nodes' permission is required.",
+ 'sticky' => "The 'administer nodes' permission is required.",
+ 'path' => "The following permissions are required: 'create url aliases' OR 'administer url aliases'.",
+ ];
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ switch ($method) {
+ case 'GET':
+ $this->grantPermissionsToTestedRole(['access content']);
+ break;
+
+ case 'POST':
+ $this->grantPermissionsToTestedRole(['access content', 'create camelids content']);
+ break;
+
+ case 'PATCH':
+ // Do not grant the 'create url aliases' permission to test the case
+ // when the path field is protected/not accessible, see
+ // \Drupal\Tests\rest\Functional\EntityResource\Term\TermResourceTestBase
+ // for a positive test.
+ $this->grantPermissionsToTestedRole(['access content', 'edit any camelids content']);
+ break;
+
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['access content', 'delete any camelids content']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ if (!NodeType::load('camelids')) {
+ // Create a "Camelids" node type.
+ NodeType::create([
+ 'name' => 'Camelids',
+ 'type' => 'camelids',
+ ])->save();
+ }
+
+ // Create a "Llama" node.
+ $node = Node::create(['type' => 'camelids']);
+ $node->setTitle('Llama')
+ ->setOwnerId($this->account->id())
+ ->setPublished(TRUE)
+ ->setCreatedTime(123456789)
+ ->setChangedTime(123456789)
+ ->setRevisionCreationTime(123456789)
+ ->set('path', '/llama')
+ ->save();
+
+ return $node;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $author = User::load($this->entity->getOwnerId());
+ $self_url = Url::fromUri('base:/jsonapi/node/camelids/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ $normalization = [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'node--camelids',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'created' => 123456789,
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'created' => $this->formatExpectedTimestampItemValues(123456789), */
+ 'changed' => $this->entity->getChangedTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'changed' => $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()), */
+ 'default_langcode' => TRUE,
+ 'langcode' => 'en',
+ 'nid' => 1,
+ 'path' => [
+ 'alias' => '/llama',
+ 'pid' => 1,
+ 'langcode' => 'en',
+ ],
+ 'promote' => TRUE,
+ 'revision_log' => NULL,
+ 'revision_timestamp' => 123456789,
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'revision_timestamp' => $this->formatExpectedTimestampItemValues(123456789), */
+ // @todo Attempt to remove this in https://www.drupal.org/project/drupal/issues/2933518.
+ 'revision_translation_affected' => TRUE,
+ 'status' => TRUE,
+ 'sticky' => FALSE,
+ 'title' => 'Llama',
+ 'uuid' => $this->entity->uuid(),
+ 'vid' => 1,
+ ],
+ 'relationships' => [
+ 'type' => [
+ 'data' => [
+ 'id' => NodeType::load('camelids')->uuid(),
+ 'type' => 'node_type--node_type',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/type',
+ 'self' => $self_url . '/relationships/type',
+ ],
+ ],
+ 'uid' => [
+ 'data' => [
+ 'id' => $author->uuid(),
+ 'type' => 'user--user',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/uid',
+ 'self' => $self_url . '/relationships/uid',
+ ],
+ ],
+ 'revision_uid' => [
+ 'data' => [
+ 'id' => $author->uuid(),
+ 'type' => 'user--user',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/revision_uid',
+ 'self' => $self_url . '/relationships/revision_uid',
+ ],
+ ],
+ ],
+ ],
+ ];
+ // @todo Remove this modification when JSON API requires Drupal 8.5 or newer, and do an early return above instead.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ unset($normalization['data']['attributes']['revision_default']);
+ }
+ return $normalization;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'node--camelids',
+ 'attributes' => [
+ 'title' => 'Dramallama',
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET':
+ case 'PATCH':
+ case 'DELETE':
+ return "The 'access content' permission is required.";
+
+ case 'POST':
+ // @see \Drupal\node\NodeAccessControlHandler::createAccess() forbids access without providing a reason if the user doe
+ return '';
+ }
+ }
+
+ /**
+ * Tests PATCHing a node's path with and without 'create url aliases'.
+ *
+ * For a positive test, see the similar test coverage for Term.
+ *
+ * @see \Drupal\Tests\jsonapi\Functional\TermTest::testPatchPath()
+ * @see \Drupal\Tests\rest\Functional\EntityResource\Term\TermResourceTestBase::testPatchPath()
+ */
+ public function testPatchPath() {
+ $this->setUpAuthorization('GET');
+ $this->setUpAuthorization('PATCH');
+
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+
+ // GET node's current normalization.
+ $response = $this->request('GET', $url, $this->getAuthenticationRequestOptions());
+ $normalization = Json::decode((string) $response->getBody());
+
+ // Change node's path alias.
+ $normalization['data']['attributes']['path']['alias'] .= 's-rule-the-world';
+
+ // Create node PATCH request.
+ $request_options = $this->getAuthenticationRequestOptions();
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // PATCH request: 403 when creating URL aliases unauthorized.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected field (path). The following permissions are required: 'create url aliases' OR 'administer url aliases'.",
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/node--camelids/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/path',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected field (path). The following permissions are required: 'create url aliases' OR 'administer url aliases'.", $response, '/data/attributes/path'); */
+
+ // Grant permission to create URL aliases.
+ $this->grantPermissionsToTestedRole(['create url aliases']);
+
+ // Repeat PATCH request: 200.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $updated_normalization = Json::decode((string) $response->getBody());
+ $this->assertSame($normalization['data']['attributes']['path']['alias'], $updated_normalization['data']['attributes']['path']['alias']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function testGetIndividual() {
+ parent::testGetIndividual();
+
+ // Unpublish node.
+ $this->entity->setUnpublished()->save();
+
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = $this->getAuthenticationRequestOptions();
+
+ // 403 when accessing own unpublished node.
+ $response = $this->request('GET', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => 'The current user is not allowed to GET the selected resource.',
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/node--camelids/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, 'The current user is not allowed to GET the selected resource.', $response, '/data'); */
+
+ // 200 after granting permission.
+ $this->grantPermissionsToTestedRole(['view own unpublished content']);
+ $response = $this->request('GET', $url, $request_options);
+ // The response varies by 'user', causing the 'user.permissions' cache
+ // context to be optimized away.
+ $expected_cache_contexts = Cache::mergeContexts($this->getExpectedCacheContexts(), ['user']);
+ $expected_cache_contexts = array_diff($expected_cache_contexts, ['user.permissions']);
+ $this->assertResourceResponse(200, FALSE, $response, $this->getExpectedCacheTags(), $expected_cache_contexts, FALSE, 'UNCACHEABLE');
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/NodeTypeTest.php b/core/modules/jsonapi/tests/src/Functional/NodeTypeTest.php
new file mode 100644
index 0000000..474d0bc
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/NodeTypeTest.php
@@ -0,0 +1,114 @@
+grantPermissionsToTestedRole(['administer content types', 'access content']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" node type.
+ $camelids = NodeType::create([
+ 'name' => 'Camelids',
+ 'type' => 'camelids',
+ 'description' => 'Camelids are large, strictly herbivorous animals with slender necks and long legs.',
+ ]);
+
+ $camelids->save();
+
+ return $camelids;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/node_type/node_type/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'node_type--node_type',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'description' => 'Camelids are large, strictly herbivorous animals with slender necks and long legs.',
+ 'display_submitted' => TRUE,
+ 'help' => NULL,
+ 'langcode' => 'en',
+ 'name' => 'Camelids',
+ 'new_revision' => TRUE,
+ 'preview_mode' => 1,
+ 'status' => TRUE,
+ 'type' => 'camelids',
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ return "The 'access content' permission is required.";
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/RdfMappingTest.php b/core/modules/jsonapi/tests/src/Functional/RdfMappingTest.php
new file mode 100644
index 0000000..ddb9f96
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/RdfMappingTest.php
@@ -0,0 +1,149 @@
+grantPermissionsToTestedRole(['administer site configuration']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" node type.
+ $camelids = NodeType::create([
+ 'name' => 'Camelids',
+ 'type' => 'camelids',
+ ]);
+
+ $camelids->save();
+
+ // Create the RDF mapping.
+ $llama = RdfMapping::create([
+ 'targetEntityType' => 'node',
+ 'bundle' => 'camelids',
+ ]);
+ $llama->setBundleMapping([
+ 'types' => ['sioc:Item', 'foaf:Document'],
+ ])
+ ->setFieldMapping('title', [
+ 'properties' => ['dc:title'],
+ ])
+ ->setFieldMapping('created', [
+ 'properties' => ['dc:date', 'dc:created'],
+ 'datatype' => 'xsd:dateTime',
+ 'datatype_callback' => ['callable' => 'Drupal\rdf\CommonDataConverter::dateIso8601Value'],
+ ])
+ ->save();
+
+ return $llama;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/rdf_mapping/rdf_mapping/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'rdf_mapping--rdf_mapping',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'bundle' => 'camelids',
+ 'dependencies' => [
+ 'config' => [
+ 'node.type.camelids',
+ ],
+ 'module' => [
+ 'node',
+ ],
+ ],
+ 'fieldMappings' => [
+ 'title' => [
+ 'properties' => [
+ 'dc:title',
+ ],
+ ],
+ 'created' => [
+ 'properties' => [
+ 'dc:date',
+ 'dc:created',
+ ],
+ 'datatype' => 'xsd:dateTime',
+ 'datatype_callback' => [
+ 'callable' => 'Drupal\rdf\CommonDataConverter::dateIso8601Value',
+ ],
+ ],
+ ],
+ 'id' => 'node.camelids',
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'targetEntityType' => 'node',
+ 'types' => [
+ 'sioc:Item',
+ 'foaf:Document',
+ ],
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php b/core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php
new file mode 100644
index 0000000..dd40d9c
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ResourceResponseTestTrait.php
@@ -0,0 +1,392 @@
+ 0);
+ $merged_document = [];
+ $merged_cacheability = new CacheableMetadata();
+ foreach ($responses as $response) {
+ $response_document = $response->getResponseData();
+ if (!empty($response_document['errors'])) {
+ // If any of the response documents had top-level errors, we should
+ // later expect the document to have 'meta' errors too.
+ foreach ($response_document['errors'] as $error) {
+ if ($is_multiple) {
+ unset($error['source']['pointer']);
+ $merged_document['meta']['errors'][] = $error;
+ }
+ else {
+ $merged_document['errors'][] = $error;
+ }
+ }
+ }
+ elseif (isset($response_document['data'])) {
+ $response_data = $response_document['data'];
+ if (!isset($merged_document['data'])) {
+ $merged_document['data'] = static::isResourceIdentifier($response_data) && $is_multiple
+ ? [$response_data]
+ : $response_data;
+ }
+ else {
+ $response_resources = static::isResourceIdentifier($response_data)
+ ? [$response_data]
+ : $response_data;
+ foreach ($response_resources as $response_resource) {
+ $merged_document['data'][] = $response_resource;
+ }
+ }
+ }
+ $merged_cacheability->addCacheableDependency($response->getCacheableMetadata());
+ }
+ // Until we can reasonably know what caused an error, we shouldn't include
+ // 'self' links in error documents. For example, a 404 shouldn't have a
+ // 'self' link because HATEOAS links shouldn't point to resources which do
+ // not exist.
+ if (isset($merged_document['errors'])) {
+ unset($merged_document['links']);
+ }
+ else {
+ $merged_document['links'] = ['self' => $self_link];
+ // @todo Assign this to every document, even with errors in https://www.drupal.org/project/jsonapi/issues/2949807
+ $merged_document['jsonapi'] = [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ];
+ }
+ // If any successful code exists, use that one. Partial success isn't
+ // defined by HTTP semantics. When different response codes exist, fall
+ // back to a more general code. Any one success will make the merged request
+ // a success.
+ $merged_response_code = array_reduce($responses, function ($merged_response_code, $response) {
+ $response_code = $response->getStatusCode();
+ assert($response_code >= 200 && $response_code < 500, 'Responses must be valid and complete to be merged.');
+ assert(!($response_code >= 300 && $response_code < 400), 'Redirect responses cannot be merged.');
+ // In the initial case, use the first response code.
+ if (is_null($merged_response_code)) {
+ return $response_code;
+ }
+ // If the codes match, keep them.
+ elseif ($merged_response_code === $response_code) {
+ return $merged_response_code;
+ }
+ // If the current code or the prior code is successful, use a general 200.
+ elseif (($response_code >= 200 && $response_code < 300) || ($merged_response_code >= 200 && $merged_response_code < 300)) {
+ return 200;
+ }
+ // There are different client errors, return a general 400.
+ else {
+ return 400;
+ }
+ }, NULL);
+ return (new ResourceResponse($merged_document, $merged_response_code))->addCacheableDependency($merged_cacheability);
+ }
+
+ /**
+ * Maps an array of PSR responses to JSON API ResourceResponses.
+ *
+ * @param \Psr\Http\Message\ResponseInterface[] $responses
+ * The PSR responses to be mapped.
+ *
+ * @return \Drupal\jsonapi\ResourceResponse[]
+ * The ResourceResponses.
+ */
+ protected static function toResourceResponses(array $responses) {
+ return array_map([self::class, 'toResourceResponse'], $responses);
+ }
+
+ /**
+ * Maps a response object to a JSON API ResourceResponse.
+ *
+ * This helper can be used to ease comparing, recording and merging
+ * cacheable responses and to have easier access to the JSON API document as
+ * an array instead of a string.
+ *
+ * @param \Psr\Http\Message\ResponseInterface $response
+ * A PSR response to be mapped.
+ *
+ * @return \Drupal\jsonapi\ResourceResponse
+ * The ResourceResponse.
+ */
+ protected static function toResourceResponse(ResponseInterface $response) {
+ $cacheability = new CacheableMetadata();
+ if ($cache_tags = $response->getHeader('X-Drupal-Cache-Tags')) {
+ $cacheability->addCacheTags(explode(' ', $cache_tags[0]));
+ }
+ if ($cache_contexts = $response->getHeader('X-Drupal-Cache-Contexts')) {
+ $cacheability->addCacheContexts(explode(' ', $cache_contexts[0]));
+ }
+ if ($dynamic_cache = $response->getHeader('X-Drupal-Dynamic-Cache')) {
+ $cacheability->setCacheMaxAge(($dynamic_cache[0] === 'UNCACHEABLE') ? 0 : Cache::PERMANENT);
+ }
+ $related_document = Json::decode($response->getBody());
+ $resource_response = new ResourceResponse($related_document, $response->getStatusCode());
+ return $resource_response->addCacheableDependency($cacheability);
+ }
+
+ /**
+ * Maps an entity to a resource identifier.
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ * The entity to map to a resource identifier.
+ *
+ * @return array
+ * A resource identifier for the given entity.
+ */
+ protected static function toResourceIdentifier(EntityInterface $entity) {
+ return [
+ 'type' => $entity->getEntityTypeId() . '--' . $entity->bundle(),
+ 'id' => $entity->uuid(),
+ ];
+ }
+
+ /**
+ * Checks if a given array is a resource identifier.
+ *
+ * @param array $data
+ * An array to check.
+ *
+ * @return bool
+ * TRUE if the array has a type and ID, FALSE otherwise.
+ */
+ protected static function isResourceIdentifier(array $data) {
+ return array_key_exists('type', $data) && array_key_exists('id', $data);
+ }
+
+ /**
+ * Sorts a collection of resources or resource identifiers.
+ *
+ * This is useful for asserting collections or resources where order cannot
+ * be known in advance.
+ *
+ * @param array $resources
+ * The resource or resource identifier.
+ */
+ protected static function sortResourceCollection(array &$resources) {
+ usort($resources, function ($a, $b) {
+ return strcmp("{$a['type']}:{$a['id']}", "{$b['type']}:{$b['id']}");
+ });
+ }
+
+ /**
+ * Determines if a given resource exists in a list of resources.
+ *
+ * @param array $needle
+ * The resource or resource identifier.
+ * @param array $haystack
+ * The list of resources or resource identifiers to search.
+ *
+ * @return bool
+ * TRUE if the needle exists is present in the haystack, FALSE otherwise.
+ */
+ protected static function collectionHasResourceIdentifier(array $needle, array $haystack) {
+ foreach ($haystack as $resource) {
+ if ($resource['type'] == $needle['type'] && $resource['id'] == $needle['id']) {
+ return TRUE;
+ }
+ }
+ return FALSE;
+ }
+
+ /**
+ * Turns a list of relationship field names into an array of link paths.
+ *
+ * @param array $relationship_field_names
+ * The relationships field names for which to build link paths.
+ * @param string $type
+ * The type of link to get. Either 'relationship' or 'related'.
+ *
+ * @return array
+ * An array of link paths, keyed by relationship field name.
+ */
+ protected static function getLinkPaths(array $relationship_field_names, $type) {
+ assert($type === 'relationship' || $type === 'related');
+ return array_reduce($relationship_field_names, function ($link_paths, $relationship_field_name) use ($type) {
+ $tail = $type === 'relationship' ? 'self' : $type;
+ $link_paths[$relationship_field_name] = "data.relationships.$relationship_field_name.links.$tail";
+ return $link_paths;
+ }, []);
+ }
+
+ /**
+ * Extracts links from a document using a list of relationship field names.
+ *
+ * @param array $link_paths
+ * A list of paths to link values keyed by a name.
+ * @param array $document
+ * A JSON API document.
+ *
+ * @return array
+ * The extracted links, keyed by the original associated key name.
+ */
+ protected static function extractLinks(array $link_paths, array $document) {
+ return array_map(function ($link_path) use ($document) {
+ $link = array_reduce(
+ explode('.', $link_path),
+ 'array_column',
+ [$document]
+ );
+ return ($link) ? reset($link) : NULL;
+ }, $link_paths);
+ }
+
+ /**
+ * Creates individual resource links for a list of resource identifiers.
+ *
+ * @param array $resource_identifiers
+ * A list of resource identifiers for which to create links.
+ *
+ * @return string[]
+ * The resource links.
+ */
+ protected static function getResourceLinks(array $resource_identifiers) {
+ return array_map([static::class, 'getResourceLink'], $resource_identifiers);
+ }
+
+ /**
+ * Creates an individual resource link for a given resource identifier.
+ *
+ * @param array $resource_identifier
+ * A resource identifier for which to create a link.
+ *
+ * @return string
+ * The resource link.
+ */
+ protected static function getResourceLink(array $resource_identifier) {
+ assert(static::isResourceIdentifier($resource_identifier));
+ $resource_type = $resource_identifier['type'];
+ $resource_id = $resource_identifier['id'];
+ $entity_type_id = explode('--', $resource_type)[0];
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', $resource_type), [$entity_type_id => $resource_id]);
+ return $url->setAbsolute()->toString();
+ }
+
+ /**
+ * Creates a relationship link for a given resource identifier and field.
+ *
+ * @param array $resource_identifier
+ * A resource identifier for which to create a link.
+ * @param string $relationship_field_name
+ * The relationship field for which to create a link.
+ *
+ * @return string
+ * The relationship link.
+ */
+ protected static function getRelationshipLink(array $resource_identifier, $relationship_field_name) {
+ return static::getResourceLink($resource_identifier) . "/relationships/$relationship_field_name";
+ }
+
+ /**
+ * Creates a related resource link for a given resource identifier and field.
+ *
+ * @param array $resource_identifier
+ * A resource identifier for which to create a link.
+ * @param string $relationship_field_name
+ * The relationship field for which to create a link.
+ *
+ * @return string
+ * The related resource link.
+ */
+ protected static function getRelatedLink(array $resource_identifier, $relationship_field_name) {
+ return static::getResourceLink($resource_identifier) . "/$relationship_field_name";
+ }
+
+ /**
+ * Gets an array of related responses for the given field names.
+ *
+ * @param array $relationship_field_names
+ * The list of relationship field names for which to get responses.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return array
+ * The related responses, keyed by relationship field names.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function getRelatedResponses(array $relationship_field_names, array $request_options) {
+ $links = array_map(function ($relationship_field_name) {
+ return static::getRelatedLink(static::toResourceIdentifier($this->entity), $relationship_field_name);
+ }, array_combine($relationship_field_names, $relationship_field_names));
+ return $this->getResponses($links, $request_options);
+ }
+
+ /**
+ * Gets an array of relationship responses for the given field names.
+ *
+ * @param array $relationship_field_names
+ * The list of relationship field names for which to get responses.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return array
+ * The relationship responses, keyed by relationship field names.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function getRelationshipResponses(array $relationship_field_names, array $request_options) {
+ $links = array_map(function ($relationship_field_name) {
+ return static::getRelationshipLink(static::toResourceIdentifier($this->entity), $relationship_field_name);
+ }, array_combine($relationship_field_names, $relationship_field_names));
+ return $this->getResponses($links, $request_options);
+ }
+
+ /**
+ * Gets responses from an array of links.
+ *
+ * @param array $links
+ * A keyed array of links.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return array
+ * The fetched array of responses, keys are preserved.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function getResponses(array $links, array $request_options) {
+ return array_reduce(array_keys($links), function ($related_responses, $key) use ($links, $request_options) {
+ $related_responses[$key] = $this->request('GET', Url::fromUri($links[$key]), $request_options);
+ return $related_responses;
+ }, []);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php b/core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php
new file mode 100644
index 0000000..69754db
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ResourceTestBase.php
@@ -0,0 +1,2194 @@
+serializer = $this->container->get('jsonapi.serializer_do_not_use_removal_imminent');
+ $this->entityToJsonApi = $this->container->get('jsonapi.entity.to_jsonapi');
+
+ // Ensure the anonymous user role has no permissions at all.
+ $user_role = Role::load(RoleInterface::ANONYMOUS_ID);
+ foreach ($user_role->getPermissions() as $permission) {
+ $user_role->revokePermission($permission);
+ }
+ $user_role->save();
+ assert([] === $user_role->getPermissions(), 'The anonymous user role has no permissions at all.');
+
+ // Ensure the authenticated user role has no permissions at all.
+ $user_role = Role::load(RoleInterface::AUTHENTICATED_ID);
+ foreach ($user_role->getPermissions() as $permission) {
+ $user_role->revokePermission($permission);
+ }
+ $user_role->save();
+ assert([] === $user_role->getPermissions(), 'The authenticated user role has no permissions at all.');
+
+ // Create an account, which tests will use. Also ensure the @current_user
+ // service uses this account, to ensure the @jsonapi.entity.to_jsonapi
+ // service that we use to generate expectations matching that of this user.
+ $this->account = $this->createUser();
+ $this->container->get('current_user')->setAccount($this->account);
+
+ // Create an entity.
+ $this->entityStorage = $this->container->get('entity_type.manager')
+ ->getStorage(static::$entityTypeId);
+ $this->entity = $this->createEntity();
+
+ if ($this->entity instanceof FieldableEntityInterface) {
+ // Add access-protected field.
+ FieldStorageConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_rest_test',
+ 'type' => 'text',
+ ])
+ ->setCardinality(1)
+ ->save();
+ FieldConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_rest_test',
+ 'bundle' => $this->entity->bundle(),
+ ])
+ ->setLabel('Test field')
+ ->setTranslatable(FALSE)
+ ->save();
+
+ FieldStorageConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_jsonapi_test_entity_ref',
+ 'type' => 'entity_reference',
+ ])
+ ->setSetting('target_type', 'user')
+ ->setCardinality(FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED)
+ ->save();
+
+ FieldConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_jsonapi_test_entity_ref',
+ 'bundle' => $this->entity->bundle(),
+ ])
+ ->setTranslatable(FALSE)
+ ->setSetting('handler', 'default')
+ ->setSetting('handler_settings', [
+ 'target_bundles' => [$this->account->bundle() => $this->account->bundle()],
+ ])
+ ->save();
+
+ // @todo Do this unconditionally when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) >= 8.5) {
+ // Add multi-value field.
+ FieldStorageConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_rest_test_multivalue',
+ 'type' => 'string',
+ ])
+ ->setCardinality(3)
+ ->save();
+ FieldConfig::create([
+ 'entity_type' => static::$entityTypeId,
+ 'field_name' => 'field_rest_test_multivalue',
+ 'bundle' => $this->entity->bundle(),
+ ])
+ ->setLabel('Test field: multi-value')
+ ->setTranslatable(FALSE)
+ ->save();
+ }
+
+ \Drupal::service('jsonapi.resource_type.repository')->clearCachedDefinitions();
+ \Drupal::service('router.builder')->rebuild();
+
+ // Reload entity so that it has the new field.
+ $reloaded_entity = $this->entityStorage->loadUnchanged($this->entity->id());
+ // Some entity types are not stored, hence they cannot be reloaded.
+ if ($reloaded_entity !== NULL) {
+ $this->entity = $reloaded_entity;
+
+ // Set a default value on the fields.
+ $this->entity->set('field_rest_test', ['value' => 'All the faith he had had had had no effect on the outcome of his life.']);
+ $this->entity->set('field_jsonapi_test_entity_ref', ['user' => $this->account->id()]);
+ // @todo Do this unconditionally when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) >= 8.5) {
+ $this->entity->set('field_rest_test_multivalue', [['value' => 'One'], ['value' => 'Two']]);
+ }
+ $this->entity->save();
+ }
+ }
+ }
+
+ /**
+ * Creates the entity to be tested.
+ *
+ * @return \Drupal\Core\Entity\EntityInterface
+ * The entity to be tested.
+ */
+ abstract protected function createEntity();
+
+ /**
+ * Creates another entity to be tested.
+ *
+ * @return \Drupal\Core\Entity\EntityInterface
+ * Another entity based on $this->entity.
+ */
+ protected function createAnotherEntity() {
+ $entity = $this->entity->createDuplicate();
+ $label_key = $entity->getEntityType()->getKey('label');
+ if ($label_key) {
+ $entity->set($label_key, $entity->label() . '_dupe');
+ }
+ $entity->save();
+ return $entity;
+ }
+
+ /**
+ * Returns the expected JSON API document for the entity.
+ *
+ * @see ::createEntity()
+ *
+ * @return array
+ * A JSON API response document.
+ */
+ abstract protected function getExpectedDocument();
+
+ /**
+ * Returns the JSON API POST document.
+ *
+ * @see ::testPostIndividual()
+ *
+ * @return array
+ * A JSON API request document.
+ */
+ abstract protected function getPostDocument();
+
+ /**
+ * Returns the JSON API PATCH document.
+ *
+ * By default, reuses ::getPostDocument(), which works fine for most entity
+ * types. A counter example: the 'comment' entity type.
+ *
+ * @see ::testPatchIndividual()
+ *
+ * @return array
+ * A JSON API request document.
+ */
+ protected function getPatchDocument() {
+ return NestedArray::mergeDeep(['data' => ['id' => $this->entity->uuid()]], $this->getPostDocument());
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessCacheability() {
+ return (new CacheableMetadata())
+ ->setCacheTags(['4xx-response', 'http_response'])
+ ->setCacheContexts(['user.permissions']);
+ }
+
+ /**
+ * The expected cache tags for the GET/HEAD response of the test entity.
+ *
+ * @param array|null $sparse_fieldset
+ * If a sparse fieldset is being requested, limit the expected cache tags
+ * for this entity's fields to just these fields.
+ *
+ * @return string[]
+ * A set of cache tags.
+ *
+ * @see ::testGetIndividual()
+ */
+ protected function getExpectedCacheTags(array $sparse_fieldset = NULL) {
+ $expected_cache_tags = [
+ 'http_response',
+ ];
+ return Cache::mergeTags($expected_cache_tags, $this->entity->getCacheTags());
+ }
+
+ /**
+ * The expected cache contexts for the GET/HEAD response of the test entity.
+ *
+ * @param array|null $sparse_fieldset
+ * If a sparse fieldset is being requested, limit the expected cache
+ * contexts for this entity's fields to just these fields.
+ *
+ * @return string[]
+ * A set of cache contexts.
+ *
+ * @see ::testGetIndividual()
+ */
+ protected function getExpectedCacheContexts(array $sparse_fieldset = NULL) {
+ return [
+ // Cache contexts for JSON API URL query parameters.
+ 'url.query_args:fields',
+ 'url.query_args:filter',
+ 'url.query_args:include',
+ 'url.query_args:page',
+ 'url.query_args:sort',
+ // Drupal defaults.
+ 'url.site',
+ 'user.permissions',
+ ];
+ }
+
+ /**
+ * Sets up the necessary authorization.
+ *
+ * In case of a test verifying publicly accessible REST resources: grant
+ * permissions to the anonymous user role.
+ *
+ * In case of a test verifying behavior when using a particular authentication
+ * provider: create a user with a particular set of permissions.
+ *
+ * Because of the $method parameter, it's possible to first set up
+ * authentication for only GET, then add POST, et cetera. This then also
+ * allows for verifying a 403 in case of missing authorization.
+ *
+ * @param string $method
+ * The HTTP method for which to set up authentication.
+ *
+ * @see ::grantPermissionsToAnonymousRole()
+ * @see ::grantPermissionsToAuthenticatedRole()
+ */
+ abstract protected function setUpAuthorization($method);
+
+ /**
+ * Return the expected error message.
+ *
+ * @param string $method
+ * The HTTP method (GET, POST, PATCH, DELETE).
+ *
+ * @return string
+ * The error string.
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ $permission = $this->entity->getEntityType()->getAdminPermission();
+ if ($permission !== FALSE) {
+ return "The '{$permission}' permission is required.";
+ }
+
+ return NULL;
+ }
+
+ /**
+ * Grants permissions to the authenticated role.
+ *
+ * @param string[] $permissions
+ * Permissions to grant.
+ */
+ protected function grantPermissionsToTestedRole(array $permissions) {
+ $this->grantPermissions(Role::load(RoleInterface::AUTHENTICATED_ID), $permissions);
+ }
+
+ /**
+ * Performs a HTTP request. Wraps the Guzzle HTTP client.
+ *
+ * Why wrap the Guzzle HTTP client? Because we want to keep the actual test
+ * code as simple as possible, and hence not require them to specify the
+ * 'http_errors = FALSE' request option, nor do we want them to have to
+ * convert Drupal Url objects to strings.
+ *
+ * We also don't want to follow redirects automatically, to ensure these tests
+ * are able to detect when redirects are added or removed.
+ *
+ * @param string $method
+ * HTTP method.
+ * @param \Drupal\Core\Url $url
+ * URL to request.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return \Psr\Http\Message\ResponseInterface
+ * The response.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function request($method, Url $url, array $request_options) {
+ $request_options[RequestOptions::HTTP_ERRORS] = FALSE;
+ $request_options[RequestOptions::ALLOW_REDIRECTS] = FALSE;
+ $request_options = $this->decorateWithXdebugCookie($request_options);
+ $client = $this->getSession()->getDriver()->getClient()->getClient();
+ return $client->request($method, $url->setAbsolute(TRUE)->toString(), $request_options);
+ }
+
+ /**
+ * Asserts that a resource response has the given status code and body.
+ *
+ * @param int $expected_status_code
+ * The expected response status.
+ * @param array|null|false $expected_document
+ * The expected document or NULL if there should not be a response body.
+ * FALSE in case this should not be asserted.
+ * @param \Psr\Http\Message\ResponseInterface $response
+ * The response to assert.
+ * @param string[]|false $expected_cache_tags
+ * (optional) The expected cache tags in the X-Drupal-Cache-Tags response
+ * header, or FALSE if that header should be absent. Defaults to FALSE.
+ * @param string[]|false $expected_cache_contexts
+ * (optional) The expected cache contexts in the X-Drupal-Cache-Contexts
+ * response header, or FALSE if that header should be absent. Defaults to
+ * FALSE.
+ * @param string|false $expected_page_cache_header_value
+ * (optional) The expected X-Drupal-Cache response header value, or FALSE if
+ * that header should be absent. Possible strings: 'MISS', 'HIT'. Defaults
+ * to FALSE.
+ * @param string|false $expected_dynamic_page_cache_header_value
+ * (optional) The expected X-Drupal-Dynamic-Cache response header value, or
+ * FALSE if that header should be absent. Possible strings: 'MISS', 'HIT'.
+ * Defaults to FALSE.
+ */
+ protected function assertResourceResponse($expected_status_code, $expected_document, ResponseInterface $response, $expected_cache_tags = FALSE, $expected_cache_contexts = FALSE, $expected_page_cache_header_value = FALSE, $expected_dynamic_page_cache_header_value = FALSE) {
+ $this->assertSame($expected_status_code, $response->getStatusCode());
+ if ($expected_status_code === 204) {
+ // DELETE responses should not include a Content-Type header. But Apache
+ // sets it to 'text/html' by default. We also cannot detect the presence
+ // of Apache either here in the CLI. For now having this documented here
+ // is all we can do.
+ /* $this->assertSame(FALSE, $response->hasHeader('Content-Type')); */
+ $this->assertSame('', (string) $response->getBody());
+ }
+ else {
+ $this->assertSame(['application/vnd.api+json'], $response->getHeader('Content-Type'));
+ if ($expected_document !== FALSE) {
+ $response_document = Json::decode((string) $response->getBody());
+ if ($expected_document === NULL) {
+ $this->assertNull($response_document);
+ }
+ else {
+ $this->assertSameDocument($expected_document, $response_document);
+ }
+ }
+ }
+
+ // Expected cache tags: X-Drupal-Cache-Tags header.
+ $this->assertSame($expected_cache_tags !== FALSE, $response->hasHeader('X-Drupal-Cache-Tags'));
+ if (is_array($expected_cache_tags)) {
+ $this->assertSame($expected_cache_tags, explode(' ', $response->getHeader('X-Drupal-Cache-Tags')[0]));
+ }
+
+ // Expected cache contexts: X-Drupal-Cache-Contexts header.
+ $this->assertSame($expected_cache_contexts !== FALSE, $response->hasHeader('X-Drupal-Cache-Contexts'));
+ if (is_array($expected_cache_contexts)) {
+ $optimized_expected_cache_contexts = \Drupal::service('cache_contexts_manager')->optimizeTokens($expected_cache_contexts);
+ $this->assertSame($optimized_expected_cache_contexts, explode(' ', $response->getHeader('X-Drupal-Cache-Contexts')[0]));
+ }
+
+ // Expected Page Cache header value: X-Drupal-Cache header.
+ if ($expected_page_cache_header_value !== FALSE) {
+ $this->assertTrue($response->hasHeader('X-Drupal-Cache'));
+ $this->assertSame($expected_page_cache_header_value, $response->getHeader('X-Drupal-Cache')[0]);
+ }
+ else {
+ $this->assertFalse($response->hasHeader('X-Drupal-Cache'));
+ }
+
+ // Expected Dynamic Page Cache header value: X-Drupal-Dynamic-Cache header.
+ if ($expected_dynamic_page_cache_header_value !== FALSE) {
+ $this->assertTrue($response->hasHeader('X-Drupal-Dynamic-Cache'));
+ $this->assertSame($expected_dynamic_page_cache_header_value, $response->getHeader('X-Drupal-Dynamic-Cache')[0]);
+ }
+ else {
+ $this->assertFalse($response->hasHeader('X-Drupal-Dynamic-Cache'));
+ }
+ }
+
+ /**
+ * Asserts that an expected document matches the response body.
+ *
+ * @param array $expected_document
+ * The expected JSON API document.
+ * @param array $actual_document
+ * The actual response document to assert.
+ */
+ protected function assertSameDocument(array $expected_document, array $actual_document) {
+ static::recursiveKsort($expected_document);
+ static::recursiveKsort($actual_document);
+ $this->assertSame($expected_document, $actual_document);
+ }
+
+ /**
+ * Asserts that a resource error response has the given message.
+ *
+ * @param int $expected_status_code
+ * The expected response status.
+ * @param string $expected_message
+ * The expected error message.
+ * @param \Psr\Http\Message\ResponseInterface $response
+ * The error response to assert.
+ * @param string|false $pointer
+ * The expected JSON Pointer to the associated entity in the request
+ * document. See http://jsonapi.org/format/#error-objects.
+ * @param string[]|false $expected_cache_tags
+ * (optional) The expected cache tags in the X-Drupal-Cache-Tags response
+ * header, or FALSE if that header should be absent. Defaults to FALSE.
+ * @param string[]|false $expected_cache_contexts
+ * (optional) The expected cache contexts in the X-Drupal-Cache-Contexts
+ * response header, or FALSE if that header should be absent. Defaults to
+ * FALSE.
+ * @param string|false $expected_page_cache_header_value
+ * (optional) The expected X-Drupal-Cache response header value, or FALSE if
+ * that header should be absent. Possible strings: 'MISS', 'HIT'. Defaults
+ * to FALSE.
+ * @param string|false $expected_dynamic_page_cache_header_value
+ * (optional) The expected X-Drupal-Dynamic-Cache response header value, or
+ * FALSE if that header should be absent. Possible strings: 'MISS', 'HIT'.
+ * Defaults to FALSE.
+ */
+ protected function assertResourceErrorResponse($expected_status_code, $expected_message, ResponseInterface $response, $pointer = FALSE, $expected_cache_tags = FALSE, $expected_cache_contexts = FALSE, $expected_page_cache_header_value = FALSE, $expected_dynamic_page_cache_header_value = FALSE) {
+ $expected_error = [];
+ if (!empty(Response::$statusTexts[$expected_status_code])) {
+ $expected_error['title'] = Response::$statusTexts[$expected_status_code];
+ }
+ $expected_error['status'] = $expected_status_code;
+ $expected_error['detail'] = $expected_message;
+ if ($info_url = HttpExceptionNormalizer::getInfoUrl($expected_status_code)) {
+ $expected_error['links']['info'] = $info_url;
+ }
+ // @todo Remove in https://www.drupal.org/project/jsonapi/issues/2934362.
+ $expected_error['code'] = 0;
+ if ($pointer !== FALSE) {
+ $expected_error['source']['pointer'] = $pointer;
+ }
+
+ $expected_document = [
+ 'errors' => [
+ 0 => $expected_error,
+ ],
+ ];
+ $this->assertResourceResponse($expected_status_code, $expected_document, $response, $expected_cache_tags, $expected_cache_contexts, $expected_page_cache_header_value, $expected_dynamic_page_cache_header_value);
+ }
+
+ /**
+ * Adds the Xdebug cookie to the request options.
+ *
+ * @param array $request_options
+ * The request options.
+ *
+ * @return array
+ * Request options updated with the Xdebug cookie if present.
+ */
+ protected function decorateWithXdebugCookie(array $request_options) {
+ $session = $this->getSession();
+ $driver = $session->getDriver();
+ if ($driver instanceof BrowserKitDriver) {
+ $client = $driver->getClient();
+ foreach ($client->getCookieJar()->all() as $cookie) {
+ if (isset($request_options[RequestOptions::HEADERS]['Cookie'])) {
+ $request_options[RequestOptions::HEADERS]['Cookie'] .= '; ' . $cookie->getName() . '=' . $cookie->getValue();
+ }
+ else {
+ $request_options[RequestOptions::HEADERS]['Cookie'] = $cookie->getName() . '=' . $cookie->getValue();
+ }
+ }
+ }
+ return $request_options;
+ }
+
+ /**
+ * Makes the JSON API document violate the spec by omitting the resource type.
+ *
+ * @param array $document
+ * A JSON API document.
+ *
+ * @return array
+ * The same JSON API document, without its resource type.
+ */
+ protected function removeResourceTypeFromDocument(array $document) {
+ unset($document['data']['type']);
+ return $document;
+ }
+
+ /**
+ * Makes the given JSON API document invalid.
+ *
+ * @param array $document
+ * A JSON API document.
+ * @param string $entity_key
+ * The entity key whose normalization to make invalid.
+ *
+ * @return array
+ * The updated JSON API document, now invalid.
+ */
+ protected function makeNormalizationInvalid(array $document, $entity_key) {
+ $entity_type = $this->entity->getEntityType();
+ switch ($entity_key) {
+ case 'label':
+ // Add a second label to this entity to make it invalid.
+ $label_field = $entity_type->hasKey('label') ? $entity_type->getKey('label') : static::$labelFieldName;
+ $document['data']['attributes'][$label_field] = [
+ 0 => $document['data']['attributes'][$label_field],
+ 1 => 'Second Title',
+ ];
+ break;
+
+ case 'id':
+ $document['data']['attributes'][$entity_type->getKey('id')] = $this->anotherEntity->id();
+ break;
+
+ case 'uuid':
+ $document['data']['id'] = $this->anotherEntity->uuid();
+ break;
+ }
+
+ return $document;
+ }
+
+ /**
+ * Tests GETting an individual resource, plus edge cases to ensure good DX.
+ */
+ public function testGetIndividual() {
+ // The URL and Guzzle request options that will be used in this test. The
+ // request options will be modified/expanded throughout this test:
+ // - to first test all mistakes a developer might make, and assert that the
+ // error responses provide a good DX
+ // - to eventually result in a well-formed request that succeeds.
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // DX: 403 when unauthorized.
+ $response = $this->request('GET', $url, $request_options);
+ $expected_403_cacheability = $this->getExpectedUnauthorizedAccessCacheability();
+ $reason = $this->getExpectedUnauthorizedAccessMessage('GET');
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to GET the selected resource." . (strlen($reason) ? ' ' . $reason : ''),
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to GET the selected resource." . (strlen($reason) ? ' ' . $reason : ''), $response, '/data'); */
+ // @todo Uncomment in https://www.drupal.org/project/jsonapi/issues/2929428.
+ /* $this->assertResourceResponse(403, $expected_document, $response, $expected_403_cacheability->getCacheTags(), $expected_403_cacheability->getCacheContexts(), FALSE, 'MISS'); */
+ $this->assertArrayNotHasKey('Link', $response->getHeaders());
+
+ $this->setUpAuthorization('GET');
+
+ // 200 for well-formed HEAD request.
+ $response = $this->request('HEAD', $url, $request_options);
+ $this->assertResourceResponse(200, NULL, $response, $this->getExpectedCacheTags(), $this->getExpectedCacheContexts(), FALSE, 'MISS');
+ $head_headers = $response->getHeaders();
+
+ // 200 for well-formed GET request. Page Cache hit because of HEAD request.
+ // Same for Dynamic Page Cache hit.
+ $response = $this->request('GET', $url, $request_options);
+
+ $this->assertResourceResponse(200, $this->getExpectedDocument(), $response, $this->getExpectedCacheTags(), $this->getExpectedCacheContexts(), FALSE, 'HIT');
+ // Assert that Dynamic Page Cache did not store a ResourceResponse object,
+ // which needs serialization after every cache hit. Instead, it should
+ // contain a flattened response. Otherwise performance suffers.
+ // @see \Drupal\jsonapi\EventSubscriber\ResourceResponseSubscriber::flattenResponse()
+ $cache_items = $this->container->get('database')
+ ->query("SELECT cid, data FROM {cache_dynamic_page_cache} WHERE cid LIKE :pattern", [
+ ':pattern' => '%[route]=jsonapi.%',
+ ])
+ ->fetchAllAssoc('cid');
+ $this->assertTrue(count($cache_items) >= 2);
+ $found_cache_redirect = FALSE;
+ $found_cached_200_response = FALSE;
+ $other_cached_responses_are_4xx = TRUE;
+ foreach ($cache_items as $cid => $cache_item) {
+ $cached_data = unserialize($cache_item->data);
+ if (!isset($cached_data['#cache_redirect'])) {
+ $cached_response = $cached_data['#response'];
+ if ($cached_response->getStatusCode() === 200) {
+ $found_cached_200_response = TRUE;
+ }
+ elseif (!$cached_response->isClientError()) {
+ $other_cached_responses_are_4xx = FALSE;
+ }
+ $this->assertNotInstanceOf(ResourceResponse::class, $cached_response);
+ $this->assertInstanceOf(CacheableResponseInterface::class, $cached_response);
+ }
+ else {
+ $found_cache_redirect = TRUE;
+ }
+ }
+ $this->assertTrue($found_cache_redirect);
+ $this->assertTrue($found_cached_200_response);
+ $this->assertTrue($other_cached_responses_are_4xx);
+
+ // Not only assert the normalization, also assert deserialization of the
+ // response results in the expected object.
+ // @todo Uncomment this in https://www.drupal.org/project/jsonapi/issues/2942561#comment-12472704.
+ // @codingStandardsIgnoreStart
+ /*
+ $unserialized = $this->serializer->deserialize((string) $response->getBody(), get_class($this->entity), 'api_json', [
+ 'target_entity' => static::$entityTypeId,
+ 'resource_type' => $this->container->get('jsonapi.resource_type.repository')->getByTypeName(static::$resourceTypeName),
+ ]);
+ $this->assertSame($unserialized->uuid(), $this->entity->uuid());
+ */
+ // @codingStandardsIgnoreEnd
+ $get_headers = $response->getHeaders();
+
+ // Verify that the GET and HEAD responses are the same. The only difference
+ // is that there's no body. For this reason the 'Transfer-Encoding' and
+ // 'Vary' headers are also added to the list of headers to ignore, as they
+ // may be added to GET requests, depending on web server configuration. They
+ // are usually 'Transfer-Encoding: chunked' and 'Vary: Accept-Encoding'.
+ $ignored_headers = [
+ 'Date',
+ 'Content-Length',
+ 'X-Drupal-Cache',
+ 'X-Drupal-Dynamic-Cache',
+ 'Transfer-Encoding',
+ 'Vary',
+ ];
+ $header_cleaner = function ($headers) use ($ignored_headers) {
+ foreach ($headers as $header => $value) {
+ if (strpos($header, 'X-Drupal-Assertion-') === 0 || in_array($header, $ignored_headers)) {
+ unset($headers[$header]);
+ }
+ }
+ return $headers;
+ };
+ $get_headers = $header_cleaner($get_headers);
+ $head_headers = $header_cleaner($head_headers);
+ $this->assertSame($get_headers, $head_headers);
+
+ // @todo Uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932.
+ // @codingStandardsIgnoreStart
+ /*
+ // BC: serialization_update_8401().
+ // Only run this for fieldable entities. It doesn't make sense for config
+ // entities as config values always use the raw values (as per the config
+ // schema), returned directly from the ConfigEntityNormalizer, which
+ // doesn't deal with fields individually.
+ if ($this->entity instanceof FieldableEntityInterface) {
+ // Test the BC settings for timestamp values.
+ $this->config('serialization.settings')->set('bc_timestamp_normalizer_unix', TRUE)->save(TRUE);
+ // Rebuild the container so new config is reflected in the addition of the
+ // TimestampItemNormalizer.
+ $this->rebuildAll();
+
+ $response = $this->request('GET', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response, $this->getExpectedCacheTags(), $this->getExpectedCacheContexts(), static::$auth ? FALSE : 'MISS', 'MISS');
+
+ // This ensures the BC layer for bc_timestamp_normalizer_unix works as
+ // expected. This method should be using
+ // ::formatExpectedTimestampValue() to generate the timestamp value. This
+ // will take into account the above config setting.
+ $expected = $this->getExpectedNormalizedEntity();
+ // Config entities are not affected.
+ // @see \Drupal\serialization\Normalizer\ConfigEntityNormalizer::normalize()
+ static::recursiveKsort($expected);
+ $actual = Json::decode((string) $response->getBody());
+ static::recursiveKsort($actual);
+ $this->assertSame($expected, $actual);
+
+ // Reset the config value and rebuild.
+ $this->config('serialization.settings')->set('bc_timestamp_normalizer_unix', FALSE)->save(TRUE);
+ $this->rebuildAll();
+ }
+ */
+ // @codingStandardsIgnoreEnd
+
+ // Feature: Sparse fieldsets.
+ $this->doTestSparseFieldSets($url, $request_options);
+ // Feature: Included.
+ $this->doTestIncluded($url, $request_options);
+
+ // DX: 404 when GETting non-existing entity.
+ $random_uuid = \Drupal::service('uuid')->generate();
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $random_uuid]);
+ $response = $this->request('GET', $url, $request_options);
+ $message_url = clone $url;
+ $path = str_replace($random_uuid, '{' . static::$entityTypeId . '}', $message_url->setAbsolute()->setOptions(['base_url' => '', 'query' => []])->toString());
+ $message = 'The "' . static::$entityTypeId . '" parameter was not converted for the path "' . $path . '" (route name: "jsonapi.' . static::$resourceTypeName . '.individual")';
+ $this->assertResourceErrorResponse(404, $message, $response);
+
+ // DX: when Accept request header is missing, still 404, but HTML response.
+ unset($request_options[RequestOptions::HEADERS]['Accept']);
+ $response = $this->request('GET', $url, $request_options);
+ $this->assertSame(404, $response->getStatusCode());
+ $this->assertSame(['text/html; charset=UTF-8'], $response->getHeader('Content-Type'));
+ }
+
+ /**
+ * Tests GETing related resource of an individual resource.
+ *
+ * Expected responses are built by making requests to 'relationship' routes.
+ * Using the fetched resource identifiers, if any, all targeted resources are
+ * fetched individually. These individual responses are then 'merged' into a
+ * single expected ResourceResponse. This is repeated for every relationship
+ * field of the resource type under test.
+ */
+ public function testRelated() {
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+ $this->doTestRelated($request_options);
+ $this->setUpAuthorization('GET');
+ $this->doTestRelated($request_options);
+ }
+
+ /**
+ * Tests GETing relationships of an individual resource.
+ *
+ * Unlike the "related" routes, relationship routes only return information
+ * about the "relationship" itself, not the targeted resources. For JSON API
+ * with Drupal, relationship routes are like looking at an entity reference
+ * field without loading the entities. It only reveals the type of the
+ * targeted resource and the target resource IDs. These type+ID combos are
+ * referred to as "resource identifiers."
+ */
+ public function testGetRelationships() {
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+ $this->doTestGetRelationships($request_options);
+ $this->setUpAuthorization('GET');
+ $this->doTestGetRelationships($request_options);
+ }
+
+ /**
+ * Performs one round of related route testing.
+ *
+ * By putting this behavior in its own method, authorization and other
+ * variations can be done in the calling method around assertions. For
+ * example, it can be run once with an authorized user and again without one.
+ *
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function doTestRelated(array $request_options) {
+ $relationship_field_names = $this->getRelationshipFieldNames();
+ // If there are no relationship fields, we can't test related routes.
+ if (empty($relationship_field_names)) {
+ return;
+ }
+ // Builds an array of expected responses, keyed by relationship field name.
+ $expected_relationship_responses = $this->getExpectedRelatedResponses($relationship_field_names, $request_options);
+ // Fetches actual responses as an array keyed by relationship field name.
+ $relationship_responses = $this->getRelatedResponses($relationship_field_names, $request_options);
+ foreach ($relationship_field_names as $relationship_field_name) {
+ /* @var \Drupal\jsonapi\ResourceResponse $expected_resource_response */
+ $expected_resource_response = $expected_relationship_responses[$relationship_field_name];
+ /* @var \Psr\Http\Message\ResponseInterface $actual_response */
+ $actual_response = $relationship_responses[$relationship_field_name];
+ // @todo uncomment this assertion in https://www.drupal.org/project/jsonapi/issues/2929428
+ // Dynamic Page Cache miss because cache should vary based on the
+ // 'include' query param.
+ // @codingStandardsIgnoreStart
+ //$expected_cacheability = $expected_resource_response->getCacheableMetadata();
+ //$this->assertResourceResponse(
+ // $expected_resource_response->getStatusCode(),
+ // $expected_document,
+ // $actual_response,
+ // $expected_cacheability->getCacheTags(),
+ // \Drupal::service('cache_contexts_manager')->optimizeTokens($expected_cacheability->getCacheContexts()),
+ // FALSE,
+ // $expected_cacheability->getCacheMaxAge() === 0 ? 'UNCACHEABLE' : 'MISS'
+ //);
+ // @codingStandardsIgnoreEnd
+ $this->assertSame($expected_resource_response->getStatusCode(), $actual_response->getStatusCode());
+ $expected_document = $expected_resource_response->getResponseData();
+ $actual_document = Json::decode((string) $actual_response->getBody());
+ $this->assertSameDocument($expected_document, $actual_document);
+ }
+ }
+
+ /**
+ * Performs one round of relationship route testing.
+ *
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ * @see ::doTestRelated
+ */
+ protected function doTestGetRelationships(array $request_options) {
+ $relationship_field_names = $this->getRelationshipFieldNames();
+ // If there are no relationship fields, we can't test relationship routes.
+ if (empty($relationship_field_names)) {
+ return;
+ }
+ $related_responses = $this->getRelationshipResponses($relationship_field_names, $request_options);
+ foreach ($relationship_field_names as $relationship_field_name) {
+ $expected_resource_response = $this->getExpectedGetRelationshipResponse($relationship_field_name);
+ $expected_document = $expected_resource_response->getResponseData();
+ $actual_response = $related_responses[$relationship_field_name];
+ /* @var \Psr\Http\Message\ResponseInterface $actual_response */
+ $actual_document = Json::decode((string) $actual_response->getBody());
+ $this->assertSameDocument($expected_document, $actual_document);
+ $this->assertSame($expected_resource_response->getStatusCode(), $actual_response->getStatusCode());
+ }
+ }
+
+ /**
+ * Gets an expected ResourceResponse for the given relationship.
+ *
+ * @param string $relationship_field_name
+ * The relationship for which to get an expected response.
+ *
+ * @return \Drupal\jsonapi\ResourceResponse
+ * The expected ResourceResponse.
+ */
+ protected function getExpectedGetRelationshipResponse($relationship_field_name) {
+ $access = $this->entityFieldAccess($this->entity, $relationship_field_name, 'view');
+ if (!$access->isAllowed()) {
+ $detail = 'The current user is not allowed to view this relationship.';
+ if ($access instanceof AccessResultReasonInterface && ($reason = $access->getReason())) {
+ $detail .= ' ' . $reason;
+ }
+ return (new ResourceResponse([
+ 'errors' => [
+ [
+ 'status' => 403,
+ 'title' => 'Forbidden',
+ 'detail' => $detail,
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => $relationship_field_name,
+ ],
+ ],
+ ],
+ ], 403))->addCacheableDependency($access);
+ }
+ $expected_document = $this->getExpectedGetRelationshipDocument($relationship_field_name);
+ $status_code = isset($expected_document['errors'][0]['status']) ? $expected_document['errors'][0]['status'] : 200;
+ $resource_response = new ResourceResponse($expected_document, $status_code);
+ return $resource_response;
+ }
+
+ /**
+ * Gets an expected document for the given relationship.
+ *
+ * @param string $relationship_field_name
+ * The relationship for which to get an expected response.
+ *
+ * @return array
+ * The expected document array.
+ */
+ protected function getExpectedGetRelationshipDocument($relationship_field_name) {
+ $entity_type_id = $this->entity->getEntityTypeId();
+ $bundle = $this->entity->bundle();
+ $id = $this->entity->uuid();
+ $self_link = Url::fromUri("base:/jsonapi/$entity_type_id/$bundle/$id/relationships/$relationship_field_name")->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ $related_link = Url::fromUri("base:/jsonapi/$entity_type_id/$bundle/$id/$relationship_field_name")->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ $data = $this->getExpectedGetRelationshipDocumentData($relationship_field_name);
+ return [
+ 'data' => $data,
+ // @todo Uncomment this in https://www.drupal.org/project/jsonapi/issues/2949807
+ // @codingStandardsIgnoreStart
+ //'jsonapi' => [
+ // 'meta' => [
+ // 'links' => [
+ // 'self' => 'http://jsonapi.org/format/1.0/',
+ // ],
+ // ],
+ // 'version' => '1.0',
+ //],
+ // @codingStandardsIgnoreEnd
+ 'links' => [
+ 'self' => $self_link,
+ 'related' => $related_link,
+ ],
+ ];
+ }
+
+ /**
+ * Gets the expected document data for the given relationship.
+ *
+ * @param string $relationship_field_name
+ * The relationship for which to get an expected response.
+ *
+ * @return mixed
+ * The expected document data.
+ */
+ protected function getExpectedGetRelationshipDocumentData($relationship_field_name) {
+ /* @var \Drupal\Core\Field\FieldItemListInterface $field */
+ $field = $this->entity->{$relationship_field_name};
+ $is_multiple = $field->getFieldDefinition()->getFieldStorageDefinition()->getCardinality() !== 1;
+ if ($field->isEmpty()) {
+ return $is_multiple ? [] : NULL;
+ }
+ if (!$is_multiple) {
+ $entity = $field->entity;
+ return is_null($entity) ? NULL : static::toResourceIdentifier($entity);
+ }
+ else {
+ return array_filter(array_map(function ($item) {
+ $entity = $item->entity;
+ return is_null($entity) ? NULL : static::toResourceIdentifier($entity);
+ }, iterator_to_array($field)));
+ }
+ }
+
+ /**
+ * Builds an array of expected related ResourceResponses, keyed by field name.
+ *
+ * @param array $relationship_field_names
+ * The relationship field names for which to build expected
+ * ResourceResponses.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @return mixed
+ * An array of expected ResourceResponses, keyed by thier relationship field
+ * name.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function getExpectedRelatedResponses(array $relationship_field_names, array $request_options) {
+ // Get the relationships responses which contain resource identifiers for
+ // every related resource.
+ $relationship_responses = static::toResourceResponses($this->getRelationshipResponses($relationship_field_names, $request_options));
+ foreach ($relationship_field_names as $relationship_field_name) {
+ $access = $this->entityFieldAccess($this->entity, $relationship_field_name, 'view');
+ if (!$access->isAllowed()) {
+ $detail = 'The current user is not allowed to view this relationship.';
+ if ($access instanceof AccessResultReasonInterface && ($reason = $access->getReason())) {
+ $detail .= ' ' . $reason;
+ }
+ $related_response = (new ResourceResponse([
+ 'errors' => [
+ [
+ 'status' => 403,
+ 'title' => 'Forbidden',
+ 'detail' => $detail,
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => $relationship_field_name,
+ ],
+ ],
+ ],
+ ], 403))->addCacheableDependency($access);
+ }
+ else {
+ $self_link = static::getRelatedLink(static::toResourceIdentifier($this->entity), $relationship_field_name);
+ $relationship_response = $relationship_responses[$relationship_field_name];
+ $relationship_document = $relationship_response->getResponseData();
+ // The relationships may be empty, in which case we shouldn't attempt to
+ // fetch the individual identified resources.
+ if (empty($relationship_document['data'])) {
+ $related_response = isset($relationship_document['errors'])
+ ? $relationship_response
+ : new ResourceResponse([
+ // Empty to-one relationships should be NULL and empty to-many
+ // relationships should be an empty array.
+ 'data' => is_null($relationship_document['data']) ? NULL : [],
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => ['self' => $self_link],
+ ]);
+ }
+ else {
+ $is_to_one_relationship = static::isResourceIdentifier($relationship_document['data']);
+ $resource_identifiers = $is_to_one_relationship
+ ? [$relationship_document['data']]
+ : $relationship_document['data'];
+ $individual_responses = static::toResourceResponses($this->getResponses(static::getResourceLinks($resource_identifiers), $request_options));
+ $related_response = static::toCollectionResourceResponse($individual_responses, $self_link, !$is_to_one_relationship);
+ }
+ }
+ $expected_related_responses[$relationship_field_name] = $related_response;
+ }
+ return $expected_related_responses ?: [];
+ }
+
+ /**
+ * Tests POSTing an individual resource, plus edge cases to ensure good DX.
+ */
+ public function testPostIndividual() {
+ // @todo Remove this in https://www.drupal.org/node/2300677.
+ if ($this->entity instanceof ConfigEntityInterface) {
+ $this->assertTrue(TRUE, 'POSTing config entities is not yet supported.');
+ return;
+ }
+
+ // Try with all of the following request bodies.
+ $unparseable_request_body = '!{>}<';
+ $parseable_valid_request_body = Json::encode($this->getPostDocument());
+ /* $parseable_valid_request_body_2 = Json::encode($this->getNormalizedPostEntity()); */
+ $parseable_invalid_request_body_missing_type = Json::encode($this->removeResourceTypeFromDocument($this->getPostDocument(), 'type'));
+ $parseable_invalid_request_body = Json::encode($this->makeNormalizationInvalid($this->getPostDocument(), 'label'));
+ $parseable_invalid_request_body_2 = Json::encode(NestedArray::mergeDeep(['data' => ['id' => $this->randomMachineName(129)]], $this->getPostDocument()));
+ $parseable_invalid_request_body_3 = Json::encode(NestedArray::mergeDeep(['data' => ['attributes' => ['field_rest_test' => $this->randomString()]]], $this->getPostDocument()));
+
+ // The URL and Guzzle request options that will be used in this test. The
+ // request options will be modified/expanded throughout this test:
+ // - to first test all mistakes a developer might make, and assert that the
+ // error responses provide a good DX
+ // - to eventually result in a well-formed request that succeeds.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.collection', static::$resourceTypeName));
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // @todo Uncomment in https://www.drupal.org/project/jsonapi/issues/2943170.
+ // @codingStandardsIgnoreStart
+ /*
+ // DX: 415 when no Content-Type request header. HTML response because
+ // missing ?_format query string.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertSame(415, $response->getStatusCode());
+ $this->assertSame(['text/html; charset=UTF-8'], $response->getHeader('Content-Type'));
+ $this->assertContains('A client error happened', (string) $response->getBody());
+
+ $url->setOption('query', ['_format' => 'api_json']);
+
+ // DX: 415 when no Content-Type request header.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(415, '…', 'No "Content-Type" request header specified', $response);
+
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = '';
+
+ // DX: 400 when no request body.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(400, 'No entity content received.', $response);
+*/
+ // @codingStandardsIgnoreEnd
+
+ $request_options[RequestOptions::BODY] = $unparseable_request_body;
+
+ // DX: 400 when unparseable request body.
+ $response = $this->request('POST', $url, $request_options);
+ // @todo Uncomment in https://www.drupal.org/project/jsonapi/issues/2943165.
+ /* $this->assertResourceErrorResponse(400, 'Bad Request', 'Syntax error', $response); */
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body;
+
+ // DX: 403 when unauthorized.
+ $response = $this->request('POST', $url, $request_options);
+ $reason = $this->getExpectedUnauthorizedAccessMessage('POST');
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ // @todo Why is the reason missing here?
+ 'detail' => "The current user is not allowed to POST the selected resource." . (strlen($reason) ? ' ' . $reason : ''),
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to POST the selected resource." . (strlen($reason) ? ' ' . $reason : ''), $response, '/data'); */
+
+ $this->setUpAuthorization('POST');
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body_missing_type;
+
+ // DX: 400 when invalid JSON API request body.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(400, 'Resource object must include a "type".', $response);
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body;
+
+ // DX: 422 when invalid entity: multiple values sent for single-value field.
+ $response = $this->request('POST', $url, $request_options);
+ $label_field = $this->entity->getEntityType()->hasKey('label') ? $this->entity->getEntityType()->getKey('label') : static::$labelFieldName;
+ $label_field_capitalized = $this->entity->getFieldDefinition($label_field)->getLabel();
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Unprocessable Entity',
+ 'status' => 422,
+ 'detail' => "$label_field: $label_field_capitalized: this field cannot hold more than 1 values.",
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data/attributes/' . $label_field,
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(422, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(422, "$label_field: $label_field_capitalized: this field cannot hold more than 1 values.", $response, '/data/attributes/' . $label_field); */
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body_2;
+
+ // @todo Uncomment when https://www.drupal.org/project/jsonapi/issues/2934386 lands.
+ // DX: 403 when invalid entity: UUID field too long.
+ // @todo Fix this in https://www.drupal.org/node/2149851.
+ if ($this->entity->getEntityType()->hasKey('uuid')) {
+ $response = $this->request('POST', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "IDs should be properly generated and formatted UUIDs as described in RFC 4122.",
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data/id',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "IDs should be properly generated and formatted UUIDs as described in RFC 4122.", $response, '/data/id'); */
+ }
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body_3;
+
+ // DX: 403 when entity contains field without 'edit' access.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(403, "The current user is not allowed to POST the selected field (field_rest_test).", $response, '/data/attributes/field_rest_test');
+
+ $request_options[RequestOptions::BODY] = $parseable_valid_request_body;
+
+ // @todo Uncomment when https://www.drupal.org/project/jsonapi/issues/2934149 lands.
+ // @codingStandardsIgnoreStart
+ /*
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = 'text/xml';
+
+ // DX: 415 when request body in existing but not allowed format.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(415, 'No route found that matches "Content-Type: text/xml"', $response);
+ */
+ // @codingStandardsIgnoreEnd
+
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = 'application/vnd.api+json';
+
+ // 201 for well-formed request.
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceResponse(201, FALSE, $response);
+ // @todo Remove this logic to extract a UUID from the response in https://www.drupal.org/project/jsonapi/issues/2944977
+ if (get_class($this->entityStorage) !== ContentEntityNullStorage::class) {
+ $uuid = $this->entityStorage->load(static::$firstCreatedEntityId)->uuid();
+ }
+ else {
+ $r = Json::decode((string) $response->getBody());
+ $uuid = NestedArray::getValue($r, ['data', 'id']);
+ }
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $location = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $uuid])->setAbsolute(TRUE)->toString();
+ /* $location = $this->entityStorage->load(static::$firstCreatedEntityId)->toUrl('jsonapi')->setAbsolute(TRUE)->toString(); */
+ $this->assertSame([$location], $response->getHeader('Location'));
+ $this->assertFalse($response->hasHeader('X-Drupal-Cache'));
+ // If the entity is stored, perform extra checks.
+ if (get_class($this->entityStorage) !== ContentEntityNullStorage::class) {
+ // Assert that the entity was indeed created, and that the response body
+ // contains the serialized created entity.
+ $created_entity = $this->entityStorage->loadUnchanged(static::$firstCreatedEntityId);
+ $created_entity_document = $this->entityToJsonApi->normalize($created_entity);
+ // @todo Remove this if-test in https://www.drupal.org/node/2543726: execute
+ // its body unconditionally.
+ if (static::$entityTypeId !== 'taxonomy_term') {
+ $decoded_response_body = Json::decode((string) $response->getBody());
+ // @todo Remove the two lines below once https://www.drupal.org/project/jsonapi/issues/2925043 lands.
+ unset($created_entity_document['links']);
+ unset($decoded_response_body['links']);
+ $this->assertSame($created_entity_document, $decoded_response_body);
+ }
+ // Assert that the entity was indeed created using the POSTed values.
+ foreach ($this->getPostDocument()['data']['attributes'] as $field_name => $field_normalization) {
+ // If the value is an array of properties, only verify that the sent
+ // properties are present, the server could be computing additional
+ // properties.
+ if (is_array($field_normalization)) {
+ $this->assertArraySubset($field_normalization, $created_entity_document['data']['attributes'][$field_name]);
+ }
+ else {
+ $this->assertSame($field_normalization, $created_entity_document['data']['attributes'][$field_name]);
+ }
+ }
+ if (isset($this->getPostDocument()['data']['relationships'])) {
+ foreach ($this->getPostDocument()['data']['relationships'] as $field_name => $relationship_field_normalization) {
+ // POSTing relationships: 'data' is required, 'links' is optional.
+ $this->assertSame($relationship_field_normalization, array_diff_key($created_entity_document['data']['relationships'][$field_name], ['links' => TRUE]));
+ }
+ }
+ }
+
+ // 201 for well-formed request that creates another entity.
+ // If the entity is stored, delete the first created entity (in case there
+ // is a uniqueness constraint).
+ if (get_class($this->entityStorage) !== ContentEntityNullStorage::class) {
+ $this->entityStorage->load(static::$firstCreatedEntityId)->delete();
+ }
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceResponse(201, FALSE, $response);
+ // @todo Remove this logic to extract a UUID from the response in https://www.drupal.org/project/jsonapi/issues/2944977
+ if (get_class($this->entityStorage) !== ContentEntityNullStorage::class) {
+ $uuid = $this->entityStorage->load(static::$secondCreatedEntityId)->uuid();
+ }
+ else {
+ $r = Json::decode((string) $response->getBody());
+ $uuid = NestedArray::getValue($r, ['data', 'id']);
+ }
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $location = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $uuid])->setAbsolute(TRUE)->toString();
+ /* $location = $this->entityStorage->load(static::$secondCreatedEntityId)->toUrl('jsonapi')->setAbsolute(TRUE)->toString(); */
+ $this->assertSame([$location], $response->getHeader('Location'));
+ $this->assertFalse($response->hasHeader('X-Drupal-Cache'));
+
+ if ($this->entity->getEntityType()->getStorageClass() !== ContentEntityNullStorage::class && $this->entity->getEntityType()->hasKey('uuid')) {
+ // 500 when creating an entity with a duplicate UUID.
+ $doc = $this->getModifiedEntityForPostTesting();
+ $doc['data']['id'] = $uuid;
+ $doc['data']['attributes'][$label_field] = [['value' => $this->randomMachineName()]];
+ $request_options[RequestOptions::BODY] = Json::encode($doc);
+
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceErrorResponse(409, 'Conflict: Entity already exists.', $response);
+
+ // 201 when successfully creating an entity with a new UUID.
+ $doc = $this->getModifiedEntityForPostTesting();
+ $new_uuid = \Drupal::service('uuid')->generate();
+ $doc['data']['id'] = $new_uuid;
+ $doc['data']['attributes'][$label_field] = [['value' => $this->randomMachineName()]];
+ $request_options[RequestOptions::BODY] = Json::encode($doc);
+
+ $response = $this->request('POST', $url, $request_options);
+ $this->assertResourceResponse(201, FALSE, $response);
+ $entities = $this->entityStorage->loadByProperties(['uuid' => $new_uuid]);
+ $new_entity = reset($entities);
+ $this->assertNotNull($new_entity);
+ $new_entity->delete();
+ }
+
+ }
+
+ /**
+ * Tests PATCHing an individual resource, plus edge cases to ensure good DX.
+ */
+ public function testPatchIndividual() {
+ // @todo Remove this in https://www.drupal.org/node/2300677.
+ if ($this->entity instanceof ConfigEntityInterface) {
+ $this->assertTrue(TRUE, 'PATCHing config entities is not yet supported.');
+ return;
+ }
+
+ // Patch testing requires that another entity of the same type exists.
+ $this->anotherEntity = $this->createAnotherEntity();
+
+ // Try with all of the following request bodies.
+ $unparseable_request_body = '!{>}<';
+ $parseable_valid_request_body = Json::encode($this->getPatchDocument());
+ /* $parseable_valid_request_body_2 = Json::encode($this->getNormalizedPatchEntity()); */
+ $parseable_invalid_request_body = Json::encode($this->makeNormalizationInvalid($this->getPatchDocument(), 'label'));
+ $parseable_invalid_request_body_2 = Json::encode(NestedArray::mergeDeep(['data' => ['attributes' => ['field_rest_test' => $this->randomString()]]], $this->getPatchDocument()));
+ // The 'field_rest_test' field does not allow 'view' access, so does not end
+ // up in the JSON API document. Even when we explicitly add it to the JSON
+ // API document that we send in a PATCH request, it is considered invalid.
+ $parseable_invalid_request_body_3 = Json::encode(NestedArray::mergeDeep(['data' => ['attributes' => ['field_rest_test' => $this->entity->get('field_rest_test')->getValue()]]], $this->getPatchDocument()));
+
+ // The URL and Guzzle request options that will be used in this test. The
+ // request options will be modified/expanded throughout this test:
+ // - to first test all mistakes a developer might make, and assert that the
+ // error responses provide a good DX
+ // - to eventually result in a well-formed request that succeeds.
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // @todo Uncomment in https://www.drupal.org/project/jsonapi/issues/2943170.
+ // @codingStandardsIgnoreStart
+ /*
+ // DX: 415 when no Content-Type request header.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertSame(415, $response->getStatusCode());
+ $this->assertSame(['text/html; charset=UTF-8'], $response->getHeader('Content-Type'));
+ $this->assertContains('A client error happened', (string) $response->getBody());
+
+ $url->setOption('query', ['_format' => static::$format]);
+
+ // DX: 415 when no Content-Type request header.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceErrorResponse(415, 'No "Content-Type" request header specified', $response);
+
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = static::$mimeType;
+
+ // DX: 400 when no request body.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceErrorResponse(400, 'No entity content received.', $response);
+*/
+ // @codingStandardsIgnoreEnd
+
+ $request_options[RequestOptions::BODY] = $unparseable_request_body;
+
+ // DX: 400 when unparseable request body.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Uncomment in https://www.drupal.org/project/jsonapi/issues/2943165.
+ /* $this->assertResourceErrorResponse(400, 'Syntax error', $response); */
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body;
+
+ // DX: 403 when unauthorized.
+ $response = $this->request('PATCH', $url, $request_options);
+ $reason = $this->getExpectedUnauthorizedAccessMessage('PATCH');
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected resource." . (strlen($reason) ? ' ' . $reason : ''),
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected resource." . (strlen($reason) ? ' ' . $reason : ''), $response, '/data'); */
+
+ $this->setUpAuthorization('PATCH');
+
+ // DX: 422 when invalid entity: multiple values sent for single-value field.
+ $response = $this->request('PATCH', $url, $request_options);
+ $label_field = $this->entity->getEntityType()->hasKey('label') ? $this->entity->getEntityType()->getKey('label') : static::$labelFieldName;
+ $label_field_capitalized = $this->entity->getFieldDefinition($label_field)->getLabel();
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Unprocessable Entity',
+ 'status' => 422,
+ 'detail' => "$label_field: $label_field_capitalized: this field cannot hold more than 1 values.",
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data/attributes/' . $label_field,
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(422, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(422, "$label_field: $label_field_capitalized: this field cannot hold more than 1 values.", $response, '/data/attributes/' . $label_field); */
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body_2;
+
+ // DX: 403 when entity contains field without 'edit' access.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected field (field_rest_test).",
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/field_rest_test',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected field (field_rest_test).", $response, '/data/attributes/field_rest_test'); */
+
+ // DX: 403 when entity trying to update an entity's ID field.
+ $request_options[RequestOptions::BODY] = Json::encode($this->makeNormalizationInvalid($this->getPatchDocument(), 'id'));
+ $response = $this->request('PATCH', $url, $request_options);
+ $id_field_name = $this->entity->getEntityType()->getKey('id');
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected field ($id_field_name). The entity ID cannot be changed",
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/' . $id_field_name,
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected field ($id_field_name). The entity ID cannot be changed", $response, "/data/attributes/$id_field_name"); */
+
+ if ($this->entity->getEntityType()->hasKey('uuid')) {
+ // DX: 400 when entity trying to update an entity's UUID field.
+ $request_options[RequestOptions::BODY] = Json::encode($this->makeNormalizationInvalid($this->getPatchDocument(), 'uuid'));
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceErrorResponse(400, sprintf("The selected entity (%s) does not match the ID in the payload (%s).", $this->entity->uuid(), $this->anotherEntity->uuid()), $response);
+ }
+
+ $request_options[RequestOptions::BODY] = $parseable_invalid_request_body_3;
+
+ // DX: 403 when entity contains field without 'edit' nor 'view' access, even
+ // when the value for that field matches the current value. This is allowed
+ // in principle, but leads to information disclosure.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected field (field_rest_test).",
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/field_rest_test',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected field (field_rest_test).", $response, '/data/attributes/field_rest_test'); */
+
+ // DX: 403 when sending PATCH request with updated read-only fields.
+ list($modified_entity, $original_values) = static::getModifiedEntityForPatchTesting($this->entity);
+ // Send PATCH request by serializing the modified entity, assert the error
+ // response, change the modified entity field that caused the error response
+ // back to its original value, repeat.
+ foreach (static::$patchProtectedFieldNames as $patch_protected_field_name => $reason) {
+ $request_options[RequestOptions::BODY] = $this->entityToJsonApi->serialize($modified_entity);
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to PATCH the selected field (" . $patch_protected_field_name . ")." . ($reason !== NULL ? ' ' . $reason : ''),
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/' . $patch_protected_field_name,
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to PATCH the selected field (" . $patch_protected_field_name . ")." . ($reason !== NULL ? ' ' . $reason : ''), $response, '/data/attributes/' . $patch_protected_field_name); */
+ $modified_entity->get($patch_protected_field_name)->setValue($original_values[$patch_protected_field_name]);
+ }
+
+ // 200 for well-formed PATCH request that sends all fields (even including
+ // read-only ones, but with unchanged values).
+ $valid_request_body = NestedArray::mergeDeep($this->entityToJsonApi->normalize($this->entity), $this->getPatchDocument());
+ $request_options[RequestOptions::BODY] = Json::encode($valid_request_body);
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+
+ $request_options[RequestOptions::BODY] = $parseable_valid_request_body;
+
+ // @todo Uncomment when https://www.drupal.org/project/jsonapi/issues/2934149 lands.
+ // @codingStandardsIgnoreStart
+ /*
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = 'text/xml';
+
+ // DX: 415 when request body in existing but not allowed format.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceErrorResponse(415, 'No route found that matches "Content-Type: text/xml"', $response);
+ */
+ // @codingStandardsIgnoreEnd
+
+ $request_options[RequestOptions::HEADERS]['Content-Type'] = 'application/vnd.api+json';
+
+ // 200 for well-formed request.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $this->assertFalse($response->hasHeader('X-Drupal-Cache'));
+ // Assert that the entity was indeed updated, and that the response body
+ // contains the serialized updated entity.
+ $updated_entity = $this->entityStorage->loadUnchanged($this->entity->id());
+ $updated_entity_document = $this->entityToJsonApi->normalize($updated_entity);
+ $this->assertSame($updated_entity_document, Json::decode((string) $response->getBody()));
+ // Assert that the entity was indeed created using the PATCHed values.
+ foreach ($this->getPatchDocument() as $field_name => $field_normalization) {
+ // Some top-level keys in the normalization may not be fields on the
+ // entity (for example '_links' and '_embedded' in the HAL normalization).
+ if ($updated_entity->hasField($field_name)) {
+ // Subset, not same, because we can e.g. send just the target_id for the
+ // bundle in a PATCH request; the response will include more properties.
+ $this->assertArraySubset(static::castToString($field_normalization), $updated_entity->get($field_name)->getValue(), TRUE);
+ }
+ }
+
+ // Ensure that fields do not get deleted if they're not present in the PATCH
+ // request. Test this using the configurable field that we added, but which
+ // is not sent in the PATCH request.
+ $this->assertSame('All the faith he had had had had no effect on the outcome of his life.', $updated_entity->get('field_rest_test')->value);
+
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return;
+ }
+
+ // Multi-value field: remove item 0. Then item 1 becomes item 0.
+ $doc_multi_value_tests = $this->getPatchDocument();
+ $doc_multi_value_tests['data']['attributes']['field_rest_test_multivalue'] = $this->entity->get('field_rest_test_multivalue')->getValue();
+ $doc_remove_item = $doc_multi_value_tests;
+ unset($doc_remove_item['data']['attributes']['field_rest_test_multivalue'][0]);
+ $request_options[RequestOptions::BODY] = Json::encode($doc_remove_item, 'api_json');
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $this->assertSame([0 => ['value' => 'Two']], $this->entityStorage->loadUnchanged($this->entity->id())->get('field_rest_test_multivalue')->getValue());
+
+ // Multi-value field: add one item before the existing one, and one after.
+ $doc_add_items = $doc_multi_value_tests;
+ $doc_add_items['data']['attributes']['field_rest_test_multivalue'][2] = ['value' => 'Three'];
+ $request_options[RequestOptions::BODY] = Json::encode($doc_add_items);
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $expected_document = [
+ 0 => ['value' => 'One'],
+ 1 => ['value' => 'Two'],
+ 2 => ['value' => 'Three'],
+ ];
+ $this->assertSame($expected_document, $this->entityStorage->loadUnchanged($this->entity->id())->get('field_rest_test_multivalue')->getValue());
+ }
+
+ /**
+ * Tests DELETEing an individual resource, plus edge cases to ensure good DX.
+ */
+ public function testDeleteIndividual() {
+ // @todo Remove this in https://www.drupal.org/node/2300677.
+ if ($this->entity instanceof ConfigEntityInterface) {
+ $this->assertTrue(TRUE, 'DELETEing config entities is not yet supported.');
+ return;
+ }
+
+ // The URL and Guzzle request options that will be used in this test. The
+ // request options will be modified/expanded throughout this test:
+ // - to first test all mistakes a developer might make, and assert that the
+ // error responses provide a good DX
+ // - to eventually result in a well-formed request that succeeds.
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // DX: 403 when unauthorized.
+ $response = $this->request('DELETE', $url, $request_options);
+ $reason = $this->getExpectedUnauthorizedAccessMessage('DELETE');
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => "The current user is not allowed to DELETE the selected resource." . (strlen($reason) ? ' ' . $reason : ''),
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/' . static::$resourceTypeName . '/' . $this->entity->uuid(),
+ 'source' => [
+ 'pointer' => '/data',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, "The current user is not allowed to DELETE the selected resource." . (strlen($reason) ? ' ' . $reason : ''), $response, '/data'); */
+
+ $this->setUpAuthorization('DELETE');
+
+ // 204 for well-formed request.
+ $response = $this->request('DELETE', $url, $request_options);
+ $this->assertResourceResponse(204, NULL, $response);
+ }
+
+ /**
+ * Transforms a normalization: casts all non-string types to strings.
+ *
+ * @param array $normalization
+ * A normalization to transform.
+ *
+ * @return array
+ * The transformed normalization.
+ */
+ protected static function castToString(array $normalization) {
+ foreach ($normalization as $key => $value) {
+ if (is_bool($value)) {
+ $normalization[$key] = (string) (int) $value;
+ }
+ elseif (is_int($value) || is_float($value)) {
+ $normalization[$key] = (string) $value;
+ }
+ elseif (is_array($value)) {
+ $normalization[$key] = static::castToString($value);
+ }
+ }
+ return $normalization;
+ }
+
+ /**
+ * Recursively sorts an array by key.
+ *
+ * @param array $array
+ * An array to sort.
+ */
+ protected static function recursiveKsort(array &$array) {
+ // First, sort the main array.
+ ksort($array);
+
+ // Then check for child arrays.
+ foreach ($array as $key => &$value) {
+ if (is_array($value)) {
+ static::recursiveKsort($value);
+ }
+ }
+ }
+
+ /**
+ * Returns Guzzle request options for authentication.
+ *
+ * @return array
+ * Guzzle request options to use for authentication.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function getAuthenticationRequestOptions() {
+ return [
+ 'headers' => [
+ 'Authorization' => 'Basic ' . base64_encode($this->account->name->value . ':' . $this->account->passRaw),
+ ],
+ ];
+ }
+
+ /**
+ * Clones the given entity and modifies all PATCH-protected fields.
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ * The entity being tested and to modify.
+ *
+ * @return array
+ * Contains two items:
+ * 1. The modified entity object.
+ * 2. The original field values, keyed by field name.
+ *
+ * @internal
+ */
+ protected static function getModifiedEntityForPatchTesting(EntityInterface $entity) {
+ $modified_entity = clone $entity;
+ $original_values = [];
+ foreach (array_keys(static::$patchProtectedFieldNames) as $field_name) {
+ $field = $modified_entity->get($field_name);
+ $original_values[$field_name] = $field->getValue();
+ switch ($field->getItemDefinition()->getClass()) {
+ case EntityReferenceItem::class:
+ // EntityReferenceItem::generateSampleValue() picks one of the last 50
+ // entities of the supported type & bundle. We don't care if the value
+ // is valid, we only care that it's different.
+ $field->setValue(['target_id' => 99999]);
+ break;
+
+ case BooleanItem::class:
+ // BooleanItem::generateSampleValue() picks either 0 or 1. So a 50%
+ // chance of not picking a different value.
+ $field->value = ((int) $field->value) === 1 ? '0' : '1';
+ break;
+
+ case PathItem::class:
+ // PathItem::generateSampleValue() doesn't set a PID, which causes
+ // PathItem::postSave() to fail. Keep the PID (and other properties),
+ // just modify the alias.
+ $field->alias = str_replace(' ', '-', strtolower((new Random())->sentences(3)));
+ break;
+
+ default:
+ $original_field = clone $field;
+ while ($field->equals($original_field)) {
+ $field->generateSampleItems();
+ }
+ break;
+ }
+ }
+
+ return [$modified_entity, $original_values];
+ }
+
+ /**
+ * Gets the normalized POST entity with random values for its unique fields.
+ *
+ * @see ::testPostIndividual
+ * @see ::getPostDocument
+ *
+ * @return array
+ * An array structure as returned by ::getNormalizedPostEntity().
+ */
+ protected function getModifiedEntityForPostTesting() {
+ $document = $this->getPostDocument();
+
+ // Ensure that all the unique fields of the entity type get a new random
+ // value.
+ foreach (static::$uniqueFieldNames as $field_name) {
+ $field_definition = $this->entity->getFieldDefinition($field_name);
+ $field_type_class = $field_definition->getItemDefinition()->getClass();
+ $document['data']['attributes'][$field_name] = $field_type_class::generateSampleValue($field_definition);
+ }
+
+ return $document;
+ }
+
+ /**
+ * Tests sparse field sets.
+ *
+ * @param \Drupal\Core\Url $url
+ * The base URL with which to test includes.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function doTestSparseFieldSets(Url $url, array $request_options) {
+ foreach ($this->getSparseFieldSets() as $type => $field_set) {
+ if ($type === 'all') {
+ assert($this->getExpectedCacheTags($field_set) === $this->getExpectedCacheTags());
+ assert($this->getExpectedCacheContexts($field_set) === $this->getExpectedCacheContexts());
+ }
+ $query = ['fields[' . static::$resourceTypeName . ']' => implode(',', $field_set)];
+ $url->setOption('query', $query);
+ $response = $this->request('GET', $url, $request_options);
+ // Get the expected document and remove any unwanted fields.
+ $expected_document = $this->getExpectedDocument();
+ foreach (['attributes', 'relationships'] as $member) {
+ if (!empty($expected_document['data'][$member])) {
+ $remaining = array_intersect_key(
+ $expected_document['data'][$member],
+ array_flip($field_set)
+ );
+ if (empty($remaining)) {
+ unset($expected_document['data'][$member]);
+ }
+ else {
+ $expected_document['data'][$member] = $remaining;
+ }
+ }
+ }
+ // 'self' link should include the 'fields' query param.
+ $expected_document['links']['self'] = $url->setAbsolute()->toString();
+ // Dynamic Page Cache miss because cache should vary based on the 'field'
+ // query param.
+ $this->assertResourceResponse(
+ 200,
+ $expected_document,
+ $response,
+ $this->getExpectedCacheTags($field_set),
+ $this->getExpectedCacheContexts($field_set),
+ FALSE,
+ 'MISS'
+ );
+ }
+ // Test Dynamic Page Cache hit for a query with the same field set.
+ $response = $this->request('GET', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response, $this->getExpectedCacheTags(), $this->getExpectedCacheContexts(), FALSE, 'HIT');
+ }
+
+ /**
+ * Tests included resources.
+ *
+ * @param \Drupal\Core\Url $url
+ * The base URL with which to test includes.
+ * @param array $request_options
+ * Request options to apply.
+ *
+ * @see \GuzzleHttp\ClientInterface::request()
+ */
+ protected function doTestIncluded(Url $url, array $request_options) {
+ $relationship_field_names = $this->getRelationshipFieldNames();
+ // If there are no relationship fields, we can't include anything.
+ if (empty($relationship_field_names)) {
+ return;
+ }
+ // Builds a map of relationship field names to related resources by making
+ // requests to the 'related' link in the document. We will later merge this
+ // into an expected response so that we can verify all the included
+ // data and cacheable metadata.
+ $related_responses = static::toResourceResponses($this->getRelatedResponses($relationship_field_names, $request_options));
+ $field_sets = [
+ 'empty' => [],
+ 'all' => $relationship_field_names,
+ ];
+ if (count($relationship_field_names) > 1) {
+ $about_half_the_fields = floor(count($relationship_field_names) / 2);
+ $field_sets['some'] = array_slice($relationship_field_names, $about_half_the_fields);
+ }
+ foreach ($field_sets as $type => $field_set) {
+ $query = ['include' => implode(',', $field_set)];
+ $url->setOption('query', $query);
+ $response = $this->request('GET', $url, $request_options);
+ // The expected response is based on the expected individual response for
+ // this resource type, it will then be decorated using the related
+ // response data.
+ $expected_document = $this->getExpectedDocument();
+ // Update the expected 'self' link with expected include query parameter.
+ $expected_document['links']['self'] = $url->setAbsolute()->toString();
+ $expected_cacheability = (new CacheableMetadata())
+ ->setCacheContexts($this->getExpectedCacheContexts())
+ ->setCacheTags($this->getExpectedCacheTags());
+ $expected_response = static::decorateExpectedResponseForIncludedFields(
+ (new ResourceResponse($expected_document))->addCacheableDependency($expected_cacheability),
+ array_intersect_key($related_responses, array_flip($field_set))
+ );
+ $response_document = Json::decode((string) $response->getBody());
+ $expected_document = $expected_response->getResponseData();
+ if (!empty($expected_document['meta']['errors'])) {
+ // The 'related' responses will not have included document pointers, so
+ // we can't assert those here either.
+ foreach ($response_document['meta']['errors'] as &$error) {
+ unset($error['source']['pointer']);
+ }
+ }
+ if (!empty($expected_document['included'])) {
+ static::sortResourceCollection($expected_document['included']);
+ static::sortResourceCollection($response_document['included']);
+ }
+ // @todo uncomment this assertion in https://www.drupal.org/project/jsonapi/issues/2929428
+ // Dynamic Page Cache miss because cache should vary based on the
+ // 'include' query param.
+ // @codingStandardsIgnoreStart
+ // $expected_cacheability = $expected_response->getCacheableMetadata();
+ // $this->assertResourceResponse(
+ // 200,
+ // FALSE,
+ // $response,
+ // $expected_cacheability->getCacheTags(),
+ // \Drupal::service('cache_contexts_manager')->optimizeTokens($expected_cacheability->getCacheContexts()),
+ // FALSE,
+ // $expected_cacheability->getCacheMaxAge() === 0 ? 'UNCACHEABLE' : 'MISS'
+ // );
+ // @codingStandardsIgnoreEnd
+ $this->assertSameDocument($expected_document, $response_document);
+ }
+ }
+
+ /**
+ * Decorates the expected response with included data and cache metadata.
+ *
+ * This adds the expected includes to the expected document and also builds
+ * the expected cacheability data. It does so based of responses from the
+ * related routes for individual relationships.
+ *
+ * @param \Drupal\jsonapi\ResourceResponse $expected_response
+ * The expected ResourceResponse.
+ * @param \Drupal\jsonapi\ResourceResponse[] $related_responses
+ * The related ResourceResponses, keyed by relationship field names.
+ *
+ * @return \Drupal\jsonapi\ResourceResponse
+ * The decorated ResourceResponse.
+ */
+ protected static function decorateExpectedResponseForIncludedFields(ResourceResponse $expected_response, array $related_responses) {
+ $expected_document = $expected_response->getResponseData();
+ $expected_cacheability = $expected_response->getCacheableMetadata();
+ foreach ($related_responses as $related_response) {
+ $related_document = $related_response->getResponseData();
+ $expected_cacheability->addCacheableDependency($related_response->getCacheableMetadata());
+ if (!empty($related_document['errors'])) {
+ // If any of the related response documents had top-level errors, we
+ // should later expect the document to have 'meta' errors too.
+ foreach ($related_document['errors'] as $error) {
+ // @todo remove this conditional when inaccessible relationships are able to raise errors.
+ if ($error['detail'] !== 'The current user is not allowed to view this relationship.') {
+ unset($error['source']['pointer']);
+ $expected_document['meta']['errors'][] = $error;
+ }
+ }
+ }
+ elseif (isset($related_document['data'])) {
+ $related_data = $related_document['data'];
+ $related_resources = (static::isResourceIdentifier($related_data))
+ ? [$related_data]
+ : $related_data;
+ foreach ($related_resources as $related_resource) {
+ if (empty($expected_document['included']) || !static::collectionHasResourceIdentifier($related_resource, $expected_document['included'])) {
+ $expected_document['included'][] = $related_resource;
+ }
+ }
+ }
+ }
+ return (new ResourceResponse($expected_document))->addCacheableDependency($expected_cacheability);
+ }
+
+ /**
+ * Returns an array of sparse fields sets to test.
+ *
+ * @return array
+ * An array of sparse field sets (an array of field names), keyed by a label
+ * for the field set.
+ */
+ protected function getSparseFieldSets() {
+ $field_names = array_keys($this->entity->toArray());
+ return [
+ 'empty' => [],
+ 'some' => array_slice($field_names, floor(count($field_names) / 2)),
+ 'all' => $field_names,
+ ];
+ }
+
+ /**
+ * Gets a list of relationship field names for the resource type under test.
+ *
+ * @return array
+ * An array of relationship field names.
+ */
+ protected function getRelationshipFieldNames() {
+ // Only content entity types can have relationships.
+ $fields = $this->entity instanceof ContentEntityInterface
+ ? iterator_to_array($this->entity)
+ : [];
+ return array_reduce($fields, function ($field_names, $field) {
+ /* @var \Drupal\Core\Field\FieldItemListInterface $field */
+ if ($this->isReferenceFieldDefinition($field->getFieldDefinition())) {
+ $field_names[] = $field->getName();
+ }
+ return $field_names;
+ }, []);
+ }
+
+ /**
+ * Check access for the given operation, field and entity.
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ * The entity for which to check field access.
+ * @param string $field_name
+ * The field for which to check access.
+ * @param string $operation
+ * The operation for which to check access.
+ *
+ * @return \Drupal\Core\Access\AccessResultInterface
+ * The AccessResult.
+ */
+ protected function entityFieldAccess(EntityInterface $entity, $field_name, $operation) {
+ // The default entity access control handler assumes that permissions do not
+ // change during the lifetime of a request and caches access results.
+ // However, we're changing permissions during a test run and need fresh
+ // results, so reset the cache.
+ \Drupal::entityTypeManager()->getAccessControlHandler($this->entity->getEntityTypeId())->resetCache();
+
+ $field_access = $entity->{$field_name}->access($operation, $this->account, TRUE);
+ $entity_access = $entity->access($operation, $this->account, TRUE);
+ return $entity_access->andIf($field_access);
+ }
+
+ /**
+ * Determines if a given field definition is a reference field.
+ *
+ * @param \Drupal\Core\Field\FieldDefinitionInterface $field_definition
+ * The field definition to inspect.
+ *
+ * @return bool
+ * TRUE if the field definition is found to be a reference field. FALSE
+ * otherwise.
+ */
+ protected function isReferenceFieldDefinition(FieldDefinitionInterface $field_definition) {
+ /* @var \Drupal\Core\Field\TypedData\FieldItemDataDefinition $item_definition */
+ $item_definition = $field_definition->getItemDefinition();
+ $main_property = $item_definition->getMainPropertyName();
+ $property_definition = $item_definition->getPropertyDefinition($main_property);
+ return $property_definition instanceof DataReferenceTargetDefinition;
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ResponsiveImageStyleTest.php b/core/modules/jsonapi/tests/src/Functional/ResponsiveImageStyleTest.php
new file mode 100644
index 0000000..ad9f41e
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ResponsiveImageStyleTest.php
@@ -0,0 +1,143 @@
+grantPermissionsToTestedRole(['administer responsive images']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Camelids" responsive image style.
+ $camelids = ResponsiveImageStyle::create([
+ 'id' => 'camelids',
+ 'label' => 'Camelids',
+ ]);
+ $camelids->setBreakpointGroup('test_group');
+ $camelids->setFallbackImageStyle('fallback');
+ $camelids->addImageStyleMapping('test_breakpoint', '1x', [
+ 'image_mapping_type' => 'image_style',
+ 'image_mapping' => 'small',
+ ]);
+ $camelids->addImageStyleMapping('test_breakpoint', '2x', [
+ 'image_mapping_type' => 'sizes',
+ 'image_mapping' => [
+ 'sizes' => '(min-width:700px) 700px, 100vw',
+ 'sizes_image_styles' => [
+ 'medium' => 'medium',
+ 'large' => 'large',
+ ],
+ ],
+ ]);
+ $camelids->save();
+
+ return $camelids;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/responsive_image_style/responsive_image_style/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'responsive_image_style--responsive_image_style',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'breakpoint_group' => 'test_group',
+ 'dependencies' => [
+ 'config' => [
+ 'image.style.large',
+ 'image.style.medium',
+ ],
+ ],
+ 'fallback_image_style' => 'fallback',
+ 'id' => 'camelids',
+ 'image_style_mappings' => [
+ 0 => [
+ 'breakpoint_id' => 'test_breakpoint',
+ 'image_mapping' => 'small',
+ 'image_mapping_type' => 'image_style',
+ 'multiplier' => '1x',
+ ],
+ 1 => [
+ 'breakpoint_id' => 'test_breakpoint',
+ 'image_mapping' => [
+ 'sizes' => '(min-width:700px) 700px, 100vw',
+ 'sizes_image_styles' => [
+ 'large' => 'large',
+ 'medium' => 'medium',
+ ],
+ ],
+ 'image_mapping_type' => 'sizes',
+ 'multiplier' => '2x',
+ ],
+ ],
+ 'label' => 'Camelids',
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/RestJsonApiUnsupported.php b/core/modules/jsonapi/tests/src/Functional/RestJsonApiUnsupported.php
new file mode 100644
index 0000000..6fa3623
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/RestJsonApiUnsupported.php
@@ -0,0 +1,118 @@
+grantPermissionsToTestedRole(['access content']);
+ break;
+
+ default:
+ throw new \UnexpectedValueException();
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function setUp() {
+ parent::setUp();
+
+ // Set up a HTTP client that accepts relative URLs.
+ $this->httpClient = $this->container->get('http_client_factory')
+ ->fromOptions(['base_uri' => $this->baseUrl]);
+
+ // Create a "Camelids" node type.
+ NodeType::create([
+ 'name' => 'Camelids',
+ 'type' => 'camelids',
+ ])->save();
+
+ // Create a "Llama" node.
+ $node = Node::create(['type' => 'camelids']);
+ $node->setTitle('Llama')
+ ->setOwnerId(0)
+ ->setPublished(TRUE)
+ ->save();
+ }
+
+ /**
+ * Deploying a REST resource using api_json format results in 406 responses.
+ */
+ public function testApiJsonNotSupportedInRest() {
+ $this->assertSame(['json', 'xml'], $this->container->getParameter('serializer.formats'));
+
+ $this->provisionResource(['api_json'], []);
+ $this->setUpAuthorization('GET');
+
+ $url = Node::load(1)->toUrl()
+ ->setOption('query', ['_format' => 'api_json']);
+ $request_options = [];
+
+ $response = $this->request('GET', $url, $request_options);
+ $this->assertResourceErrorResponse(406, FALSE, $response);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function assertNormalizationEdgeCases($method, Url $url, array $request_options) {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessCacheability() {}
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedBcUnauthorizedAccessMessage($method) {}
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/RestResourceConfigTest.php b/core/modules/jsonapi/tests/src/Functional/RestResourceConfigTest.php
new file mode 100644
index 0000000..fb8a74e
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/RestResourceConfigTest.php
@@ -0,0 +1,127 @@
+grantPermissionsToTestedRole(['administer rest resources']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $rest_resource_config = RestResourceConfig::create([
+ 'id' => 'llama',
+ 'plugin_id' => 'dblog',
+ 'granularity' => 'method',
+ 'configuration' => [
+ 'GET' => [
+ 'supported_formats' => [
+ 'json',
+ ],
+ 'supported_auth' => [
+ 'cookie',
+ ],
+ ],
+ ],
+ ]);
+ $rest_resource_config->save();
+
+ return $rest_resource_config;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/rest_resource_config/rest_resource_config/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'rest_resource_config--rest_resource_config',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'uuid' => $this->entity->uuid(),
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'dependencies' => [
+ 'module' => [
+ 'dblog',
+ 'serialization',
+ 'user',
+ ],
+ ],
+ 'id' => 'llama',
+ 'plugin_id' => 'dblog',
+ 'granularity' => 'method',
+ 'configuration' => [
+ 'GET' => [
+ 'supported_formats' => [
+ 'json',
+ ],
+ 'supported_auth' => [
+ 'cookie',
+ ],
+ ],
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/RoleTest.php b/core/modules/jsonapi/tests/src/Functional/RoleTest.php
new file mode 100644
index 0000000..80a8b3b
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/RoleTest.php
@@ -0,0 +1,103 @@
+grantPermissionsToTestedRole(['administer permissions']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $role = Role::create([
+ 'id' => 'llama',
+ 'name' => $this->randomString(),
+ ]);
+ $role->save();
+
+ return $role;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/user_role/user_role/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'user_role--user_role',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'uuid' => $this->entity->uuid(),
+ 'weight' => 2,
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'dependencies' => [],
+ 'id' => 'llama',
+ 'label' => NULL,
+ 'is_admin' => NULL,
+ 'permissions' => [],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/SearchPageTest.php b/core/modules/jsonapi/tests/src/Functional/SearchPageTest.php
new file mode 100644
index 0000000..78aa492
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/SearchPageTest.php
@@ -0,0 +1,142 @@
+grantPermissionsToTestedRole(['access content']);
+ break;
+
+ case 'POST':
+ case 'PATCH':
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['administer search']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $search_page = SearchPage::create([
+ 'id' => 'hinode_search',
+ 'plugin' => 'node_search',
+ 'label' => 'Search of magnetic activity of the Sun',
+ 'path' => 'sun',
+ ]);
+ $search_page->save();
+ return $search_page;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/search_page/search_page/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'search_page--search_page',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'configuration' => [
+ 'rankings' => [],
+ ],
+ 'dependencies' => [
+ 'module' => [
+ 'node',
+ ],
+ ],
+ 'id' => 'hinode_search',
+ 'label' => 'Search of magnetic activity of the Sun',
+ 'langcode' => 'en',
+ 'path' => 'sun',
+ 'plugin' => 'node_search',
+ 'status' => TRUE,
+ 'uuid' => $this->entity->uuid(),
+ 'weight' => 0,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET':
+ return "The 'access content' permission is required.";
+
+ default:
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessCacheability() {
+ // @see \Drupal\search\SearchPageAccessControlHandler::checkAccess()
+ return parent::getExpectedUnauthorizedAccessCacheability()
+ ->addCacheTags(['config:search.page.hinode_search']);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ShortcutSetTest.php b/core/modules/jsonapi/tests/src/Functional/ShortcutSetTest.php
new file mode 100644
index 0000000..e1b1bef
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ShortcutSetTest.php
@@ -0,0 +1,111 @@
+grantPermissionsToTestedRole(['access shortcuts']);
+ break;
+
+ case 'POST':
+ case 'PATCH':
+ $this->grantPermissionsToTestedRole(['access shortcuts', 'customize shortcut links']);
+ break;
+
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['administer shortcuts']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $set = ShortcutSet::create([
+ 'id' => 'llama_set',
+ 'label' => 'Llama Set',
+ ]);
+ $set->save();
+ return $set;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/shortcut_set/shortcut_set/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'shortcut_set--shortcut_set',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'id' => 'llama_set',
+ 'uuid' => $this->entity->uuid(),
+ 'label' => 'Llama Set',
+ 'status' => TRUE,
+ 'langcode' => 'en',
+ 'dependencies' => [],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ShortcutTest.php b/core/modules/jsonapi/tests/src/Functional/ShortcutTest.php
new file mode 100644
index 0000000..b9ce5db
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ShortcutTest.php
@@ -0,0 +1,143 @@
+grantPermissionsToTestedRole(['access shortcuts', 'customize shortcut links']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $shortcut = Shortcut::create([
+ 'shortcut_set' => 'default',
+ 'title' => t('Comments'),
+ 'weight' => -20,
+ 'link' => [
+ 'uri' => 'internal:/admin/content/comment',
+ ],
+ ]);
+ $shortcut->save();
+
+ return $shortcut;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/shortcut/default/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'shortcut--default',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'uuid' => $this->entity->uuid(),
+ 'id' => (int) $this->entity->id(),
+ 'title' => 'Comments',
+ 'link' => [
+ 'uri' => 'internal:/admin/content/comment',
+ 'title' => NULL,
+ 'options' => [],
+ ],
+ 'langcode' => 'en',
+ 'default_langcode' => TRUE,
+ 'weight' => -20,
+ ],
+ 'relationships' => [
+ 'shortcut_set' => [
+ 'data' => [
+ 'type' => 'shortcut_set--shortcut_set',
+ 'id' => ShortcutSet::load('default')->uuid(),
+ ],
+ 'links' => [
+ 'related' => $self_url . '/shortcut_set',
+ 'self' => $self_url . '/relationships/shortcut_set',
+ ],
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'shortcut--default',
+ 'attributes' => [
+ 'title' => 'Comments',
+ 'link' => [
+ 'uri' => 'internal:/',
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ return "The shortcut set must be the currently displayed set for the user and the user must have 'access shortcuts' AND 'customize shortcut links' permissions.";
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/TermTest.php b/core/modules/jsonapi/tests/src/Functional/TermTest.php
new file mode 100644
index 0000000..2df62f8
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/TermTest.php
@@ -0,0 +1,427 @@
+ NULL,
+ ];
+
+ /**
+ * {@inheritdoc}
+ *
+ * @var \Drupal\taxonomy\TermInterface
+ */
+ protected $entity;
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ switch ($method) {
+ case 'GET':
+ $this->grantPermissionsToTestedRole(['access content']);
+ break;
+
+ case 'POST':
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ $this->grantPermissionsToTestedRole(['administer taxonomy']);
+ }
+ $this->grantPermissionsToTestedRole(['create terms in camelids']);
+ break;
+
+ case 'PATCH':
+ // Grant the 'create url aliases' permission to test the case when
+ // the path field is accessible, see
+ // \Drupal\Tests\rest\Functional\EntityResource\Node\NodeResourceTestBase
+ // for a negative test.
+ $this->grantPermissionsToTestedRole(['edit terms in camelids', 'create url aliases']);
+ break;
+
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['delete terms in camelids']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $vocabulary = Vocabulary::load('camelids');
+ if (!$vocabulary) {
+ // Create a "Camelids" vocabulary.
+ $vocabulary = Vocabulary::create([
+ 'name' => 'Camelids',
+ 'vid' => 'camelids',
+ ]);
+ $vocabulary->save();
+ }
+
+ // Create a "Llama" taxonomy term.
+ $term = Term::create(['vid' => $vocabulary->id()])
+ ->setName('Llama')
+ ->setDescription("It is a little known fact that llamas cannot count higher than seven.")
+ ->setChangedTime(123456789)
+ ->set('path', '/llama');
+ $term->save();
+
+ return $term;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/taxonomy_term/camelids/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+
+ // We test with multiple parent terms, and combinations thereof.
+ // @see ::createEntity()
+ // @see ::testGetIndividual()
+ // @see ::testGetIndividualTermWithParent()
+ // @see ::providerTestGetIndividualTermWithParent()
+ $parent_term_ids = [];
+ for ($i = 0; $i < $this->entity->get('parent')->count(); $i++) {
+ $parent_term_ids[$i] = (int) $this->entity->get('parent')[$i]->target_id;
+ }
+
+ $expected_parent_normalization = FALSE;
+ switch ($parent_term_ids) {
+ case [0]:
+ // @todo This is missing the root parent, fix this in https://www.drupal.org/project/jsonapi/issues/2940339
+ $expected_parent_normalization = [
+ 'data' => [],
+ 'links' => [
+ 'related' => $self_url . '/parent',
+ 'self' => $self_url . '/relationships/parent',
+ ],
+ ];
+ break;
+
+ case [2]:
+ $expected_parent_normalization = [
+ 'data' => [
+ [
+ 'id' => Term::load(2)->uuid(),
+ 'type' => 'taxonomy_term--camelids',
+ ],
+ ],
+ 'links' => [
+ 'related' => $self_url . '/parent',
+ 'self' => $self_url . '/relationships/parent',
+ ],
+ ];
+ break;
+
+ case [0, 2]:
+ $expected_parent_normalization = [
+ 'data' => [
+ // @todo This is missing the root parent, fix this in https://www.drupal.org/project/jsonapi/issues/2940339
+ [
+ 'id' => Term::load(2)->uuid(),
+ 'type' => 'taxonomy_term--camelids',
+ ],
+ ],
+ 'links' => [
+ 'related' => $self_url . '/parent',
+ 'self' => $self_url . '/relationships/parent',
+ ],
+ ];
+ break;
+
+ case [3, 2]:
+ $expected_parent_normalization = [
+ 'data' => [
+ [
+ 'id' => Term::load(3)->uuid(),
+ 'type' => 'taxonomy_term--camelids',
+ ],
+ [
+ 'id' => Term::load(2)->uuid(),
+ 'type' => 'taxonomy_term--camelids',
+ ],
+ ],
+ 'links' => [
+ 'related' => $self_url . '/parent',
+ 'self' => $self_url . '/relationships/parent',
+ ],
+ ];
+ break;
+ }
+
+ // @todo Remove this when JSON API requires Drupal 8.6 or newer.
+ if (floatval(\Drupal::VERSION) < 8.6) {
+ $expected_parent_normalization = [
+ 'data' => [],
+ 'links' => [
+ 'related' => $self_url . '/parent',
+ 'self' => $self_url . '/relationships/parent',
+ ],
+ ];
+ }
+
+ $document = [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'taxonomy_term--camelids',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'changed' => $this->entity->getChangedTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ /* 'changed' => $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()), */
+ 'default_langcode' => TRUE,
+ 'description' => [
+ 'value' => 'It is a little known fact that llamas cannot count higher than seven.',
+ 'format' => NULL,
+ 'processed' => "It is a little known fact that llamas cannot count higher than seven.
\n",
+ ],
+ 'langcode' => 'en',
+ 'name' => 'Llama',
+ 'path' => [
+ 'alias' => '/llama',
+ 'pid' => 1,
+ 'langcode' => 'en',
+ ],
+ 'tid' => 1,
+ 'uuid' => $this->entity->uuid(),
+ 'weight' => 0,
+ ],
+ 'relationships' => [
+ 'parent' => $expected_parent_normalization,
+ 'vid' => [
+ 'data' => [
+ 'id' => Vocabulary::load('camelids')->uuid(),
+ 'type' => 'taxonomy_vocabulary--taxonomy_vocabulary',
+ ],
+ 'links' => [
+ 'related' => $self_url . '/vid',
+ 'self' => $self_url . '/relationships/vid',
+ ],
+ ],
+ ],
+ ],
+ ];
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ unset($document['data']['attributes']['description']['processed']);
+ }
+ return $document;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'taxonomy_term--camelids',
+ 'attributes' => [
+ 'name' => 'Dramallama',
+ 'description' => [
+ 'value' => 'Dramallamas are the coolest camelids.',
+ 'format' => NULL,
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET':
+ return "The 'access content' permission is required.";
+
+ case 'POST':
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return "The 'administer taxonomy' permission is required.";
+ }
+ return "The following permissions are required: 'create terms in camelids' OR 'administer taxonomy'.";
+
+ case 'PATCH':
+ return "The following permissions are required: 'edit terms in camelids' OR 'administer taxonomy'.";
+
+ case 'DELETE':
+ return "The following permissions are required: 'delete terms in camelids' OR 'administer taxonomy'.";
+
+ default:
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+ }
+
+ /**
+ * Tests PATCHing a term's path.
+ *
+ * For a negative test, see the similar test coverage for Node.
+ *
+ * @see \Drupal\Tests\jsonapi\Functional\NodeTest::testPatchPath()
+ * @see \Drupal\Tests\rest\Functional\EntityResource\Node\NodeResourceTestBase::testPatchPath()
+ */
+ public function testPatchPath() {
+ $this->setUpAuthorization('GET');
+ $this->setUpAuthorization('PATCH');
+
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // GET term's current normalization.
+ $response = $this->request('GET', $url, $request_options);
+ $normalization = Json::decode((string) $response->getBody());
+
+ // Change term's path alias.
+ $normalization['data']['attributes']['path']['alias'] .= 's-rule-the-world';
+
+ // Create term PATCH request.
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // PATCH request: 200.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+ $updated_normalization = Json::decode((string) $response->getBody());
+ $this->assertSame($normalization['data']['attributes']['path']['alias'], $updated_normalization['data']['attributes']['path']['alias']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedCacheTags(array $sparse_fieldset = NULL) {
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return parent::getExpectedCacheTags($sparse_fieldset);
+ }
+
+ $tags = parent::getExpectedCacheTags($sparse_fieldset);
+ if ($sparse_fieldset === NULL || in_array('description', $sparse_fieldset)) {
+ $tags = Cache::mergeTags($tags, ['config:filter.format.plain_text', 'config:filter.settings']);
+ }
+ return $tags;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedCacheContexts(array $sparse_fieldset = NULL) {
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return parent::getExpectedCacheContexts($sparse_fieldset);
+ }
+
+ $contexts = parent::getExpectedCacheContexts($sparse_fieldset);
+ if ($sparse_fieldset === NULL || in_array('description', $sparse_fieldset)) {
+ $contexts = Cache::mergeContexts($contexts, ['languages:language_interface', 'theme']);
+ }
+ return $contexts;
+ }
+
+ /**
+ * Tests GETting a term with a parent term other than the default (0).
+ *
+ * @see ::getExpectedNormalizedEntity()
+ *
+ * @dataProvider providerTestGetIndividualTermWithParent
+ */
+ public function testGetIndividualTermWithParent(array $parent_term_ids) {
+ if (floatval(\Drupal::VERSION) < 8.6) {
+ $this->markTestSkipped('The "parent" field on terms is only available for normalization in Drupal 8.6 and later.');
+ return;
+ }
+
+ // Create all possible parent terms.
+ Term::create(['vid' => Vocabulary::load('camelids')->id()])
+ ->setName('Lamoids')
+ ->save();
+ Term::create(['vid' => Vocabulary::load('camelids')->id()])
+ ->setName('Wimoids')
+ ->save();
+
+ // Modify the entity under test to use the provided parent terms.
+ $this->entity->set('parent', $parent_term_ids)->save();
+
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.%s.individual', static::$resourceTypeName), [static::$entityTypeId => $this->entity->uuid()]);
+ /* $url = $this->entity->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+ $this->setUpAuthorization('GET');
+ $response = $this->request('GET', $url, $request_options);
+ $this->assertSameDocument($this->getExpectedDocument(), Json::decode($response->getBody()));
+ }
+
+ /**
+ * Data provider for ::testGetIndividualTermWithParent().
+ */
+ public function providerTestGetIndividualTermWithParent() {
+ return [
+ 'root parent: [0] (= no parent)' => [
+ [0],
+ ],
+ 'non-root parent: [2]' => [
+ [2],
+ ],
+ 'multiple parents: [0,2] (root + non-root parent)' => [
+ [0, 2],
+ ],
+ 'multiple parents: [3,2] (both non-root parents)' => [
+ [3, 2],
+ ],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/TestCoverageTest.php b/core/modules/jsonapi/tests/src/Functional/TestCoverageTest.php
new file mode 100644
index 0000000..abf1b46
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/TestCoverageTest.php
@@ -0,0 +1,122 @@
+origin === 'core' &&
+ empty($module->info['hidden']) &&
+ $module->status == FALSE &&
+ $module->info['package'] !== 'Testing' &&
+ $module->info['package'] !== 'Core (Experimental)';
+ });
+
+ $this->container->get('module_installer')->install(array_keys($stable_core_modules));
+ $this->rebuildContainer();
+
+ $this->definitions = $this->container->get('entity_type.manager')->getDefinitions();
+
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return;
+ }
+
+ // Entity types marked as "internal" are not exposed by JSON API and hence
+ // also don't need test coverage.
+ $this->definitions = array_filter($this->definitions, function (EntityTypeInterface $entity_type) {
+ return !$entity_type->isInternal();
+ });
+ }
+
+ /**
+ * Tests that all core entity types have JSON API test coverage.
+ */
+ public function testEntityTypeRestTestCoverage() {
+ $problems = [];
+ foreach ($this->definitions as $entity_type_id => $info) {
+ $class_name_full = $info->getClass();
+ $parts = explode('\\', $class_name_full);
+ $class_name = end($parts);
+ $module_name = $parts[1];
+
+ $possible_paths = [
+ 'Drupal\Tests\jsonapi\Functional\CLASSTest',
+ '\Drupal\Tests\\' . $module_name . '\Functional\Jsonapi\CLASSTest',
+ ];
+ foreach ($possible_paths as $path) {
+ $missing_tests = [];
+ $class = str_replace('CLASS', $class_name, $path);
+ if (class_exists($class)) {
+ continue 2;
+ }
+ $missing_tests[] = $class;
+ }
+ if (!empty($missing_tests)) {
+ $missing_tests_list = implode(', ', $missing_tests);
+ $problems[] = "$entity_type_id: $class_name ($class_name_full) (expected tests: $missing_tests_list)";
+ }
+ }
+
+ $all = count($this->definitions);
+ $good = $all - count($problems);
+ $this->assertSame([], $problems, $this->getLlamaMessage($good, $all));
+ }
+
+ /**
+ * Message from Llama.
+ *
+ * @param int $g
+ * A count of entities with test coverage.
+ * @param int $a
+ * A count of all entities.
+ *
+ * @return string
+ * An information about progress of REST test coverage.
+ */
+ protected function getLlamaMessage($g, $a) {
+ return "
+☼
+ _________________________
+ / Hi! \\
+ | It's llame to not have |
+ | complete JSON API tests! |
+ | |
+ | Progress: $g/$a. |
+ | _________________________/
+ |/
+// o
+l'>
+ll
+llama
+|| ||
+'' ''
+";
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/TourTest.php b/core/modules/jsonapi/tests/src/Functional/TourTest.php
new file mode 100644
index 0000000..e2daee5
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/TourTest.php
@@ -0,0 +1,143 @@
+grantPermissionsToTestedRole(['access tour']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $tour = Tour::create([
+ 'id' => 'tour-llama',
+ 'label' => 'Llama tour',
+ 'langcode' => 'en',
+ 'module' => 'tour',
+ 'routes' => [
+ [
+ 'route_name' => '',
+ ],
+ ],
+ 'tips' => [
+ 'tour-llama-1' => [
+ 'id' => 'tour-llama-1',
+ 'plugin' => 'text',
+ 'label' => 'Llama',
+ 'body' => 'Who handle the awesomeness of llamas?',
+ 'weight' => 100,
+ 'attributes' => [
+ 'data-id' => 'tour-llama-1',
+ ],
+ ],
+ ],
+ ]);
+ $tour->save();
+
+ return $tour;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/tour/tour/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'tour--tour',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [],
+ 'id' => 'tour-llama',
+ 'label' => 'Llama tour',
+ 'langcode' => 'en',
+ 'module' => 'tour',
+ 'routes' => [
+ [
+ 'route_name' => '',
+ ],
+ ],
+ 'status' => TRUE,
+ 'tips' => [
+ 'tour-llama-1' => [
+ 'id' => 'tour-llama-1',
+ 'plugin' => 'text',
+ 'label' => 'Llama',
+ 'body' => 'Who handle the awesomeness of llamas?',
+ 'weight' => 100,
+ 'attributes' => [
+ 'data-id' => 'tour-llama-1',
+ ],
+ ],
+ ],
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ return "The following permissions are required: 'access tour' OR 'administer site configuration'.";
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/UserTest.php b/core/modules/jsonapi/tests/src/Functional/UserTest.php
new file mode 100644
index 0000000..fc21d7a
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/UserTest.php
@@ -0,0 +1,447 @@
+ NULL,
+ ];
+
+ /**
+ * {@inheritdoc}
+ *
+ * @var \Drupal\taxonomy\TermInterface
+ */
+ protected $entity;
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $labelFieldName = 'name';
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $firstCreatedEntityId = 4;
+
+ /**
+ * {@inheritdoc}
+ */
+ protected static $secondCreatedEntityId = 5;
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUpAuthorization($method) {
+ // @todo Remove this in
+ $this->grantPermissionsToTestedRole(['access content']);
+
+ switch ($method) {
+ case 'GET':
+ $this->grantPermissionsToTestedRole(['access user profiles']);
+ break;
+
+ case 'POST':
+ case 'PATCH':
+ case 'DELETE':
+ $this->grantPermissionsToTestedRole(['administer users']);
+ break;
+ }
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ // Create a "Llama" user.
+ $user = User::create(['created' => 123456789]);
+ $user->setUsername('Llama')
+ ->setChangedTime(123456789)
+ ->activate()
+ ->save();
+
+ return $user;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createAnotherEntity() {
+ /** @var \Drupal\user\UserInterface $user */
+ $user = $this->entity->createDuplicate();
+ $user->setUsername($user->label() . '_dupe');
+ $user->save();
+ return $user;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/user/user/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'user--user',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'created' => 123456789,
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ // 'created' => $this->formatExpectedTimestampItemValues(123456789),
+ 'changed' => $this->entity->getChangedTime(),
+ // @todo uncomment this in https://www.drupal.org/project/jsonapi/issues/2929932
+ // 'changed' => $this->formatExpectedTimestampItemValues($this->entity->getChangedTime()),
+ 'default_langcode' => TRUE,
+ 'langcode' => 'en',
+ 'name' => 'Llama',
+ 'uid' => 3,
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ return [
+ 'data' => [
+ 'type' => 'user--user',
+ 'attributes' => [
+ 'name' => 'Dramallama',
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ switch ($method) {
+ case 'GET':
+ return "The 'access user profiles' permission is required and the user must be active.";
+
+ case 'PATCH':
+ case 'DELETE':
+ return '';
+
+ default:
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+ }
+
+ /**
+ * Tests PATCHing security-sensitive base fields of the logged in account.
+ */
+ public function testPatchDxForSecuritySensitiveBaseFields() {
+ $original_normalization = $this->entityToJsonApi->normalize($this->account);
+ // @todo Remove the array_diff_key() call in https://www.drupal.org/node/2821077.
+ $original_normalization['data']['attributes'] = array_diff_key(
+ $original_normalization['data']['attributes'],
+ ['created' => TRUE, 'changed' => TRUE, 'name' => TRUE]
+ );
+
+ // Since this test must be performed by the user that is being modified,
+ // we must use $this->account, not $this->entity.
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.user--user.individual'), ['user' => $this->account->uuid()]);
+ /* $url = $this->account->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // Test case 1: changing email.
+ $normalization = $original_normalization;
+ $normalization['data']['attributes']['mail'] = 'new-email@example.com';
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // DX: 422 when changing email without providing the password.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Unprocessable Entity',
+ 'status' => 422,
+ 'detail' => 'mail: Your current password is missing or incorrect; it\'s required to change the Email.',
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data/attributes/mail',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(422, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(422, 'Unprocessable Entity', 'mail: Your current password is missing or incorrect; it\'s required to change the Email.', $response, '/data/attributes/mail'); */
+
+ $normalization['data']['attributes']['pass']['existing'] = 'wrong';
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // DX: 422 when changing email while providing a wrong password.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(422, $expected_document, $response);
+
+ $normalization['data']['attributes']['pass']['existing'] = $this->account->passRaw;
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // 200 for well-formed request.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+
+ // Test case 2: changing password.
+ $normalization = $original_normalization;
+ $normalization['data']['attributes']['mail'] = 'new-email@example.com';
+ $new_password = $this->randomString();
+ $normalization['data']['attributes']['pass']['value'] = $new_password;
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // DX: 422 when changing password without providing the current password.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Unprocessable Entity',
+ 'status' => 422,
+ 'detail' => 'pass: Your current password is missing or incorrect; it\'s required to change the Password.',
+ 'code' => 0,
+ 'source' => [
+ 'pointer' => '/data/attributes/pass',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(422, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(422, 'Unprocessable Entity', 'pass: Your current password is missing or incorrect; it\'s required to change the Password.', $response, '/data/attributes/pass'); */
+
+ $normalization['data']['attributes']['pass']['existing'] = $this->account->passRaw;
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // 200 for well-formed request.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+
+ // Verify that we can log in with the new password.
+ $this->assertRpcLogin($this->account->getAccountName(), $new_password);
+
+ // Update password in $this->account, prepare for future requests.
+ $this->account->passRaw = $new_password;
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // Test case 3: changing name.
+ $normalization = $original_normalization;
+ $normalization['data']['attributes']['mail'] = 'new-email@example.com';
+ $normalization['data']['attributes']['pass']['existing'] = $new_password;
+ $normalization['data']['attributes']['name'] = 'Cooler Llama';
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // DX: 403 when modifying username without required permission.
+ $response = $this->request('PATCH', $url, $request_options);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => 'The current user is not allowed to PATCH the selected field (name).',
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/user--user/' . $this->account->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/name',
+ ],
+ ],
+ ],
+ ];
+ $this->assertResourceResponse(403, $expected_document, $response);
+ /* $this->assertResourceErrorResponse(403, 'Forbidden', 'The current user is not allowed to PATCH the selected field (name).', $response, '/data/attributes/name'); */
+
+ $this->grantPermissionsToTestedRole(['change own username']);
+
+ // 200 for well-formed request.
+ $response = $this->request('PATCH', $url, $request_options);
+ $this->assertResourceResponse(200, FALSE, $response);
+
+ // Verify that we can log in with the new username.
+ $this->assertRpcLogin('Cooler Llama', $new_password);
+ }
+
+ /**
+ * Verifies that logging in with the given username and password works.
+ *
+ * @param string $username
+ * The username to log in with.
+ * @param string $password
+ * The password to log in with.
+ */
+ protected function assertRpcLogin($username, $password) {
+ $request_body = [
+ 'name' => $username,
+ 'pass' => $password,
+ ];
+ $request_options = [
+ RequestOptions::HEADERS => [],
+ RequestOptions::BODY => Json::encode($request_body),
+ ];
+ $response = $this->request('POST', Url::fromRoute('user.login.http')->setRouteParameter('_format', 'json'), $request_options);
+ $this->assertSame(200, $response->getStatusCode());
+ }
+
+ /**
+ * Tests PATCHing security-sensitive base fields to change other users.
+ */
+ public function testPatchSecurityOtherUser() {
+ $original_normalization = $this->entityToJsonApi->normalize($this->account);
+
+ // Since this test must be performed by the user that is being modified,
+ // we must use $this->account, not $this->entity.
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $url = Url::fromRoute(sprintf('jsonapi.user--user.individual'), ['user' => $this->account->uuid()]);
+ /* $url = $this->account->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ $normalization = $original_normalization;
+ $normalization['data']['attributes']['mail'] = 'new-email@example.com';
+ $request_options[RequestOptions::BODY] = Json::encode($normalization);
+
+ // Try changing user 1's email.
+ $user1 = $original_normalization;
+ $user1['data']['attributes']['mail'] = 'another_email_address@example.com';
+ $user1['data']['attributes']['uid'] = 1;
+ $user1['data']['attributes']['name'] = 'another_user_name';
+ $user1['data']['attributes']['pass']['existing'] = $this->account->passRaw;
+ $request_options[RequestOptions::BODY] = Json::encode($user1);
+ $response = $this->request('PATCH', $url, $request_options);
+ // Ensure the email address has not changed.
+ $this->assertEquals('admin@example.com', $this->entityStorage->loadUnchanged(1)->getEmail());
+ $expected_document = [
+ 'errors' => [
+ [
+ 'title' => 'Forbidden',
+ 'status' => 403,
+ 'detail' => 'The current user is not allowed to PATCH the selected field (uid). The entity ID cannot be changed',
+ 'links' => [
+ 'info' => HttpExceptionNormalizer::getInfoUrl(403),
+ ],
+ 'code' => 0,
+ 'id' => '/user--user/' . $this->account->uuid(),
+ 'source' => [
+ 'pointer' => '/data/attributes/uid',
+ ],
+ ],
+ ],
+ ];
+ // @todo Uncomment this assertion in https://www.drupal.org/project/jsonapi/issues/2939810.
+ // $this->assertResourceResponse(403, $expected_document, $response);
+ // @todo Remove $expected + assertResourceResponse() in favor of the commented line below once https://www.drupal.org/project/jsonapi/issues/2943176 lands.
+ /* $this->assertResourceErrorResponse(403, 'Forbidden', 'The current user is not allowed to PATCH the selected field (uid). The entity ID cannot be changed', $response, '/data/attributes/uid'); */
+ }
+
+ /**
+ * Tests GETting privacy-sensitive base fields.
+ */
+ public function testGetMailFieldOnlyVisibleToOwner() {
+ // Create user B, with the same roles (and hence permissions) as user A.
+ $user_a = $this->account;
+ $pass = user_password();
+ $user_b = User::create([
+ 'name' => 'sibling-of-' . $user_a->getAccountName(),
+ 'mail' => 'sibling-of-' . $user_a->getAccountName() . '@example.com',
+ 'pass' => $pass,
+ 'status' => 1,
+ 'roles' => $user_a->getRoles(),
+ ]);
+ $user_b->save();
+ $user_b->passRaw = $pass;
+
+ // Grant permission to role that both users use.
+ $this->grantPermissionsToTestedRole(['access user profiles']);
+
+ $collection_url = Url::fromRoute('jsonapi.user--user.collection');
+ // @todo Remove line below in favor of commented line in https://www.drupal.org/project/jsonapi/issues/2878463.
+ $user_a_url = Url::fromRoute(sprintf('jsonapi.user--user.individual'), ['user' => $user_a->uuid()]);
+ /* $user_a_url = $user_a->toUrl('jsonapi'); */
+ $request_options = [];
+ $request_options[RequestOptions::HEADERS]['Accept'] = 'application/vnd.api+json';
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+
+ // Viewing user A as user A: "mail" field is accessible.
+ $response = $this->request('GET', $user_a_url, $request_options);
+ $doc = Json::decode((string) $response->getBody());
+ $this->assertArrayHasKey('mail', $doc['data']['attributes']);
+ // Also when looking at the collection.
+ $response = $this->request('GET', $collection_url, $request_options);
+ $doc = Json::decode((string) $response->getBody());
+ $this->assertArrayHasKey('mail', $doc['data'][1]['attributes']);
+ $this->assertArrayNotHasKey('mail', $doc['data'][3]['attributes']);
+
+ // Now request the same URLs, but as user B (same roles/permissions).
+ $this->account = $user_b;
+ $request_options = NestedArray::mergeDeep($request_options, $this->getAuthenticationRequestOptions());
+ // Viewing user A as user B: "mail" field should be inaccessible.
+ $response = $this->request('GET', $user_a_url, $request_options);
+ $doc = Json::decode((string) $response->getBody());
+ $this->assertArrayNotHasKey('mail', $doc['data']['attributes']);
+ // Also when looking at the collection.
+ $response = $this->request('GET', $collection_url, $request_options);
+ $doc = Json::decode((string) $response->getBody());
+ $this->assertArrayNotHasKey('mail', $doc['data'][1]['attributes']);
+ $this->assertArrayHasKey('mail', $doc['data'][3]['attributes']);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/ViewTest.php b/core/modules/jsonapi/tests/src/Functional/ViewTest.php
new file mode 100644
index 0000000..97644e6
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/ViewTest.php
@@ -0,0 +1,123 @@
+grantPermissionsToTestedRole(['administer views']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $view = View::create([
+ 'id' => 'test_rest',
+ 'label' => 'Test REST',
+ ]);
+ $view->save();
+ return $view;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/view/view/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'view--view',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'base_field' => 'nid',
+ 'base_table' => 'node',
+ 'core' => '8.x',
+ 'dependencies' => [],
+ 'description' => '',
+ 'display' => [
+ 'default' => [
+ 'display_plugin' => 'default',
+ 'id' => 'default',
+ 'display_title' => 'Master',
+ 'position' => 0,
+ 'display_options' => [
+ 'display_extenders' => [],
+ ],
+ 'cache_metadata' => [
+ 'max-age' => -1,
+ 'contexts' => [
+ 'languages:language_interface',
+ 'url.query_args',
+ ],
+ 'tags' => [],
+ ],
+ ],
+ ],
+ 'id' => 'test_rest',
+ 'label' => 'Test REST',
+ 'langcode' => 'en',
+ 'module' => 'views',
+ 'status' => TRUE,
+ 'tag' => '',
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/VocabularyTest.php b/core/modules/jsonapi/tests/src/Functional/VocabularyTest.php
new file mode 100644
index 0000000..be4d04e
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/VocabularyTest.php
@@ -0,0 +1,116 @@
+grantPermissionsToTestedRole(['administer taxonomy']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $vocabulary = Vocabulary::create([
+ 'name' => 'Llama',
+ 'vid' => 'llama',
+ ]);
+ $vocabulary->save();
+
+ return $vocabulary;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/taxonomy_vocabulary/taxonomy_vocabulary/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'taxonomy_vocabulary--taxonomy_vocabulary',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'uuid' => $this->entity->uuid(),
+ 'vid' => 'llama',
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'dependencies' => [],
+ 'name' => 'Llama',
+ 'description' => NULL,
+ 'hierarchy' => 0,
+ 'weight' => 0,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedUnauthorizedAccessMessage($method) {
+ if ($method === 'GET') {
+ // @todo Remove this when JSON API requires Drupal 8.5 or newer.
+ if (floatval(\Drupal::VERSION) < 8.5) {
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+ return "The following permissions are required: 'access taxonomy overview' OR 'administer taxonomy'.";
+ }
+ return parent::getExpectedUnauthorizedAccessMessage($method);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Functional/WorkflowTest.php b/core/modules/jsonapi/tests/src/Functional/WorkflowTest.php
new file mode 100644
index 0000000..b4c41ab
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Functional/WorkflowTest.php
@@ -0,0 +1,127 @@
+grantPermissionsToTestedRole(['administer workflows']);
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function createEntity() {
+ $workflow = Workflow::create([
+ 'id' => 'rest_workflow',
+ 'label' => 'REST Worklow',
+ 'type' => 'workflow_type_complex_test',
+ ]);
+ $workflow
+ ->getTypePlugin()
+ ->addState('draft', 'Draft')
+ ->addState('published', 'Published');
+ $configuration = $workflow->getTypePlugin()->getConfiguration();
+ $configuration['example_setting'] = 'foo';
+ $configuration['states']['draft']['extra'] = 'bar';
+ $workflow->getTypePlugin()->setConfiguration($configuration);
+ $workflow->save();
+ return $workflow;
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getExpectedDocument() {
+ $self_url = Url::fromUri('base:/jsonapi/workflow/workflow/' . $this->entity->uuid())->setAbsolute()->toString(TRUE)->getGeneratedUrl();
+ return [
+ 'jsonapi' => [
+ 'meta' => [
+ 'links' => [
+ 'self' => 'http://jsonapi.org/format/1.0/',
+ ],
+ ],
+ 'version' => '1.0',
+ ],
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'data' => [
+ 'id' => $this->entity->uuid(),
+ 'type' => 'workflow--workflow',
+ 'links' => [
+ 'self' => $self_url,
+ ],
+ 'attributes' => [
+ 'dependencies' => [
+ 'module' => [
+ 'workflow_type_test',
+ ],
+ ],
+ 'id' => 'rest_workflow',
+ 'label' => 'REST Worklow',
+ 'langcode' => 'en',
+ 'status' => TRUE,
+ 'type' => 'workflow_type_complex_test',
+ 'type_settings' => [
+ 'states' => [
+ 'draft' => [
+ 'extra' => 'bar',
+ 'label' => 'Draft',
+ 'weight' => 0,
+ ],
+ 'published' => [
+ 'label' => 'Published',
+ 'weight' => 1,
+ ],
+ ],
+ 'transitions' => [],
+ 'example_setting' => 'foo',
+ ],
+ 'uuid' => $this->entity->uuid(),
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function getPostDocument() {
+ // @todo Update in https://www.drupal.org/node/2300677.
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Context/FieldResolverTest.php b/core/modules/jsonapi/tests/src/Kernel/Context/FieldResolverTest.php
new file mode 100644
index 0000000..26a6796
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Context/FieldResolverTest.php
@@ -0,0 +1,182 @@
+sut = \Drupal::service('jsonapi.field_resolver');
+
+ $this->makeBundle('bundle1');
+ $this->makeBundle('bundle2');
+ $this->makeBundle('bundle3');
+
+ $this->makeField('string', 'field_test1', 'entity_test_with_bundle', ['bundle1']);
+ $this->makeField('string', 'field_test2', 'entity_test_with_bundle', ['bundle1']);
+ $this->makeField('string', 'field_test3', 'entity_test_with_bundle', ['bundle2', 'bundle3']);
+
+ // Provides entity reference fields.
+ $settings = ['target_type' => 'entity_test_with_bundle'];
+ $this->makeField('entity_reference', 'field_test_ref1', 'entity_test_with_bundle', ['bundle1'], $settings, [
+ 'handler_settings' => [
+ 'target_bundles' => ['bundle2', 'bundle3'],
+ ],
+ ]);
+ $this->makeField('entity_reference', 'field_test_ref2', 'entity_test_with_bundle', ['bundle1'], $settings);
+ $this->makeField('entity_reference', 'field_test_ref3', 'entity_test_with_bundle', ['bundle2', 'bundle3'], $settings);
+
+ // Add a field with multiple properties.
+ $this->makeField('text', 'field_test_text', 'entity_test_with_bundle', ['bundle1', 'bundle2']);
+ }
+
+ /**
+ * @covers ::resolveInternal
+ * @dataProvider resolveInternalProvider
+ */
+ public function testResolveInternal($expect, $external_path, $entity_type_id = 'entity_test_with_bundle', $bundle = 'bundle1') {
+ $this->assertEquals($expect, $this->sut->resolveInternal($entity_type_id, $bundle, $external_path));
+ }
+
+ /**
+ * Provides test cases for field resolution.
+ */
+ public function resolveInternalProvider() {
+ return [
+ // Config entities.
+ ['uuid', 'uuid', 'entity_test_bundle', 'entity_test_bundle'],
+ ['type.entity.uuid', 'type.uuid'],
+
+ // Content entities.
+ ['field_test1', 'field_test1'],
+ ['field_test2', 'field_test2'],
+
+ ['field_test_ref2.entity.field_test1', 'field_test_ref2.field_test1'],
+ ['field_test_ref2.entity.field_test2', 'field_test_ref2.field_test2'],
+
+ ['field_test_ref1.entity.field_test_text', 'field_test_ref1.field_test_text'],
+ ['field_test_ref1.entity.field_test_text.value', 'field_test_ref1.field_test_text.value'],
+ ['field_test_ref1.entity.field_test_text.format', 'field_test_ref1.field_test_text.format'],
+ ['field_test_ref2.entity.field_test_text', 'field_test_ref2.field_test_text'],
+ ['field_test_ref2.entity.field_test_text.value', 'field_test_ref2.field_test_text.value'],
+ ['field_test_ref2.entity.field_test_text.format', 'field_test_ref2.field_test_text.format'],
+ ];
+ }
+
+ /**
+ * Expects an error when an invalid field is provided.
+ *
+ * @param string $entity_type
+ * The entity type for which to test field resolution.
+ * @param string $bundle
+ * The entity bundle for which to test field resolution.
+ * @param string $external_path
+ * The external field path to resolve.
+ *
+ * @covers ::resolveInternal
+ * @dataProvider resolveInternalErrorProvider
+ */
+ public function testResolveInternalError($entity_type, $bundle, $external_path) {
+ $this->setExpectedException(BadRequestHttpException::class);
+ $this->sut->resolveInternal($entity_type, $bundle, $external_path);
+ }
+
+ /**
+ * Provides test cases for ::testResolveInternalError.
+ */
+ public function resolveInternalErrorProvider() {
+ return [
+ // Should fail because none of these bundles have these fields.
+ ['entity_test_with_bundle', 'bundle1', 'host.fail!!.deep'],
+ ['entity_test_with_bundle', 'bundle2', 'field_test_ref2'],
+ ['entity_test_with_bundle', 'bundle1', 'field_test_ref3'],
+ // Should fail because the nested fields don't exist on the targeted
+ // resource types.
+ ['entity_test_with_bundle', 'bundle1', 'field_test_ref1.field_test1'],
+ ['entity_test_with_bundle', 'bundle1', 'field_test_ref1.field_test2'],
+ ['entity_test_with_bundle', 'bundle1', 'field_test_ref1.field_test_ref1'],
+ ['entity_test_with_bundle', 'bundle1', 'field_test_ref1.field_test_ref2'],
+ ];
+ }
+
+ /**
+ * Create a simple bundle.
+ *
+ * @param string $name
+ * The name of the bundle to create.
+ */
+ protected function makeBundle($name) {
+ EntityTestBundle::create([
+ 'id' => $name,
+ ])->save();
+ }
+
+ /**
+ * Creates a field for a specified entity type/bundle.
+ *
+ * @param string $type
+ * The field type.
+ * @param string $name
+ * The name of the field to create.
+ * @param string $entity_type
+ * The entity type to which the field will be attached.
+ * @param string[] $bundles
+ * The entity bundles to which the field will be attached.
+ * @param array $storage_settings
+ * Custom storage settings for the field.
+ * @param array $config_settings
+ * Custom configuration settings for the field.
+ */
+ protected function makeField($type, $name, $entity_type, array $bundles, array $storage_settings = [], array $config_settings = []) {
+ $storage_config = [
+ 'field_name' => $name,
+ 'type' => $type,
+ 'entity_type' => $entity_type,
+ 'settings' => $storage_settings,
+ ];
+
+ FieldStorageConfig::create($storage_config)->save();
+
+ foreach ($bundles as $bundle) {
+ FieldConfig::create([
+ 'field_name' => $name,
+ 'entity_type' => $entity_type,
+ 'bundle' => $bundle,
+ 'settings' => $config_settings,
+ ])->save();
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Controller/EntityResourceTest.php b/core/modules/jsonapi/tests/src/Kernel/Controller/EntityResourceTest.php
new file mode 100644
index 0000000..1ec3699
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Controller/EntityResourceTest.php
@@ -0,0 +1,974 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+ NodeType::create([
+ 'type' => 'lorem',
+ ])->save();
+ $type = NodeType::create([
+ 'type' => 'article',
+ ]);
+ $type->save();
+ $this->user = User::create([
+ 'name' => 'user1',
+ 'mail' => 'user@localhost',
+ 'status' => 1,
+ 'roles' => ['test_role_one', 'test_role_two'],
+ ]);
+ $this->createEntityReferenceField('node', 'article', 'field_relationships', 'Relationship', 'node', 'default', ['target_bundles' => ['article']], FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED);
+ $this->user->save();
+
+ $this->node = Node::create([
+ 'title' => 'dummy_title',
+ 'type' => 'article',
+ 'uid' => $this->user->id(),
+ ]);
+ $this->node->save();
+
+ $this->node2 = Node::create([
+ 'type' => 'article',
+ 'title' => 'Another test node',
+ 'uid' => $this->user->id(),
+ ]);
+ $this->node2->save();
+
+ $this->node3 = Node::create([
+ 'type' => 'article',
+ 'title' => 'Unpublished test node',
+ 'uid' => $this->user->id(),
+ 'status' => 0,
+ ]);
+ $this->node3->save();
+
+ $this->node4 = Node::create([
+ 'type' => 'article',
+ 'title' => 'Test node with related nodes',
+ 'uid' => $this->user->id(),
+ 'field_relationships' => [
+ ['target_id' => $this->node->id()],
+ ['target_id' => $this->node2->id()],
+ ['target_id' => $this->node3->id()],
+ ],
+ ]);
+ $this->node4->save();
+
+ // Give anonymous users permission to view user profiles, so that we can
+ // verify the cache tags of cached versions of user profile pages.
+ array_map(function ($role_id) {
+ Role::create([
+ 'id' => $role_id,
+ 'permissions' => [
+ 'access user profiles',
+ 'access content',
+ ],
+ ])->save();
+ }, [RoleInterface::ANONYMOUS_ID, 'test_role_one', 'test_role_two']);
+ }
+
+ /**
+ * @covers ::getIndividual
+ */
+ public function testGetIndividual() {
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->getIndividual($this->node, new Request());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertEquals(1, $response->getResponseData()->getData()->id());
+ }
+
+ /**
+ * @covers ::getIndividual
+ */
+ public function testGetIndividualDenied() {
+ $role = Role::load(RoleInterface::ANONYMOUS_ID);
+ $role->revokePermission('access content');
+ $role->save();
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $this->setExpectedException(EntityAccessDeniedHttpException::class);
+ $entity_resource->getIndividual($this->node, new Request());
+ }
+
+ /**
+ * @covers ::getCollection
+ */
+ public function testGetCollection() {
+ $request = new Request([], [], [
+ '_route_params' => ['_json_api_params' => []],
+ '_json_api_params' => [],
+ ]);
+
+ // Get the response.
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->getCollection($request);
+
+ // Assertions.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response->getResponseData()->getData());
+ $this->assertEquals(1, $response->getResponseData()->getData()->getIterator()->current()->id());
+ $this->assertEquals([
+ 'node:1',
+ 'node:2',
+ 'node:3',
+ 'node:4',
+ 'node_list',
+ ], $response->getCacheableMetadata()->getCacheTags());
+ }
+
+ /**
+ * @covers ::getCollection
+ */
+ public function testGetFilteredCollection() {
+ $field_manager = $this->container->get('entity_field.manager');
+ $filter = new Filter(new EntityConditionGroup('AND', [new EntityCondition('type', 'article')]));
+ // The fake route.
+ $route = new Route(NULL, [], [
+ '_entity_type' => 'node',
+ '_bundle' => 'article',
+ ]);
+ // The request.
+ $request = new Request([], [], [
+ '_route_params' => [
+ '_json_api_params' => [
+ 'filter' => $filter,
+ ],
+ ],
+ '_json_api_params' => [
+ 'filter' => $filter,
+ ],
+ '_route_object' => $route,
+ ]);
+ $request_stack = new RequestStack();
+ $request_stack->push($request);
+ // Get the entity resource.
+ $current_context = new CurrentContext(
+ $this->container->get('jsonapi.resource_type.repository'),
+ $request_stack,
+ new CurrentRouteMatch($request_stack)
+ );
+ $this->container->set('jsonapi.current_context', $current_context);
+
+ $entity_resource = new EntityResource(
+ $this->container->get('jsonapi.resource_type.repository')->get('node_type', 'node_type'),
+ $this->container->get('entity_type.manager'),
+ $field_manager,
+ $current_context,
+ $this->container->get('plugin.manager.field.field_type'),
+ $this->container->get('jsonapi.link_manager'),
+ $this->container->get('jsonapi.resource_type.repository')
+ );
+
+ // Get the response.
+ $response = $entity_resource->getCollection($request);
+
+ // Assertions.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response->getResponseData()->getData());
+ $this->assertCount(1, $response->getResponseData()->getData());
+ $this->assertEquals(['config:node_type_list'], $response->getCacheableMetadata()->getCacheTags());
+ }
+
+ /**
+ * @covers ::getCollection
+ */
+ public function testGetSortedCollection() {
+ // Fake the request.
+ $field_manager = $this->container->get('entity_field.manager');
+ // The fake route.
+ $route = new Route(NULL, [], [
+ '_entity_type' => 'node',
+ '_bundle' => 'article',
+ ]);
+ $sort = new Sort([['path' => 'type', 'direction' => 'DESC']]);
+ // The request.
+ $request = new Request([], [], [
+ '_route_params' => [
+ '_json_api_params' => [
+ 'sort' => $sort,
+ ],
+ ],
+ '_json_api_params' => [
+ 'sort' => $sort,
+ ],
+ '_route_object' => $route,
+ ]);
+ $request_stack = new RequestStack();
+ $request_stack->push($request);
+ // Get the entity resource.
+ $current_context = new CurrentContext(
+ $this->container->get('jsonapi.resource_type.repository'),
+ $request_stack,
+ new CurrentRouteMatch($request_stack)
+ );
+ $this->container->set('jsonapi.current_context', $current_context);
+
+ $entity_resource = new EntityResource(
+ $this->container->get('jsonapi.resource_type.repository')->get('node_type', 'node_type'),
+ $this->container->get('entity_type.manager'),
+ $field_manager,
+ $current_context,
+ $this->container->get('plugin.manager.field.field_type'),
+ $this->container->get('jsonapi.link_manager'),
+ $this->container->get('jsonapi.resource_type.repository')
+ );
+
+ // Get the response.
+ $response = $entity_resource->getCollection($request);
+
+ // Assertions.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response->getResponseData()->getData());
+ $this->assertCount(2, $response->getResponseData()->getData());
+ $this->assertEquals($response->getResponseData()->getData()->toArray()[0]->id(), 'lorem');
+ $this->assertEquals(['config:node_type_list'], $response->getCacheableMetadata()->getCacheTags());
+ }
+
+ /**
+ * @covers ::getCollection
+ */
+ public function testGetPagedCollection() {
+ // Fake the request.
+ $field_manager = $this->container->get('entity_field.manager');
+ // The fake route.
+ $route = new Route(NULL, [], [
+ '_entity_type' => 'node',
+ '_bundle' => 'article',
+ ]);
+ $pager = new OffsetPage(1, 1);
+ // The request.
+ $request = new Request([], [], [
+ '_route_params' => [
+ '_json_api_params' => [
+ 'page' => $pager,
+ ],
+ ],
+ '_json_api_params' => [
+ 'page' => $pager,
+ ],
+ '_route_object' => $route,
+ ]);
+ $request_stack = new RequestStack();
+ $request_stack->push($request);
+ // Get the entity resource.
+ $current_context = new CurrentContext(
+ $this->container->get('jsonapi.resource_type.repository'),
+ $request_stack,
+ new CurrentRouteMatch($request_stack)
+ );
+ $this->container->set('jsonapi.current_context', $current_context);
+
+ $entity_resource = new EntityResource(
+ $this->container->get('jsonapi.resource_type.repository')->get('node', 'article'),
+ $this->container->get('entity_type.manager'),
+ $field_manager,
+ $current_context,
+ $this->container->get('plugin.manager.field.field_type'),
+ $this->container->get('jsonapi.link_manager'),
+ $this->container->get('jsonapi.resource_type.repository')
+ );
+
+ // Get the response.
+ $response = $entity_resource->getCollection($request);
+
+ // Assertions.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response->getResponseData()->getData());
+ $data = $response->getResponseData()->getData();
+ $this->assertCount(1, $data);
+ $this->assertEquals(2, $data->toArray()[0]->id());
+ $this->assertEquals(['node:2', 'node_list'], $response->getCacheableMetadata()->getCacheTags());
+ }
+
+ /**
+ * @covers ::getCollection
+ */
+ public function testGetEmptyCollection() {
+ $filter = new Filter(new EntityConditionGroup('AND', [new EntityCondition('uuid', 'invalid')]));
+ $request = new Request([], [], [
+ '_route_params' => [
+ '_json_api_params' => [
+ 'filter' => $filter,
+ ],
+ ],
+ '_json_api_params' => [
+ 'filter' => $filter,
+ ],
+ ]);
+
+ // Get the response.
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->getCollection($request);
+
+ // Assertions.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response->getResponseData()->getData());
+ $this->assertEquals(0, $response->getResponseData()->getData()->count());
+ $this->assertEquals(['node_list'], $response->getCacheableMetadata()->getCacheTags());
+ }
+
+ /**
+ * @covers ::getRelated
+ */
+ public function testGetRelated() {
+ // to-one relationship.
+ $entity_resource = $this->buildEntityResource('node', 'article', [
+ 'uid' => [new ResourceType('user', 'user', NULL)],
+ 'roles' => [new ResourceType('user_role', 'user_role', NULL)],
+ 'field_relationships' => [new ResourceType('node', 'article', NULL)],
+ ]);
+ $response = $entity_resource->getRelated($this->node, 'uid', new Request());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(User::class, $response->getResponseData()
+ ->getData());
+ $this->assertEquals(1, $response->getResponseData()->getData()->id());
+ $this->assertEquals(
+ ['node:1', 'user:1'],
+ $response->getCacheableMetadata()->getCacheTags()
+ );
+ // to-many relationship.
+ $response = $entity_resource->getRelated($this->node4, 'field_relationships', new Request());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response
+ ->getResponseData());
+ $this->assertInstanceOf(EntityCollection::class, $response
+ ->getResponseData()
+ ->getData());
+ $this->assertEquals(
+ ['node:1', 'node:2', 'node:3', 'node:4'],
+ $response->getCacheableMetadata()->getCacheTags()
+ );
+ }
+
+ /**
+ * @covers ::getRelationship
+ */
+ public function testGetRelationship() {
+ // to-one relationship.
+ $entity_resource = $this->buildEntityResource('node', 'article', [
+ 'uid' => [new ResourceType('user', 'user', NULL)],
+ ]);
+ $response = $entity_resource->getRelationship($this->node, 'uid', new Request());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertInstanceOf(
+ EntityReferenceFieldItemListInterface::class,
+ $response->getResponseData()->getData()
+ );
+ $this->assertEquals(1, $response
+ ->getResponseData()
+ ->getData()
+ ->getEntity()
+ ->id()
+ );
+ $this->assertEquals('node', $response
+ ->getResponseData()
+ ->getData()
+ ->getEntity()
+ ->getEntityTypeId()
+ );
+ }
+
+ /**
+ * @covers ::createIndividual
+ */
+ public function testCreateIndividual() {
+ $node = Node::create([
+ 'type' => 'article',
+ 'title' => 'Lorem ipsum',
+ ]);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('create article content')
+ ->save();
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->createIndividual($node, new Request());
+ // As a side effect, the node will also be saved.
+ $this->assertNotEmpty($node->id());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertEquals(5, $response->getResponseData()->getData()->id());
+ $this->assertEquals(201, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::createIndividual
+ */
+ public function testCreateIndividualWithMissingRequiredData() {
+ $node = Node::create([
+ 'type' => 'article',
+ // No title specified, even if its required.
+ ]);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('create article content')
+ ->save();
+ $this->setExpectedException(HttpException::class, 'Unprocessable Entity: validation failed.');
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $entity_resource->createIndividual($node, new Request());
+ }
+
+ /**
+ * @covers ::createIndividual
+ */
+ public function testCreateIndividualConfig() {
+ $node_type = NodeType::create([
+ 'type' => 'test',
+ 'name' => 'Test Type',
+ 'description' => 'Lorem ipsum',
+ ]);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('administer content types')
+ ->save();
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->createIndividual($node_type, new Request());
+ // As a side effect, the node type will also be saved.
+ $this->assertNotEmpty($node_type->id());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $this->assertEquals('test', $response->getResponseData()->getData()->id());
+ $this->assertEquals(201, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::createIndividual
+ */
+ public function testCreateIndividualDuplicateError() {
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('create article content')
+ ->save();
+
+ $node = Node::create([
+ 'type' => 'article',
+ 'title' => 'Lorem ipsum',
+ ]);
+ $node->save();
+ $node->enforceIsNew();
+
+ $this->setExpectedException(ConflictHttpException::class, 'Conflict: Entity already exists.');
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $entity_resource->createIndividual($node, new Request());
+ }
+
+ /**
+ * @covers ::patchIndividual
+ * @dataProvider patchIndividualProvider
+ */
+ public function testPatchIndividual($values) {
+ $parsed_node = Node::create($values);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('edit any article content')
+ ->save();
+ $payload = Json::encode([
+ 'data' => [
+ 'type' => 'article',
+ 'id' => $this->node->uuid(),
+ 'attributes' => [
+ 'title' => '',
+ 'field_relationships' => '',
+ ],
+ ],
+ ]);
+ $request = new Request([], [], [], [], [], [], $payload);
+
+ // Create a new EntityResource that uses uuid.
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->patchIndividual($this->node, $parsed_node, $request);
+
+ // As a side effect, the node will also be saved.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $updated_node = $response->getResponseData()->getData();
+ $this->assertInstanceOf(Node::class, $updated_node);
+ $this->assertSame($values['title'], $this->node->getTitle());
+ $this->assertSame($values['field_relationships'], $this->node->get('field_relationships')->getValue());
+ $this->assertEquals(200, $response->getStatusCode());
+ }
+
+ /**
+ * Provides data for the testPatchIndividual.
+ *
+ * @return array
+ * The input data for the test function.
+ */
+ public function patchIndividualProvider() {
+ return [
+ [
+ [
+ 'type' => 'article',
+ 'title' => 'PATCHED',
+ 'field_relationships' => [['target_id' => 1]],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::patchIndividual
+ * @dataProvider patchIndividualConfigProvider
+ */
+ public function testPatchIndividualConfig($values) {
+ // List of fields to be ignored.
+ $ignored_fields = ['uuid', 'entityTypeId', 'type'];
+ $node_type = NodeType::create([
+ 'type' => 'test',
+ 'name' => 'Test Type',
+ 'description' => '',
+ ]);
+ $node_type->save();
+
+ $parsed_node_type = NodeType::create($values);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('administer content types')
+ ->save();
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('edit any article content')
+ ->save();
+ $payload = Json::encode([
+ 'data' => [
+ 'type' => 'node_type',
+ 'id' => $node_type->uuid(),
+ 'attributes' => $values,
+ ],
+ ]);
+ $request = new Request([], [], [], [], [], [], $payload);
+
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->patchIndividual($node_type, $parsed_node_type, $request);
+
+ // As a side effect, the node will also be saved.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $updated_node_type = $response->getResponseData()->getData();
+ $this->assertInstanceOf(NodeType::class, $updated_node_type);
+ // If the field is ignored then we should not see a difference.
+ foreach ($values as $field_name => $value) {
+ in_array($field_name, $ignored_fields) ?
+ $this->assertNotSame($value, $node_type->get($field_name)) :
+ $this->assertSame($value, $node_type->get($field_name));
+ }
+ $this->assertEquals(200, $response->getStatusCode());
+ }
+
+ /**
+ * Provides data for the testPatchIndividualConfig.
+ *
+ * @return array
+ * The input data for the test function.
+ */
+ public function patchIndividualConfigProvider() {
+ return [
+ [['description' => 'PATCHED', 'status' => FALSE]],
+ [[]],
+ ];
+ }
+
+ /**
+ * @covers ::patchIndividual
+ * @dataProvider patchIndividualConfigFailedProvider
+ */
+ public function testPatchIndividualFailedConfig($values) {
+ $this->setExpectedException(ConfigException::class);
+ $this->testPatchIndividualConfig($values);
+ }
+
+ /**
+ * Provides data for the testPatchIndividualFailedConfig.
+ *
+ * @return array
+ * The input data for the test function.
+ */
+ public function patchIndividualConfigFailedProvider() {
+ return [
+ [['uuid' => 'PATCHED']],
+ [['type' => 'article', 'status' => FALSE]],
+ ];
+ }
+
+ /**
+ * @covers ::deleteIndividual
+ */
+ public function testDeleteIndividual() {
+ $node = Node::create([
+ 'type' => 'article',
+ 'title' => 'Lorem ipsum',
+ ]);
+ $nid = $node->id();
+ $node->save();
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('delete own article content')
+ ->save();
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->deleteIndividual($node, new Request());
+ // As a side effect, the node will also be deleted.
+ $count = $this->container->get('entity_type.manager')
+ ->getStorage('node')
+ ->getQuery()
+ ->condition('nid', $nid)
+ ->count()
+ ->execute();
+ $this->assertEquals(0, $count);
+ $this->assertNull($response->getResponseData());
+ $this->assertEquals(204, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::deleteIndividual
+ */
+ public function testDeleteIndividualConfig() {
+ $node_type = NodeType::create([
+ 'type' => 'test',
+ 'name' => 'Test Type',
+ 'description' => 'Lorem ipsum',
+ ]);
+ $id = $node_type->id();
+ $node_type->save();
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('administer content types')
+ ->save();
+ $entity_resource = $this->buildEntityResource('node', 'article');
+ $response = $entity_resource->deleteIndividual($node_type, new Request());
+ // As a side effect, the node will also be deleted.
+ $count = $this->container->get('entity_type.manager')
+ ->getStorage('node_type')
+ ->getQuery()
+ ->condition('type', $id)
+ ->count()
+ ->execute();
+ $this->assertEquals(0, $count);
+ $this->assertNull($response->getResponseData());
+ $this->assertEquals(204, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::createRelationship
+ */
+ public function testCreateRelationship() {
+ $parsed_field_list = $this->container
+ ->get('plugin.manager.field.field_type')
+ ->createFieldItemList($this->node, 'field_relationships', [
+ ['target_id' => $this->node->id()],
+ ]);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('edit any article content')
+ ->save();
+
+ $entity_resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [new ResourceType('node', 'article', NULL)],
+ ]);
+ $response = $entity_resource->createRelationship($this->node, 'field_relationships', $parsed_field_list, new Request());
+
+ // As a side effect, the node will also be saved.
+ $this->assertNotEmpty($this->node->id());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $field_list = $response->getResponseData()->getData();
+ $this->assertInstanceOf(EntityReferenceFieldItemListInterface::class, $field_list);
+ $this->assertSame('field_relationships', $field_list->getName());
+ $this->assertEquals([['target_id' => 1]], $field_list->getValue());
+ $this->assertEquals(201, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::patchRelationship
+ * @dataProvider patchRelationshipProvider
+ */
+ public function testPatchRelationship($relationships) {
+ $this->node->field_relationships->appendItem(['target_id' => $this->node->id()]);
+ $this->node->save();
+ $parsed_field_list = $this->container
+ ->get('plugin.manager.field.field_type')
+ ->createFieldItemList($this->node, 'field_relationships', $relationships);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('edit any article content')
+ ->save();
+
+ $entity_resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [new ResourceType('node', 'article', NULL)],
+ ]);
+ $response = $entity_resource->patchRelationship($this->node, 'field_relationships', $parsed_field_list, new Request());
+
+ // As a side effect, the node will also be saved.
+ $this->assertNotEmpty($this->node->id());
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $field_list = $response->getResponseData()->getData();
+ $this->assertInstanceOf(EntityReferenceFieldItemListInterface::class, $field_list);
+ $this->assertSame('field_relationships', $field_list->getName());
+ $this->assertEquals($relationships, $field_list->getValue());
+ $this->assertEquals(200, $response->getStatusCode());
+ }
+
+ /**
+ * Provides data for the testPatchRelationship.
+ *
+ * @return array
+ * The input data for the test function.
+ */
+ public function patchRelationshipProvider() {
+ return [
+ // Replace relationships.
+ [[['target_id' => 2], ['target_id' => 1]]],
+ // Remove relationships.
+ [[]],
+ ];
+ }
+
+ /**
+ * @covers ::deleteRelationship
+ * @dataProvider deleteRelationshipProvider
+ */
+ public function testDeleteRelationship($deleted_rels, $kept_rels) {
+ $this->node->field_relationships->appendItem(['target_id' => $this->node->id()]);
+ $this->node->field_relationships->appendItem(['target_id' => $this->node2->id()]);
+ $this->node->save();
+ $parsed_field_list = $this->container
+ ->get('plugin.manager.field.field_type')
+ ->createFieldItemList($this->node, 'field_relationships', $deleted_rels);
+ Role::load(Role::ANONYMOUS_ID)
+ ->grantPermission('edit any article content')
+ ->save();
+
+ $entity_resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [new ResourceType('node', 'article', NULL)],
+ ]);
+ $response = $entity_resource->deleteRelationship($this->node, 'field_relationships', $parsed_field_list, new Request());
+
+ // As a side effect, the node will also be saved.
+ $this->assertInstanceOf(JsonApiDocumentTopLevel::class, $response->getResponseData());
+ $field_list = $response->getResponseData()->getData();
+ $this->assertInstanceOf(EntityReferenceFieldItemListInterface::class, $field_list);
+ $this->assertSame('field_relationships', $field_list->getName());
+ $this->assertEquals($kept_rels, $field_list->getValue());
+ $this->assertEquals(201, $response->getStatusCode());
+ }
+
+ /**
+ * @covers ::getRelated
+ */
+ public function testGetRelatedInternal() {
+ $internal_resource_type = new ResourceType('node', 'article', NULL, TRUE);
+ $resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [$internal_resource_type],
+ ]);
+
+ $this->setExpectedException(NotFoundHttpException::class);
+ $resource->getRelationship($this->node, 'field_relationships', new Request());
+ }
+
+ /**
+ * @covers ::getRelationship
+ */
+ public function testGetRelationshipInternal() {
+ $internal_resource_type = new ResourceType('node', 'article', NULL, TRUE);
+ $resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [$internal_resource_type],
+ ]);
+
+ $this->setExpectedException(NotFoundHttpException::class);
+ $resource->getRelationship($this->node, 'field_relationships', new Request());
+ }
+
+ /**
+ * @covers ::createRelationship
+ */
+ public function testCreateRelationshipInternal() {
+ $internal_resource_type = new ResourceType('node', 'article', NULL, TRUE);
+ $resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [$internal_resource_type],
+ ]);
+
+ Role::load(Role::ANONYMOUS_ID)->grantPermission('edit any article content')->save();
+
+ $field_type_manager = $this->container->get('plugin.manager.field.field_type');
+ $list = $field_type_manager->createFieldItemList($this->node, 'field_relationships');
+
+ $this->setExpectedException(NotFoundHttpException::class);
+ $resource->createRelationship($this->node, 'field_relationships', $list, new Request());
+ }
+
+ /**
+ * @covers ::patchRelationship
+ */
+ public function testPatchRelationshipInternal() {
+ $internal_resource_type = new ResourceType('node', 'article', NULL, TRUE);
+ $resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [$internal_resource_type],
+ ]);
+
+ Role::load(Role::ANONYMOUS_ID)->grantPermission('edit any article content')->save();
+
+ $field_type_manager = $this->container->get('plugin.manager.field.field_type');
+ $list = $field_type_manager->createFieldItemList($this->node, 'field_relationships');
+
+ $this->setExpectedException(NotFoundHttpException::class);
+ $resource->patchRelationship($this->node, 'field_relationships', $list, new Request());
+ }
+
+ /**
+ * @covers ::deleteRelationship
+ */
+ public function testDeleteRelationshipInternal() {
+ $internal_resource_type = new ResourceType('node', 'article', NULL, TRUE);
+ $resource = $this->buildEntityResource('node', 'article', [
+ 'field_relationships' => [$internal_resource_type],
+ ]);
+
+ Role::load(Role::ANONYMOUS_ID)->grantPermission('edit any article content')->save();
+
+ $field_type_manager = $this->container->get('plugin.manager.field.field_type');
+ $list = $field_type_manager->createFieldItemList($this->node, 'field_relationships');
+
+ $this->setExpectedException(NotFoundHttpException::class);
+ $resource->deleteRelationship($this->node, 'field_relationships', $list, new Request());
+ }
+
+ /**
+ * Provides data for the testDeleteRelationship.
+ *
+ * @return array
+ * The input data for the test function.
+ */
+ public function deleteRelationshipProvider() {
+ return [
+ // Remove one relationship.
+ [[['target_id' => 1]], [['target_id' => 2]]],
+ // Remove all relationships.
+ [[['target_id' => 2], ['target_id' => 1]], []],
+ // Remove no relationship.
+ [[], [['target_id' => 1], ['target_id' => 2]]],
+ ];
+ }
+
+ /**
+ * Instantiates a test EntityResource.
+ *
+ * @param string $entity_type_id
+ * The entity type ID.
+ * @param string $bundle
+ * The bundle.
+ * @param \Drupal\jsonapi\ResourceType\ResourceType[] $relatable_resource_types
+ * An array of relatable resource types, keyed by field.
+ * @param bool $internal
+ * Whether the primary resource type is internal.
+ *
+ * @return \Drupal\jsonapi\Controller\EntityResource
+ * The resource.
+ */
+ protected function buildEntityResource($entity_type_id, $bundle, array $relatable_resource_types = [], $internal = FALSE) {
+ // The fake route.
+ $route = new Route(NULL, [], [
+ '_entity_type' => $entity_type_id,
+ '_bundle' => $bundle,
+ ]);
+ // The request.
+ $request = new Request([], [], ['_route_object' => $route]);
+ $request_stack = new RequestStack();
+ $request_stack->push($request);
+ // Get the entity resource.
+ $current_context = new CurrentContext(
+ $this->container->get('jsonapi.resource_type.repository'),
+ $request_stack,
+ new CurrentRouteMatch($request_stack)
+ );
+ $this->container->set('jsonapi.current_context', $current_context);
+
+ $resource_type = new ResourceType($entity_type_id, $bundle, NULL, $internal);
+ $resource_type->setRelatableResourceTypes($relatable_resource_types);
+
+ return new EntityResource(
+ $resource_type,
+ $this->container->get('entity_type.manager'),
+ $this->container->get('entity_field.manager'),
+ $current_context,
+ $this->container->get('plugin.manager.field.field_type'),
+ $this->container->get('jsonapi.link_manager'),
+ $this->container->get('jsonapi.resource_type.repository')
+ );
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Controller/EntryPointTest.php b/core/modules/jsonapi/tests/src/Kernel/Controller/EntryPointTest.php
new file mode 100644
index 0000000..25ebd83
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Controller/EntryPointTest.php
@@ -0,0 +1,50 @@
+index();
+ $this->assertEquals(
+ ['url.site'],
+ $processed_response->getCacheableMetadata()->getCacheContexts()
+ );
+ $data = json_decode($processed_response->getContent(), TRUE);
+ $links = $data['links'];
+ $this->assertRegExp('/.*\/jsonapi/', $links['self']);
+ $this->assertRegExp('/.*\/jsonapi\/user\/user/', $links['user--user']);
+ $this->assertRegExp('/.*\/jsonapi\/node_type\/node_type/', $links['node_type--node_type']);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/EntityToJsonApiTest.php b/core/modules/jsonapi/tests/src/Kernel/EntityToJsonApiTest.php
new file mode 100644
index 0000000..6bc0260
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/EntityToJsonApiTest.php
@@ -0,0 +1,202 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+ $this->installEntitySchema('taxonomy_term');
+ $this->installEntitySchema('file');
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+ $this->installSchema('file', ['file_usage']);
+ $this->nodeType = NodeType::create([
+ 'type' => 'article',
+ ]);
+ $this->nodeType->save();
+ $this->createEntityReferenceField(
+ 'node',
+ 'article',
+ 'field_tags',
+ 'Tags',
+ 'taxonomy_term',
+ 'default',
+ ['target_bundles' => ['tags']],
+ FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED
+ );
+
+ $this->createImageField('field_image', 'article');
+
+ $this->user = User::create([
+ 'name' => 'user1',
+ 'mail' => 'user@localhost',
+ ]);
+ $this->user2 = User::create([
+ 'name' => 'user2',
+ 'mail' => 'user2@localhost',
+ ]);
+
+ $this->user->save();
+ $this->user2->save();
+
+ $this->vocabulary = Vocabulary::create(['name' => 'Tags', 'vid' => 'tags']);
+ $this->vocabulary->save();
+
+ $this->term1 = Term::create([
+ 'name' => 'term1',
+ 'vid' => $this->vocabulary->id(),
+ ]);
+ $this->term2 = Term::create([
+ 'name' => 'term2',
+ 'vid' => $this->vocabulary->id(),
+ ]);
+
+ $this->term1->save();
+ $this->term2->save();
+
+ $this->file = File::create([
+ 'uri' => 'public://example.png',
+ 'filename' => 'example.png',
+ ]);
+ $this->file->save();
+
+ $this->node = Node::create([
+ 'title' => 'dummy_title',
+ 'type' => 'article',
+ 'uid' => 1,
+ 'field_tags' => [
+ ['target_id' => $this->term1->id()],
+ ['target_id' => $this->term2->id()],
+ ],
+ 'field_image' => [
+ [
+ 'target_id' => $this->file->id(),
+ 'alt' => 'test alt',
+ 'title' => 'test title',
+ 'width' => 10,
+ 'height' => 11,
+ ],
+ ],
+ ]);
+
+ $this->node->save();
+
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+ $link_manager
+ ->getRequestLink(Argument::any())
+ ->willReturn('dummy_document_link');
+ $this->container->set('jsonapi.link_manager', $link_manager->reveal());
+
+ $this->nodeType = NodeType::load('article');
+
+ $this->role = Role::create([
+ 'id' => RoleInterface::ANONYMOUS_ID,
+ 'permissions' => [
+ 'access content',
+ ],
+ ]);
+ $this->role->save();
+ $this->sut = \Drupal::service('jsonapi.entity.to_jsonapi');
+ }
+
+ /**
+ * @covers ::serialize
+ * @covers ::normalize
+ */
+ public function testSerialize() {
+ $entities = [
+ $this->node,
+ $this->user,
+ $this->file,
+ $this->term1,
+ // Make sure we also support configuration entities.
+ $this->vocabulary,
+ $this->nodeType,
+ $this->role,
+ ];
+ array_walk(
+ $entities,
+ function ($entity) {
+ $output = $this->sut->serialize($entity);
+ $this->assertInternalType('string', $output);
+ $this->assertJsonApi(Json::decode($output));
+ $output = $this->sut->normalize($entity);
+ $this->assertInternalType('array', $output);
+ $this->assertJsonApi($output);
+ }
+ );
+ }
+
+ /**
+ * Helper to assert if a string is valid JSON API.
+ *
+ * @param array $structured
+ * The JSON API data to check.
+ */
+ protected function assertJsonApi(array $structured) {
+ $this->assertNotEmpty($structured['data']['type']);
+ $this->assertNotEmpty($structured['data']['id']);
+ $this->assertNotEmpty($structured['data']['attributes']);
+ $this->assertInternalType('string', $structured['links']['self']);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Field/FileDownloadUrlTest.php b/core/modules/jsonapi/tests/src/Kernel/Field/FileDownloadUrlTest.php
new file mode 100644
index 0000000..5056f2c
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Field/FileDownloadUrlTest.php
@@ -0,0 +1,82 @@
+installEntitySchema('file');
+ $this->installSchema('file', ['file_usage']);
+
+ // Create a new file entity.
+ $this->file = File::create([
+ 'filename' => $this->filename,
+ 'uri' => sprintf('public://%s', $this->filename),
+ 'filemime' => 'text/plain',
+ 'status' => FILE_STATUS_PERMANENT,
+ ]);
+
+ $this->file->save();
+ }
+
+ /**
+ * Test the URL computed field.
+ */
+ public function testUrlField() {
+ $url_field = $this->file->get('url');
+ // Test all the different ways to access a field item.
+ $values = [
+ $url_field->value,
+ $url_field->getValue()[0]['value'],
+ $url_field->get(0)->toArray()['value'],
+ $url_field->first()->getValue()['value'],
+ ];
+ array_walk($values, function ($value) {
+ $this->assertContains('simpletest', $value);
+ $this->assertContains($this->filename, $value);
+ });
+ $violationList = $this->file->validate();
+ $this->assertEquals(0, $violationList->count());
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/JsonapiKernelTestBase.php b/core/modules/jsonapi/tests/src/Kernel/JsonapiKernelTestBase.php
new file mode 100644
index 0000000..e53c43d
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/JsonapiKernelTestBase.php
@@ -0,0 +1,109 @@
+ $field_name,
+ 'type' => 'entity_reference',
+ 'entity_type' => $entity_type,
+ 'cardinality' => $cardinality,
+ 'settings' => [
+ 'target_type' => $target_entity_type,
+ ],
+ ])->save();
+ }
+ if (!FieldConfig::loadByName($entity_type, $bundle, $field_name)) {
+ FieldConfig::create([
+ 'field_name' => $field_name,
+ 'entity_type' => $entity_type,
+ 'bundle' => $bundle,
+ 'label' => $field_label,
+ 'settings' => [
+ 'handler' => $selection_handler,
+ 'handler_settings' => $handler_settings,
+ ],
+ ])->save();
+ }
+ }
+
+ /**
+ * Creates a field of an entity reference field storage on the bundle.
+ *
+ * @param string $entity_type
+ * The type of entity the field will be attached to.
+ * @param string $bundle
+ * The bundle name of the entity the field will be attached to.
+ * @param string $field_name
+ * The name of the field; if it exists, a new instance of the existing.
+ * field will be created.
+ * @param string $field_label
+ * The label of the field.
+ * @param int $cardinality
+ * The cardinality of the field.
+ *
+ * @see \Drupal\Core\Entity\Plugin\EntityReferenceSelection\SelectionBase::buildConfigurationForm()
+ */
+ protected function createTextField($entity_type, $bundle, $field_name, $field_label, $cardinality = 1) {
+ // Look for or add the specified field to the requested entity bundle.
+ if (!FieldStorageConfig::loadByName($entity_type, $field_name)) {
+ FieldStorageConfig::create([
+ 'field_name' => $field_name,
+ 'type' => 'text',
+ 'entity_type' => $entity_type,
+ 'cardinality' => $cardinality,
+ ])->save();
+ }
+ if (!FieldConfig::loadByName($entity_type, $bundle, $field_name)) {
+ FieldConfig::create([
+ 'field_name' => $field_name,
+ 'entity_type' => $entity_type,
+ 'bundle' => $bundle,
+ 'label' => $field_label,
+ ])->save();
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionGroupNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionGroupNormalizerTest.php
new file mode 100644
index 0000000..f26bb4e
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionGroupNormalizerTest.php
@@ -0,0 +1,64 @@
+container->get('serializer.normalizer.entity_condition_group.jsonapi');
+
+ $normalized = $normalizer->denormalize($case, EntityConditionGroup::class);
+
+ $this->assertEquals($case['conjunction'], $normalized->conjunction());
+
+ foreach ($normalized->members() as $key => $condition) {
+ $this->assertEquals($case['members'][$key]['path'], $condition->field());
+ $this->assertEquals($case['members'][$key]['value'], $condition->value());
+ }
+ }
+
+ /**
+ * @covers ::denormalize
+ */
+ public function testDenormalizeException() {
+ $normalizer = $this->container->get('serializer.normalizer.entity_condition_group.jsonapi');
+ $data = ['conjunction' => 'NOT_ALLOWED', 'members' => []];
+ $this->setExpectedException(\InvalidArgumentException::class);
+ $normalized = $normalizer->denormalize($data, EntityConditionGroup::class);
+ }
+
+ /**
+ * Data provider for testDenormalize.
+ */
+ public function denormalizeProvider() {
+ return [
+ [['conjunction' => 'AND', 'members' => []]],
+ [['conjunction' => 'OR', 'members' => []]],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionNormalizerTest.php
new file mode 100644
index 0000000..53a84c8
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/EntityConditionNormalizerTest.php
@@ -0,0 +1,137 @@
+normalizer = $this->container->get('serializer.normalizer.entity_condition.jsonapi');
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($case) {
+ $normalized = $this->normalizer->denormalize($case, EntityCondition::class);
+ $this->assertEquals($case['path'], $normalized->field());
+ $this->assertEquals($case['value'], $normalized->value());
+ if (isset($case['operator'])) {
+ $this->assertEquals($case['operator'], $normalized->operator());
+ }
+ }
+
+ /**
+ * Data provider for testDenormalize.
+ */
+ public function denormalizeProvider() {
+ return [
+ [['path' => 'some_field', 'value' => NULL, 'operator' => '=']],
+ [['path' => 'some_field', 'operator' => '=', 'value' => 'some_string']],
+ [['path' => 'some_field', 'operator' => '<>', 'value' => 'some_string']],
+ [
+ [
+ 'path' => 'some_field',
+ 'operator' => 'NOT BETWEEN',
+ 'value' => 'some_string',
+ ],
+ ],
+ [
+ [
+ 'path' => 'some_field',
+ 'operator' => 'BETWEEN',
+ 'value' => ['some_string'],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeValidationProvider
+ */
+ public function testDenormalizeValidation($input, $exception) {
+ if ($exception) {
+ $this->setExpectedException(get_class($exception), $exception->getMessage());
+ }
+ $this->normalizer->denormalize($input, EntityCondition::class);
+ }
+
+ /**
+ * Data provider for denormalizeProvider.
+ */
+ public function denormalizeValidationProvider() {
+ return [
+ [['path' => 'some_field', 'value' => 'some_value'], NULL],
+ [
+ ['path' => 'some_field', 'value' => 'some_value', 'operator' => '='],
+ NULL,
+ ],
+ [['path' => 'some_field', 'operator' => 'IS NULL'], NULL],
+ [['path' => 'some_field', 'operator' => 'IS NOT NULL'], NULL],
+ [
+ ['path' => 'some_field', 'operator' => 'IS', 'value' => 'some_value'],
+ new BadRequestHttpException("The 'IS' operator is not allowed in a filter parameter."),
+ ],
+ [
+ [
+ 'path' => 'some_field',
+ 'operator' => 'NOT_ALLOWED',
+ 'value' => 'some_value',
+ ],
+ new BadRequestHttpException("The 'NOT_ALLOWED' operator is not allowed in a filter parameter."),
+ ],
+ [
+ [
+ 'path' => 'some_field',
+ 'operator' => 'IS NULL',
+ 'value' => 'should_not_be_here',
+ ],
+ new BadRequestHttpException("Filters using the 'IS NULL' operator should not provide a value."),
+ ],
+ [
+ [
+ 'path' => 'some_field',
+ 'operator' => 'IS NOT NULL',
+ 'value' => 'should_not_be_here',
+ ],
+ new BadRequestHttpException("Filters using the 'IS NOT NULL' operator should not provide a value."),
+ ],
+ [
+ ['path' => 'path_only'],
+ new BadRequestHttpException("Filter parameter is missing a '" . EntityConditionNormalizer::VALUE_KEY . "' key."),
+ ],
+ [
+ ['value' => 'value_only'],
+ new BadRequestHttpException("Filter parameter is missing a '" . EntityConditionNormalizer::PATH_KEY . "' key."),
+ ],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/FilterNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/FilterNormalizerTest.php
new file mode 100644
index 0000000..b45f969
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/FilterNormalizerTest.php
@@ -0,0 +1,150 @@
+container->set('jsonapi.field_resolver', $this->getFieldResolver('foo', 'bar'));
+ $this->normalizer = $this->container->get('serializer.normalizer.filter.jsonapi');
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($normalized, $expected) {
+ $actual = $this->normalizer->denormalize($normalized, Filter::class, NULL, ['entity_type_id' => 'foo', 'bundle' => 'bar']);
+ $conditions = $actual->root()->members();
+ for ($i = 0; $i < count($normalized); $i++) {
+ $this->assertEquals($expected[$i]['path'], $conditions[$i]->field());
+ $this->assertEquals($expected[$i]['value'], $conditions[$i]->value());
+ $this->assertEquals($expected[$i]['operator'], $conditions[$i]->operator());
+ }
+ }
+
+ /**
+ * Data provider for testDenormalize.
+ */
+ public function denormalizeProvider() {
+ return [
+ [
+ ['uid' => ['value' => 1]],
+ [['path' => 'uid', 'value' => 1, 'operator' => '=']],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::denormalize
+ */
+ public function testDenormalizeNested() {
+ $normalized = [
+ 'or-group' => ['group' => ['conjunction' => 'OR']],
+ 'nested-or-group' => [
+ 'group' => ['conjunction' => 'OR', 'memberOf' => 'or-group'],
+ ],
+ 'nested-and-group' => [
+ 'group' => ['conjunction' => 'AND', 'memberOf' => 'or-group'],
+ ],
+ 'condition-0' => [
+ 'condition' => [
+ 'path' => 'field0',
+ 'value' => 'value0',
+ 'memberOf' => 'nested-or-group',
+ ],
+ ],
+ 'condition-1' => [
+ 'condition' => [
+ 'path' => 'field1',
+ 'value' => 'value1',
+ 'memberOf' => 'nested-or-group',
+ ],
+ ],
+ 'condition-2' => [
+ 'condition' => [
+ 'path' => 'field2',
+ 'value' => 'value2',
+ 'memberOf' => 'nested-and-group',
+ ],
+ ],
+ 'condition-3' => [
+ 'condition' => [
+ 'path' => 'field3',
+ 'value' => 'value3',
+ 'memberOf' => 'nested-and-group',
+ ],
+ ],
+ ];
+ $filter = $this->normalizer->denormalize($normalized, Filter::class, NULL, ['entity_type_id' => 'foo', 'bundle' => 'bar']);
+ $root = $filter->root();
+
+ // Make sure the implicit root group was added.
+ $this->assertEquals($root->conjunction(), 'AND');
+
+ // Ensure the or-group and the and-group were added correctly.
+ $members = $root->members();
+
+ // Ensure the OR group was added.
+ $or_group = $members[0];
+ $this->assertEquals($or_group->conjunction(), 'OR');
+ $or_group_members = $or_group->members();
+
+ // Make sure the nested OR group was added with the right conditions.
+ $nested_or_group = $or_group_members[0];
+ $this->assertEquals($nested_or_group->conjunction(), 'OR');
+ $nested_or_group_members = $nested_or_group->members();
+ $this->assertEquals($nested_or_group_members[0]->field(), 'field0');
+ $this->assertEquals($nested_or_group_members[1]->field(), 'field1');
+
+ // Make sure the nested AND group was added with the right conditions.
+ $nested_and_group = $or_group_members[1];
+ $this->assertEquals($nested_and_group->conjunction(), 'AND');
+ $nested_and_group_members = $nested_and_group->members();
+ $this->assertEquals($nested_and_group_members[0]->field(), 'field2');
+ $this->assertEquals($nested_and_group_members[1]->field(), 'field3');
+ }
+
+ /**
+ * Provides a mock field resolver.
+ */
+ protected function getFieldResolver($entity_type_id, $bundle) {
+ $field_resolver = $this->prophesize(FieldResolver::class);
+ $field_resolver->resolveInternal('foo', 'bar', Argument::any())->willReturnArgument(2);
+ return $field_resolver->reveal();
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php
new file mode 100644
index 0000000..ea58901
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php
@@ -0,0 +1,793 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+ $this->installEntitySchema('taxonomy_term');
+ $this->installEntitySchema('file');
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+ $this->installSchema('file', ['file_usage']);
+ $type = NodeType::create([
+ 'type' => 'article',
+ ]);
+ $type->save();
+ $this->createEntityReferenceField(
+ 'node',
+ 'article',
+ 'field_tags',
+ 'Tags',
+ 'taxonomy_term',
+ 'default',
+ ['target_bundles' => ['tags']],
+ FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED
+ );
+ $this->createTextField('node', 'article', 'body', 'Body');
+
+ $this->createImageField('field_image', 'article');
+
+ $this->user = User::create([
+ 'name' => 'user1',
+ 'mail' => 'user@localhost',
+ ]);
+ $this->user2 = User::create([
+ 'name' => 'user2',
+ 'mail' => 'user2@localhost',
+ ]);
+
+ $this->user->save();
+ $this->user2->save();
+
+ $this->vocabulary = Vocabulary::create(['name' => 'Tags', 'vid' => 'tags']);
+ $this->vocabulary->save();
+
+ $this->term1 = Term::create([
+ 'name' => 'term1',
+ 'vid' => $this->vocabulary->id(),
+ ]);
+ $this->term2 = Term::create([
+ 'name' => 'term2',
+ 'vid' => $this->vocabulary->id(),
+ ]);
+
+ $this->term1->save();
+ $this->term2->save();
+
+ $this->file = File::create([
+ 'uri' => 'public://example.png',
+ 'filename' => 'example.png',
+ ]);
+ $this->file->save();
+
+ $this->node = Node::create([
+ 'title' => 'dummy_title',
+ 'type' => 'article',
+ 'uid' => 1,
+ 'body' => [
+ 'format' => 'plain_text',
+ 'value' => $this->randomStringValidate(42),
+ ],
+ 'field_tags' => [
+ ['target_id' => $this->term1->id()],
+ ['target_id' => $this->term2->id()],
+ ],
+ 'field_image' => [
+ [
+ 'target_id' => $this->file->id(),
+ 'alt' => 'test alt',
+ 'title' => 'test title',
+ 'width' => 10,
+ 'height' => 11,
+ ],
+ ],
+ ]);
+
+ $this->node->save();
+
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+ $link_manager
+ ->getRequestLink(Argument::any())
+ ->willReturn('dummy_document_link');
+ $this->container->set('jsonapi.link_manager', $link_manager->reveal());
+
+ $this->nodeType = NodeType::load('article');
+
+ Role::create([
+ 'id' => RoleInterface::ANONYMOUS_ID,
+ 'permissions' => [
+ 'access content',
+ ],
+ ])->save();
+ }
+
+ /**
+ * {@inheritdoc}
+ */
+ public function tearDown() {
+ if ($this->node) {
+ $this->node->delete();
+ }
+ if ($this->term1) {
+ $this->term1->delete();
+ }
+ if ($this->term2) {
+ $this->term2->delete();
+ }
+ if ($this->vocabulary) {
+ $this->vocabulary->delete();
+ }
+ if ($this->user) {
+ $this->user->delete();
+ }
+ if ($this->user2) {
+ $this->user2->delete();
+ }
+ }
+
+ /**
+ * @covers ::normalize
+ * @dataProvider normalizeValueProvider
+ */
+ public function testNormalize($include) {
+ list($request, $resource_type) = $this->generateProphecies('node', 'article');
+ $request->query = new ParameterBag([
+ 'fields' => [
+ 'node--article' => 'title,type,uid,field_tags,field_image',
+ 'user--user' => 'name',
+ ],
+ 'include' => $include,
+ ]);
+
+ $response = new ResourceResponse();
+ $normalized = $this
+ ->getNormalizer()
+ ->normalize(
+ new JsonApiDocumentTopLevel($this->node),
+ 'api_json',
+ [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $response->getCacheableMetadata(),
+ ]
+ );
+
+ // @see http://jsonapi.org/format/#document-jsonapi-object
+ $this->assertEquals($normalized['jsonapi']['version'], '1.0');
+ $this->assertEquals($normalized['jsonapi']['meta']['links']['self'], 'http://jsonapi.org/format/1.0/');
+
+ $this->assertSame($normalized['data']['attributes']['title'], 'dummy_title');
+ $this->assertEquals($normalized['data']['id'], $this->node->uuid());
+ $this->assertSame([
+ 'data' => [
+ 'type' => 'node_type--node_type',
+ 'id' => NodeType::load('article')->uuid(),
+ ],
+ 'links' => [
+ 'self' => 'dummy_entity_link',
+ 'related' => 'dummy_entity_link',
+ ],
+ ], $normalized['data']['relationships']['type']);
+ $this->assertTrue(!isset($normalized['data']['attributes']['created']));
+ $this->assertEquals([
+ 'alt' => 'test alt',
+ 'title' => 'test title',
+ 'width' => 10,
+ 'height' => 11,
+ ], $normalized['data']['relationships']['field_image']['data']['meta']);
+ $this->assertSame('node--article', $normalized['data']['type']);
+ $this->assertEquals([
+ 'data' => [
+ 'type' => 'user--user',
+ 'id' => $this->user->uuid(),
+ ],
+ 'links' => [
+ 'self' => 'dummy_entity_link',
+ 'related' => 'dummy_entity_link',
+ ],
+ ], $normalized['data']['relationships']['uid']);
+ $this->assertEquals(
+ "The current user is not allowed to GET the selected resource. The 'access user profiles' permission is required and the user must be active.",
+ $normalized['meta']['errors'][0]['detail']
+ );
+ $this->assertEquals(403, $normalized['meta']['errors'][0]['status']);
+ $this->assertEquals($this->term1->uuid(), $normalized['included'][0]['id']);
+ $this->assertEquals('taxonomy_term--tags', $normalized['included'][0]['type']);
+ $this->assertEquals($this->term1->label(), $normalized['included'][0]['attributes']['name']);
+ $this->assertTrue(!isset($normalized['included'][0]['attributes']['created']));
+ // Make sure that the cache tags for the includes and the requested entities
+ // are bubbling as expected.
+ $this->assertArraySubset(
+ ['file:1', 'node:1', 'taxonomy_term:1', 'taxonomy_term:2'],
+ $response->getCacheableMetadata()->getCacheTags()
+ );
+ $this->assertSame(
+ Cache::PERMANENT,
+ $response->getCacheableMetadata()->getCacheMaxAge()
+ );
+ }
+
+ /**
+ * Data provider for testNormalize.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function normalizeValueProvider() {
+ return [
+ ['uid,field_tags,field_image'],
+ ['uid, field_tags, field_image'],
+ ];
+ }
+
+ /**
+ * @covers ::normalize
+ */
+ public function testNormalizeRelated() {
+ $this->markTestIncomplete('This fails and should be fixed by https://www.drupal.org/project/jsonapi/issues/2922121');
+
+ list($request, $resource_type) = $this->generateProphecies('node', 'article', 'uid');
+ $request->query = new ParameterBag([
+ 'fields' => [
+ 'user--user' => 'name,roles',
+ ],
+ 'include' => 'roles',
+ ]);
+ $document_wrapper = $this->prophesize(JsonApiDocumentTopLevel::class);
+ $author = $this->node->get('uid')->entity;
+ $document_wrapper->getData()->willReturn($author);
+
+ $response = new ResourceResponse();
+ $normalized = $this
+ ->getNormalizer()
+ ->normalize(
+ $document_wrapper->reveal(),
+ 'api_json',
+ [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $response->getCacheableMetadata(),
+ ]
+ );
+ $this->assertSame($normalized['data']['attributes']['name'], 'user1');
+ $this->assertEquals($normalized['data']['id'], User::load(1)->uuid());
+ $this->assertEquals($normalized['data']['type'], 'user--user');
+ // Make sure that the cache tags for the includes and the requested entities
+ // are bubbling as expected.
+ $this->assertSame(['user:1'], $response->getCacheableMetadata()
+ ->getCacheTags());
+ $this->assertSame(Cache::PERMANENT, $response->getCacheableMetadata()
+ ->getCacheMaxAge());
+ }
+
+ /**
+ * @covers ::normalize
+ */
+ public function testNormalizeUuid() {
+ list($request, $resource_type) = $this->generateProphecies('node', 'article', 'uuid');
+ $document_wrapper = $this->prophesize(JsonApiDocumentTopLevel::class);
+ $document_wrapper->getData()->willReturn($this->node);
+ $request->query = new ParameterBag([
+ 'fields' => [
+ 'node--article' => 'title,type,uid,field_tags',
+ 'user--user' => 'name',
+ ],
+ 'include' => 'uid,field_tags',
+ ]);
+
+ $response = new ResourceResponse();
+ $normalized = $this
+ ->getNormalizer()
+ ->normalize(
+ $document_wrapper->reveal(),
+ 'api_json',
+ [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $response->getCacheableMetadata(),
+ ]
+ );
+ $this->assertStringMatchesFormat($this->node->uuid(), $normalized['data']['id']);
+ $this->assertEquals($this->node->type->entity->uuid(), $normalized['data']['relationships']['type']['data']['id']);
+ $this->assertEquals($this->user->uuid(), $normalized['data']['relationships']['uid']['data']['id']);
+ $this->assertFalse(empty($normalized['included'][0]['id']));
+ $this->assertFalse(empty($normalized['meta']['errors']));
+ $this->assertEquals($this->term1->uuid(), $normalized['included'][0]['id']);
+ // Make sure that the cache tags for the includes and the requested entities
+ // are bubbling as expected.
+ $this->assertArraySubset(
+ ['node:1', 'taxonomy_term:1', 'taxonomy_term:2'],
+ $response->getCacheableMetadata()->getCacheTags()
+ );
+ }
+
+ /**
+ * @covers ::normalize
+ */
+ public function testNormalizeException() {
+ list($request, $resource_type) = $this->generateProphecies('node', 'article', 'id');
+ $document_wrapper = $this->prophesize(JsonApiDocumentTopLevel::class);
+ $document_wrapper->getData()->willReturn($this->node);
+ $request->query = new ParameterBag([
+ 'fields' => [
+ 'node--article' => 'title,type,uid',
+ 'user--user' => 'name',
+ ],
+ 'include' => 'uid',
+ ]);
+
+ $response = new ResourceResponse();
+ $normalized = $this
+ ->container
+ ->get('jsonapi.serializer_do_not_use_removal_imminent')
+ ->serialize(
+ new BadRequestHttpException('Lorem'),
+ 'api_json',
+ [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $response->getCacheableMetadata(),
+ 'data_wrapper' => 'errors',
+ ]
+ );
+ $normalized = Json::decode($normalized);
+ $this->assertNotEmpty($normalized['errors']);
+ $this->assertArrayNotHasKey('data', $normalized);
+ $this->assertEquals(400, $normalized['errors'][0]['status']);
+ $this->assertEquals('Lorem', $normalized['errors'][0]['detail']);
+ $this->assertEquals(['info' => 'http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1'], $normalized['errors'][0]['links']);
+ }
+
+ /**
+ * @covers ::normalize
+ */
+ public function testNormalizeConfig() {
+ list($request, $resource_type) = $this->generateProphecies('node_type', 'node_type', 'id');
+ $document_wrapper = $this->prophesize(JsonApiDocumentTopLevel::class);
+ $document_wrapper->getData()->willReturn($this->nodeType);
+ $request->query = new ParameterBag([
+ 'fields' => [
+ 'node_type--node_type' => 'uuid,display_submitted',
+ ],
+ 'include' => NULL,
+ ]);
+
+ $response = new ResourceResponse();
+ $normalized = $this
+ ->getNormalizer()
+ ->normalize($document_wrapper->reveal(), 'api_json', [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $response->getCacheableMetadata(),
+ ]);
+ $this->assertTrue(empty($normalized['data']['attributes']['type']));
+ $this->assertTrue(!empty($normalized['data']['attributes']['uuid']));
+ $this->assertSame($normalized['data']['attributes']['display_submitted'], TRUE);
+ $this->assertSame($normalized['data']['id'], NodeType::load('article')->uuid());
+ $this->assertSame($normalized['data']['type'], 'node_type--node_type');
+ // Make sure that the cache tags for the includes and the requested entities
+ // are bubbling as expected.
+ $this->assertSame(['config:node.type.article'], $response->getCacheableMetadata()
+ ->getCacheTags());
+ }
+
+ /**
+ * Try to POST a node and check if it exists afterwards.
+ *
+ * @covers ::denormalize
+ */
+ public function testDenormalize() {
+ $payload = '{"data":{"type":"article","attributes":{"title":"Testing article"}}}';
+
+ list($request, $resource_type) = $this->generateProphecies('node', 'article', 'id');
+ $node = $this
+ ->getNormalizer()
+ ->denormalize(Json::decode($payload), NULL, 'api_json', [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ ]);
+ $this->assertInstanceOf('\Drupal\node\Entity\Node', $node);
+ $this->assertSame('Testing article', $node->getTitle());
+ }
+
+ /**
+ * Try to POST a node and check if it exists afterwards.
+ *
+ * @covers ::denormalize
+ */
+ public function testDenormalizeUuid() {
+ $configurations = [
+ // Good data.
+ [
+ [
+ [$this->term2->uuid(), $this->term1->uuid()],
+ $this->user2->uuid(),
+ ],
+ [
+ [$this->term2->id(), $this->term1->id()],
+ $this->user2->id(),
+ ],
+ ],
+ // Good data, without any tags.
+ [
+ [
+ [],
+ $this->user2->uuid(),
+ ],
+ [
+ [],
+ $this->user2->id(),
+ ],
+ ],
+ // Bad data in first tag.
+ [
+ [
+ ['invalid-uuid', $this->term1->uuid()],
+ $this->user2->uuid(),
+ ],
+ [
+ [$this->term1->id()],
+ $this->user2->id(),
+ ],
+ ],
+ // Bad data in user and first tag.
+ [
+ [
+ ['invalid-uuid', $this->term1->uuid()],
+ 'also-invalid-uuid',
+ ],
+ [
+ [$this->term1->id()],
+ NULL,
+ ],
+ ],
+ ];
+
+ foreach ($configurations as $configuration) {
+ list($payload_data, $expected) = $this->denormalizeUuidProviderBuilder($configuration);
+ $payload = Json::encode($payload_data);
+
+ list($request, $resource_type) = $this->generateProphecies('node', 'article');
+ $this->container->get('request_stack')->push($request);
+ $node = $this
+ ->getNormalizer()
+ ->denormalize(Json::decode($payload), NULL, 'api_json', [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ ]);
+
+ /* @var \Drupal\node\Entity\Node $node */
+ $this->assertInstanceOf('\Drupal\node\Entity\Node', $node);
+ $this->assertSame('Testing article', $node->getTitle());
+ if (!empty($expected['user_id'])) {
+ $owner = $node->getOwner();
+ $this->assertEquals($expected['user_id'], $owner->id());
+ }
+ $tags = $node->get('field_tags')->getValue();
+ if (!empty($expected['tag_ids'][0])) {
+ $this->assertEquals($expected['tag_ids'][0], $tags[0]['target_id']);
+ }
+ else {
+ $this->assertArrayNotHasKey(0, $tags);
+ }
+ if (!empty($expected['tag_ids'][1])) {
+ $this->assertEquals($expected['tag_ids'][1], $tags[1]['target_id']);
+ }
+ else {
+ $this->assertArrayNotHasKey(1, $tags);
+ }
+ }
+ }
+
+ /**
+ * Tests denormalization for related resources with missing or invalid types.
+ */
+ public function testDenormalizeInvalidTypeAndNoType() {
+ $payload_data = [
+ 'data' => [
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'title' => 'Testing article',
+ 'id' => '33095485-70D2-4E51-A309-535CC5BC0115',
+ ],
+ 'relationships' => [
+ 'uid' => [
+ 'data' => [
+ 'type' => 'user--user',
+ 'id' => $this->user2->uuid(),
+ ],
+ ],
+ 'field_tags' => [
+ 'data' => [
+ [
+ 'type' => 'foobar',
+ 'id' => $this->term1->uuid(),
+ ],
+ ],
+ ],
+ ],
+ ],
+ ];
+
+ // Test relationship member with invalid type.
+ $payload = Json::encode($payload_data);
+ list($request, $resource_type) = $this->generateProphecies('node', 'article');
+ $this->container->get('request_stack')->push($request);
+ try {
+ $this
+ ->getNormalizer()
+ ->denormalize(Json::decode($payload), NULL, 'api_json', [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ ]);
+
+ $this->fail('No assertion thrown for invalid type');
+ }
+ catch (BadRequestHttpException $e) {
+ $this->assertEquals("Invalid type specified for related resource: 'foobar'", $e->getMessage());
+ }
+
+ // Test relationship member with no type.
+ unset($payload_data['data']['relationships']['field_tags']['data'][0]['type']);
+
+ $payload = Json::encode($payload_data);
+ list($request, $resource_type) = $this->generateProphecies('node', 'article');
+ $this->container->get('request_stack')->push($request);
+ try {
+ $this->container->get('jsonapi_test_normalizers_kernel.jsonapi_document_toplevel')
+ ->denormalize(Json::decode($payload), NULL, 'api_json', [
+ 'request' => $request,
+ 'resource_type' => $resource_type,
+ ]);
+
+ $this->fail('No assertion thrown for missing type');
+ }
+ catch (BadRequestHttpException $e) {
+ $this->assertEquals("No type specified for related resource", $e->getMessage());
+ }
+ }
+
+ /**
+ * We cannot use a PHPUnit data provider because our data depends on $this.
+ *
+ * @param array $options
+ * Options for how to construct test data.
+ *
+ * @return array
+ * The test data.
+ */
+ protected function denormalizeUuidProviderBuilder(array $options) {
+ list($input, $expected) = $options;
+ list($input_tag_uuids, $input_user_uuid) = $input;
+ list($expected_tag_ids, $expected_user_id) = $expected;
+
+ $node = [
+ [
+ 'data' => [
+ 'type' => 'node--article',
+ 'attributes' => [
+ 'title' => 'Testing article',
+ 'id' => '33095485-70D2-4E51-A309-535CC5BC0115',
+ ],
+ 'relationships' => [
+ 'uid' => [
+ 'data' => [
+ 'type' => 'user--user',
+ 'id' => $input_user_uuid,
+ ],
+ ],
+ 'field_tags' => [
+ 'data' => [],
+ ],
+ ],
+ ],
+ ],
+ [
+ 'tag_ids' => $expected_tag_ids,
+ 'user_id' => $expected_user_id,
+ ],
+ ];
+
+ if (isset($input_tag_uuids[0])) {
+ $node[0]['data']['relationships']['field_tags']['data'][0] = [
+ 'type' => 'taxonomy_term--tags',
+ 'id' => $input_tag_uuids[0],
+ ];
+ }
+ if (isset($input_tag_uuids[1])) {
+ $node[0]['data']['relationships']['field_tags']['data'][1] = [
+ 'type' => 'taxonomy_term--tags',
+ 'id' => $input_tag_uuids[1],
+ ];
+ }
+ return $node;
+ }
+
+ /**
+ * Ensure that cacheability metadata is properly added.
+ *
+ * @param \Drupal\Core\Cache\CacheableMetadata $expected_metadata
+ * The expected cacheable metadata.
+ * @param array|null $fields
+ * Fields to include in the response, keyed by resource type.
+ * @param array|null $includes
+ * Resources paths to include in the response.
+ *
+ * @dataProvider testCacheableMetadataProvider
+ */
+ public function testCacheableMetadata(CacheableMetadata $expected_metadata, $fields = NULL, $includes = NULL) {
+ list($request, $resource_type) = $this->generateProphecies('node', 'article');
+ $actual_metadata = new CacheableMetadata();
+ $context = [
+ 'request' => $this->decorateRequest($request, $fields, $includes),
+ 'resource_type' => $resource_type,
+ 'cacheable_metadata' => $actual_metadata,
+ ];
+ $this->getNormalizer()->normalize(new JsonApiDocumentTopLevel($this->node), 'api_json', $context);
+ $this->assertArraySubset($expected_metadata->getCacheTags(), $actual_metadata->getCacheTags());
+ $this->assertArraySubset($expected_metadata->getCacheContexts(), $actual_metadata->getCacheContexts());
+ $this->assertSame($expected_metadata->getCacheMaxAge(), $actual_metadata->getCacheMaxAge());
+ }
+
+ /**
+ * Provides test cases for asserting cacheable metadata behavior.
+ */
+ public function testCacheableMetadataProvider() {
+ $cacheable_metadata = function ($metadata) {
+ return CacheableMetadata::createFromRenderArray(['#cache' => $metadata]);
+ };
+
+ return [
+ [
+ floatval(\Drupal::VERSION) < 8.5
+ ? $cacheable_metadata([])
+ : $cacheable_metadata(['contexts' => ['languages:language_interface']]),
+ ['node--article' => 'body'],
+ ],
+ ];
+ }
+
+ /**
+ * Decorates a request with sparse fieldsets and includes.
+ */
+ protected function decorateRequest(Request $request, array $fields = NULL, array $includes = NULL) {
+ $parameters = new ParameterBag();
+ $parameters->add($fields ? ['fields' => $fields] : []);
+ $parameters->add($includes ? ['include' => $includes] : []);
+ $request->query = $parameters;
+ return $request;
+ }
+
+ /**
+ * Helper to load the normalizer.
+ */
+ protected function getNormalizer() {
+ return $this->container->get('jsonapi_test_normalizers_kernel.jsonapi_document_toplevel');
+ }
+
+ /**
+ * Generates the prophecies for the mocked entity request.
+ *
+ * @param string $entity_type_id
+ * The ID of the entity type. Ex: node.
+ * @param string $bundle
+ * The bundle. Ex: article.
+ * @param string $related_property
+ * The related property.
+ *
+ * @return array
+ * A numeric array containing the request and the ResourceType.
+ */
+ protected function generateProphecies($entity_type_id, $bundle, $related_property = NULL) {
+ $path = sprintf('/%s/%s', $entity_type_id, $bundle);
+ $path = $related_property ?
+ sprintf('%s/%s', $path, $related_property) :
+ $path;
+
+ $route = new Route($path, [
+ '_on_relationship' => NULL,
+ ], [
+ '_entity_type' => $entity_type_id,
+ '_bundle' => $bundle,
+ ]);
+ $request = new Request([], [], [
+ RouteObjectInterface::ROUTE_OBJECT => $route,
+ ]);
+ /* @var \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager */
+ $entity_type_manager = $this->container->get('entity_type.manager');
+
+ $resource_type = new ResourceType(
+ $entity_type_id,
+ $bundle,
+ $entity_type_manager->getDefinition($entity_type_id)->getClass()
+ );
+
+ /* @var \Symfony\Component\HttpFoundation\RequestStack $request_stack */
+ $request_stack = $this->container->get('request_stack');
+ $request_stack->push($request);
+ $this->container->set('request_stack', $request_stack);
+ $this->container->get('jsonapi.serializer_do_not_use_removal_imminent');
+
+ return [$request, $resource_type];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/OffsetPageNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/OffsetPageNormalizerTest.php
new file mode 100644
index 0000000..c22e89f
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/OffsetPageNormalizerTest.php
@@ -0,0 +1,74 @@
+normalizer = $this->container->get('serializer.normalizer.offset_page.jsonapi');
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($original, $expected) {
+ $actual = $this->normalizer->denormalize($original, OffsetPage::class);
+ $this->assertEquals($expected['offset'], $actual->getOffset());
+ $this->assertEquals($expected['limit'], $actual->getSize());
+ }
+
+ /**
+ * Data provider for testGet.
+ */
+ public function denormalizeProvider() {
+ return [
+ [['offset' => 12, 'limit' => 20], ['offset' => 12, 'limit' => 20]],
+ [['offset' => 12, 'limit' => 60], ['offset' => 12, 'limit' => 50]],
+ [['offset' => 12], ['offset' => 12, 'limit' => 50]],
+ [['offset' => 0], ['offset' => 0, 'limit' => 50]],
+ [[], ['offset' => 0, 'limit' => 50]],
+ ];
+ }
+
+ /**
+ * @covers ::denormalize
+ */
+ public function testDenormalizeFail() {
+ $this->setExpectedException(BadRequestHttpException::class);
+ $this->normalizer->denormalize('lorem', OffsetPage::class);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Normalizer/SortNormalizerTest.php b/core/modules/jsonapi/tests/src/Kernel/Normalizer/SortNormalizerTest.php
new file mode 100644
index 0000000..7a63914
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Normalizer/SortNormalizerTest.php
@@ -0,0 +1,121 @@
+container->set('jsonapi.field_resolver', $this->getFieldResolver('foo', 'bar'));
+ $this->normalizer = $this->container->get('serializer.normalizer.sort.jsonapi');
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($input, $expected) {
+ $sort = $this->normalizer->denormalize($input, Sort::class, NULL, ['entity_type_id' => 'foo', 'bundle' => 'bar']);
+ foreach ($sort->fields() as $index => $sort_field) {
+ $this->assertEquals($expected[$index]['path'], $sort_field['path']);
+ $this->assertEquals($expected[$index]['direction'], $sort_field['direction']);
+ $this->assertEquals($expected[$index]['langcode'], $sort_field['langcode']);
+ }
+ }
+
+ /**
+ * Provides a suite of shortcut sort pamaters and their expected expansions.
+ */
+ public function denormalizeProvider() {
+ return [
+ ['lorem', [['path' => 'foo', 'direction' => 'ASC', 'langcode' => NULL]]],
+ ['-lorem', [['path' => 'foo', 'direction' => 'DESC', 'langcode' => NULL]]],
+ ['-lorem,ipsum', [
+ ['path' => 'foo', 'direction' => 'DESC', 'langcode' => NULL],
+ ['path' => 'bar', 'direction' => 'ASC', 'langcode' => NULL],
+ ],
+ ],
+ ['-lorem,-ipsum', [
+ ['path' => 'foo', 'direction' => 'DESC', 'langcode' => NULL],
+ ['path' => 'bar', 'direction' => 'DESC', 'langcode' => NULL],
+ ],
+ ],
+ [[
+ ['path' => 'lorem', 'langcode' => NULL],
+ ['path' => 'ipsum', 'langcode' => 'ca'],
+ ['path' => 'dolor', 'direction' => 'ASC', 'langcode' => 'ca'],
+ ['path' => 'sit', 'direction' => 'DESC', 'langcode' => 'ca'],
+ ], [
+ ['path' => 'foo', 'direction' => 'ASC', 'langcode' => NULL],
+ ['path' => 'bar', 'direction' => 'ASC', 'langcode' => 'ca'],
+ ['path' => 'baz', 'direction' => 'ASC', 'langcode' => 'ca'],
+ ['path' => 'qux', 'direction' => 'DESC', 'langcode' => 'ca'],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeFailProvider
+ */
+ public function testDenormalizeFail($input) {
+ $this->setExpectedException(BadRequestHttpException::class);
+ $sort = $this->normalizer->denormalize($input, Sort::class);
+ }
+
+ /**
+ * Data provider for testDenormalizeFail.
+ */
+ public function denormalizeFailProvider() {
+ return [
+ [[['lorem']]],
+ [''],
+ ];
+ }
+
+ /**
+ * Provides a mock field resolver.
+ */
+ protected function getFieldResolver($entity_type_id, $bundle) {
+ $field_resolver = $this->prophesize(FieldResolver::class);
+ $field_resolver->resolveInternal('foo', 'bar', 'lorem')->willReturn('foo');
+ $field_resolver->resolveInternal('foo', 'bar', 'ipsum')->willReturn('bar');
+ $field_resolver->resolveInternal('foo', 'bar', 'dolor')->willReturn('baz');
+ $field_resolver->resolveInternal('foo', 'bar', 'sit')->willReturn('qux');
+ return $field_resolver->reveal();
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Query/FilterTest.php b/core/modules/jsonapi/tests/src/Kernel/Query/FilterTest.php
new file mode 100644
index 0000000..3c93d6a
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Query/FilterTest.php
@@ -0,0 +1,210 @@
+setUpSchemas();
+
+ $this->savePaintingType();
+
+ // ((RED or CIRCLE) or (YELLOW and SQUARE))
+ $this->savePaintings([
+ ['colors' => ['red'], 'shapes' => ['triangle'], 'title' => 'FIND'],
+ ['colors' => ['orange'], 'shapes' => ['circle'], 'title' => 'FIND'],
+ ['colors' => ['orange'], 'shapes' => ['triangle'], 'title' => 'DONT_FIND'],
+ ['colors' => ['yellow'], 'shapes' => ['square'], 'title' => 'FIND'],
+ ['colors' => ['yellow'], 'shapes' => ['triangle'], 'title' => 'DONT_FIND'],
+ ['colors' => ['orange'], 'shapes' => ['square'], 'title' => 'DONT_FIND'],
+ ]);
+
+ $this->normalizer = $this->container->get('serializer.normalizer.filter.jsonapi');
+ $this->nodeStorage = $this->container->get('entity_type.manager')->getStorage('node');
+ }
+
+ /**
+ * @covers ::queryCondition
+ */
+ public function testQueryCondition() {
+ // Can't use a data provider because we need access to the container.
+ $data = $this->queryConditionData();
+
+ foreach ($data as $case) {
+ $normalized = $case[0];
+ $expected_query = $case[1];
+ // Denormalize the test filter into the object we want to test.
+ $filter = $this->normalizer->denormalize($normalized, Filter::class, NULL, [
+ 'entity_type_id' => 'node',
+ 'bundle' => 'painting',
+ ]);
+
+ $query = $this->nodeStorage->getQuery();
+
+ // Get the query condition parsed from the input.
+ $condition = $filter->queryCondition($query);
+
+ // Apply it to the query.
+ $query->condition($condition);
+
+ // Compare the results.
+ $this->assertEquals($expected_query->execute(), $query->execute());
+ }
+ }
+
+ /**
+ * Simply provides test data to keep the actual test method tidy.
+ */
+ protected function queryConditionData() {
+ // ((RED or CIRCLE) or (YELLOW and SQUARE))
+ $query = $this->nodeStorage->getQuery();
+
+ $or_group = $query->orConditionGroup();
+
+ $nested_or_group = $query->orConditionGroup();
+ $nested_or_group->condition('colors', 'red', 'CONTAINS');
+ $nested_or_group->condition('shapes', 'circle', 'CONTAINS');
+ $or_group->condition($nested_or_group);
+
+ $nested_and_group = $query->andConditionGroup();
+ $nested_and_group->condition('colors', 'yellow', 'CONTAINS');
+ $nested_and_group->condition('shapes', 'square', 'CONTAINS');
+ $or_group->condition($nested_and_group);
+
+ $query->condition($or_group);
+
+ return [
+ [
+ [
+ 'or-group' => ['group' => ['conjunction' => 'OR']],
+ 'nested-or-group' => ['group' => ['conjunction' => 'OR', 'memberOf' => 'or-group']],
+ 'nested-and-group' => ['group' => ['conjunction' => 'AND', 'memberOf' => 'or-group']],
+ 'condition-0' => [
+ 'condition' => [
+ 'path' => 'colors',
+ 'value' => 'red',
+ 'operator' => 'CONTAINS',
+ 'memberOf' => 'nested-or-group',
+ ],
+ ],
+ 'condition-1' => [
+ 'condition' => [
+ 'path' => 'shapes',
+ 'value' => 'circle',
+ 'operator' => 'CONTAINS',
+ 'memberOf' => 'nested-or-group',
+ ],
+ ],
+ 'condition-2' => [
+ 'condition' => [
+ 'path' => 'colors',
+ 'value' => 'yellow',
+ 'operator' =>
+ 'CONTAINS',
+ 'memberOf' => 'nested-and-group',
+ ],
+ ],
+ 'condition-3' => [
+ 'condition' => [
+ 'path' => 'shapes',
+ 'value' => 'square',
+ 'operator' => 'CONTAINS',
+ 'memberOf' => 'nested-and-group',
+ ],
+ ],
+ ],
+ $query,
+ ],
+ ];
+ }
+
+ /**
+ * Sets up the schemas.
+ */
+ protected function setUpSchemas() {
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+
+ $this->installSchema('user', []);
+ foreach (['user', 'node'] as $entity_type_id) {
+ $this->installEntitySchema($entity_type_id);
+ }
+ }
+
+ /**
+ * Creates a painting node type.
+ */
+ protected function savePaintingType() {
+ NodeType::create([
+ 'type' => 'painting',
+ ])->save();
+ $this->createTextField(
+ 'node', 'painting',
+ 'colors', 'Colors',
+ FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED
+ );
+ $this->createTextField(
+ 'node', 'painting',
+ 'shapes', 'Shapes',
+ FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED
+ );
+ }
+
+ /**
+ * Creates painting nodes.
+ */
+ protected function savePaintings($paintings) {
+ foreach ($paintings as $painting) {
+ Node::create(array_merge([
+ 'type' => 'painting',
+ ], $painting))->save();
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/ResourceType/RelatedResourceTypesTest.php b/core/modules/jsonapi/tests/src/Kernel/ResourceType/RelatedResourceTypesTest.php
new file mode 100644
index 0000000..d77034d
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/ResourceType/RelatedResourceTypesTest.php
@@ -0,0 +1,182 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+
+ NodeType::create([
+ 'type' => 'foo',
+ ])->save();
+
+ NodeType::create([
+ 'type' => 'bar',
+ ])->save();
+
+ $this->createEntityReferenceField(
+ 'node',
+ 'foo',
+ 'field_ref_bar',
+ 'Bar Reference',
+ 'node',
+ 'default',
+ ['target_bundles' => ['bar']]
+ );
+
+ $this->createEntityReferenceField(
+ 'node',
+ 'foo',
+ 'field_ref_foo',
+ 'Foo Reference',
+ 'node',
+ 'default',
+ // Important to test self-referencing resource types.
+ ['target_bundles' => ['foo']]
+ );
+
+ $this->createEntityReferenceField(
+ 'node',
+ 'foo',
+ 'field_ref_any',
+ 'Any Bundle Reference',
+ 'node',
+ 'default',
+ // This should result in a reference to any bundle.
+ ['target_bundles' => NULL]
+ );
+
+ $this->resourceTypeRepository = $this->container->get('jsonapi.resource_type.repository');
+ }
+
+ /**
+ * @covers ::getRelatableResourceTypes
+ * @dataProvider getRelatableResourceTypesProvider
+ */
+ public function testGetRelatableResourceTypes($resource_type_name, $relatable_type_names) {
+ // We're only testing the fields that we set up.
+ $test_fields = [
+ 'field_ref_foo',
+ 'field_ref_bar',
+ 'field_ref_any',
+ ];
+
+ $resource_type = $this->resourceTypeRepository->getByTypeName($resource_type_name);
+
+ // This extracts just the relationship fields under test.
+ $subjects = array_intersect_key(
+ $resource_type->getRelatableResourceTypes(),
+ array_flip($test_fields)
+ );
+
+ // Map the related resource type to their type name so we can just compare
+ // the type names rather that the whole object.
+ foreach ($test_fields as $field_name) {
+ if (isset($subjects[$field_name])) {
+ $subjects[$field_name] = array_map(function ($resource_type) {
+ return $resource_type->getTypeName();
+ }, $subjects[$field_name]);
+ }
+ }
+
+ $this->assertArraySubset($relatable_type_names, $subjects);
+ }
+
+ /**
+ * @covers ::getRelatableResourceTypes
+ * @dataProvider getRelatableResourceTypesProvider
+ */
+ public function getRelatableResourceTypesProvider() {
+ return [
+ [
+ 'node--foo',
+ [
+ 'field_ref_foo' => ['node--foo'],
+ 'field_ref_bar' => ['node--bar'],
+ 'field_ref_any' => ['node--foo', 'node--bar'],
+ ],
+ ],
+ ['node--bar', []],
+ ];
+ }
+
+ /**
+ * @covers ::getRelatableResourceTypesByField
+ * @dataProvider getRelatableResourceTypesByFieldProvider
+ */
+ public function testGetRelatableResourceTypesByField($entity_type_id, $bundle, $field) {
+ $resource_type = $this->resourceTypeRepository->get($entity_type_id, $bundle);
+ $relatable_types = $resource_type->getRelatableResourceTypes();
+ $this->assertSame(
+ $relatable_types[$field],
+ $resource_type->getRelatableResourceTypesByField($field)
+ );
+ }
+
+ /**
+ * Provides cases to test getRelatableTypesByField.
+ */
+ public function getRelatableResourceTypesByFieldProvider() {
+ return [
+ ['node', 'foo', 'field_ref_foo'],
+ ['node', 'foo', 'field_ref_bar'],
+ ['node', 'foo', 'field_ref_any'],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/ResourceType/ResourceTypeRepositoryTest.php b/core/modules/jsonapi/tests/src/Kernel/ResourceType/ResourceTypeRepositoryTest.php
new file mode 100644
index 0000000..950a5a1
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/ResourceType/ResourceTypeRepositoryTest.php
@@ -0,0 +1,100 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+ NodeType::create([
+ 'type' => 'article',
+ ])->save();
+ NodeType::create([
+ 'type' => 'page',
+ ])->save();
+
+ $this->resourceTypeRepository = $this->container->get('jsonapi.resource_type.repository');
+ }
+
+ /**
+ * @covers ::all
+ */
+ public function testAll() {
+ // Make sure that there are resources being created.
+ $all = $this->resourceTypeRepository->all();
+ $this->assertNotEmpty($all);
+ array_walk($all, function (ResourceType $resource_type) {
+ $this->assertNotEmpty($resource_type->getDeserializationTargetClass());
+ $this->assertNotEmpty($resource_type->getEntityTypeId());
+ $this->assertNotEmpty($resource_type->getTypeName());
+ });
+ }
+
+ /**
+ * @covers ::get
+ * @dataProvider getProvider
+ */
+ public function testGet($entity_type_id, $bundle, $entity_class) {
+ // Make sure that there are resources being created.
+ $resource_type = $this->resourceTypeRepository->get($entity_type_id, $bundle);
+ $this->assertInstanceOf(ResourceType::class, $resource_type);
+ $this->assertSame($entity_class, $resource_type->getDeserializationTargetClass());
+ $this->assertSame($entity_type_id, $resource_type->getEntityTypeId());
+ $this->assertSame($bundle, $resource_type->getBundle());
+ $this->assertSame($entity_type_id . '--' . $bundle, $resource_type->getTypeName());
+ }
+
+ /**
+ * Data provider for testGet.
+ *
+ * @returns array
+ * The data for the test method.
+ */
+ public function getProvider() {
+ return [
+ ['node', 'article', 'Drupal\node\Entity\Node'],
+ ['node_type', 'node_type', 'Drupal\node\Entity\NodeType'],
+ ['menu', 'menu', 'Drupal\system\Entity\Menu'],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Kernel/Serializer/SerializerTest.php b/core/modules/jsonapi/tests/src/Kernel/Serializer/SerializerTest.php
new file mode 100644
index 0000000..5bfbaae
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Kernel/Serializer/SerializerTest.php
@@ -0,0 +1,108 @@
+installEntitySchema('node');
+ $this->installEntitySchema('user');
+ // Add the additional table schemas.
+ $this->installSchema('system', ['sequences']);
+ $this->installSchema('node', ['node_access']);
+ $this->installSchema('user', ['users_data']);
+ $this->user = User::create([
+ 'name' => $this->randomString(),
+ 'status' => 1,
+ ]);
+ $this->user->save();
+ NodeType::create([
+ 'type' => 'foo',
+ ])->save();
+ $this->createTextField('node', 'foo', 'field_text', 'Text');
+ $this->node = Node::create([
+ 'title' => 'Test Node',
+ 'type' => 'foo',
+ 'field_text' => [
+ 'value' => 'This is some text.',
+ 'format' => 'text_plain',
+ ],
+ 'uid' => $this->user->id(),
+ ]);
+ $this->node->save();
+ $this->sut = $this->container->get('jsonapi.serializer_do_not_use_removal_imminent');
+ }
+
+ /**
+ * @covers \Drupal\jsonapi\Serializer\Serializer::normalize
+ */
+ public function testFallbackNormalizer() {
+ $context = ['account' => $this->user];
+
+ $value = $this->sut->normalize($this->node->field_text, 'api_json', $context);
+ $this->assertTrue($value instanceof FieldNormalizerValue);
+
+ $nested_field = [
+ $this->node->field_text,
+ ];
+
+ // When wrapped in an array, we should still be using the JSON API
+ // serializer.
+ $value = $this->sut->normalize($nested_field, 'api_json', $context);
+ $this->assertTrue($value[0] instanceof FieldNormalizerValue);
+
+ // Continue to use the fallback normalizer when we need it.
+ $data = Markup::create('Test Markup
');
+ $value = $this->sut->normalize($data, 'api_json', $context);
+
+ $this->assertEquals('Test Markup
', $value);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Access/CustomQueryParameterNamesAccessCheckTest.php b/core/modules/jsonapi/tests/src/Unit/Access/CustomQueryParameterNamesAccessCheckTest.php
new file mode 100644
index 0000000..6c32e57
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Access/CustomQueryParameterNamesAccessCheckTest.php
@@ -0,0 +1,58 @@
+attributes->set('_json_api_params', [$name => '123']);
+ $result = $access_checker->access($request);
+
+ if ($valid) {
+ $this->assertTrue($result->isAllowed());
+ }
+ else {
+ $this->assertFalse($result->isAllowed());
+ }
+ }
+
+ /**
+ * Data provider for testAccess.
+ */
+ public function providerTestAccess() {
+ $data = [];
+
+ $data['Official query parameter: sort'] = ['sort', TRUE];
+ $data['Official query parameter: page'] = ['page', TRUE];
+ $data['Official query parameter: filter'] = ['filter', TRUE];
+
+ $data['Valid member, but invalid custom query parameter'] = ['foobar', FALSE];
+
+ $data['Valid custom query parameter: dash'] = ['foo-bar', TRUE];
+ $data['Valid custom query parameter: underscore'] = ['foo_bar', TRUE];
+ $data['Valid custom query parameter: camelcase'] = ['fooBar', TRUE];
+
+ return $data;
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Context/CurrentContextTest.php b/core/modules/jsonapi/tests/src/Unit/Context/CurrentContextTest.php
new file mode 100644
index 0000000..c806e40
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Context/CurrentContextTest.php
@@ -0,0 +1,152 @@
+fieldManager = $this->prophesize(EntityFieldManagerInterface::class)->reveal();
+
+ // Create a mock for the current route match.
+ $this->currentRoute = new Route(
+ '/jsonapi/articles',
+ [],
+ ['_entity_type' => 'node', '_bundle' => 'article']
+ );
+
+ // Create a mock for the ResourceTypeRepository service.
+ $resource_type_repository_prophecy = $this->prophesize(ResourceTypeRepository::class);
+ $resource_type_repository_prophecy->get('node', 'article')
+ ->willReturn(new ResourceType('node', 'article', NodeInterface::class));
+ $this->resourceTypeRepository = $resource_type_repository_prophecy->reveal();
+
+ $this->requestStack = new RequestStack();
+ $this->requestStack->push(new Request([], [], [
+ '_json_api_params' => [
+ 'filter' => new Filter(new EntityConditionGroup('AND', [])),
+ 'sort' => new Sort([]),
+ 'page' => new OffsetPage(OffsetPage::DEFAULT_OFFSET, OffsetPage::SIZE_MAX),
+ // 'include' => new IncludeParam([]),
+ // 'fields' => new Fields([]),.
+ ],
+ RouteObjectInterface::ROUTE_OBJECT => $this->currentRoute,
+ ]));
+
+ $this->routeMatcher = new CurrentRouteMatch($this->requestStack);
+ }
+
+ /**
+ * @covers ::getResourceType
+ */
+ public function testGetResourceType() {
+ $request_context = new CurrentContext($this->resourceTypeRepository, $this->requestStack, $this->routeMatcher);
+
+ $this->assertEquals(
+ $this->resourceTypeRepository->get('node', 'article'),
+ $request_context->getResourceType()
+ );
+ }
+
+ /**
+ * @covers ::getJsonApiParameter
+ */
+ public function testGetJsonApiParameter() {
+ $request_context = new CurrentContext($this->resourceTypeRepository, $this->requestStack, $this->routeMatcher);
+
+ $actual = $request_context->getJsonApiParameter('sort');
+
+ $this->assertTrue($actual instanceof Sort);
+ }
+
+ /**
+ * @covers ::hasExtension
+ */
+ public function testHasExtensionWithExistingExtension() {
+ $request = new Request();
+ $request->headers->set('Content-Type', 'application/vnd.api+json; ext="ext1,ext2"');
+ $this->requestStack->push($request);
+ $request_context = new CurrentContext($this->resourceTypeRepository, $this->requestStack, $this->routeMatcher);
+
+ $this->assertTrue($request_context->hasExtension('ext1'));
+ $this->assertTrue($request_context->hasExtension('ext2'));
+ }
+
+ /**
+ * @covers ::getExtensions
+ */
+ public function testGetExtensions() {
+ $request = new Request();
+ $request->headers->set('Content-Type', 'application/vnd.api+json; ext="ext1,ext2"');
+ $this->requestStack->push($request);
+ $request_context = new CurrentContext($this->resourceTypeRepository, $this->requestStack, $this->routeMatcher);
+
+ $this->assertEquals(['ext1', 'ext2'], $request_context->getExtensions());
+ }
+
+ /**
+ * @covers ::hasExtension
+ */
+ public function testHasExtensionWithNotExistingExtension() {
+ $request = new Request();
+ $request->headers->set('Content-Type', 'application/vnd.api+json;');
+ $this->requestStack->push($request);
+ $request_context = new CurrentContext($this->resourceTypeRepository, $this->requestStack, $this->routeMatcher);
+ $this->assertFalse($request_context->hasExtension('ext1'));
+ $this->assertFalse($request_context->hasExtension('ext2'));
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Controller/RequestHandlerTest.php b/core/modules/jsonapi/tests/src/Unit/Controller/RequestHandlerTest.php
new file mode 100644
index 0000000..442b580
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Controller/RequestHandlerTest.php
@@ -0,0 +1,75 @@
+prophesize(Request::class);
+ $request->getContentType()->willReturn(NULL);
+ $request->getContent()->willReturn('this is not used');
+ $request->isMethodCacheable()->willReturn(FALSE);
+ $request->getMethod()->willReturn(NULL);
+ $request->get(Argument::any())->willReturn(NULL);
+ $request->getMimeType(Argument::any())->willReturn(NULL);
+ $serializer = $this->prophesize(SerializerInterface::class);
+ $serializer->deserialize(Argument::type('string'), Argument::type('string'), Argument::any(), Argument::type('array'))
+ ->willThrow(new UnexpectedValueException('Foo'));
+ $serializer->serialize(Argument::any(), Argument::any(), Argument::any())
+ ->willReturn('{"errors":[{"status":422,"message":"Foo"}]}');
+ $current_context = $this->prophesize(CurrentContext::class);
+ $current_context->getResourceType()
+ ->willReturn(new ResourceType($this->randomMachineName(), $this->randomMachineName(), NULL));
+
+ $request_handler = new RequestHandler(
+ $serializer->reveal(),
+ $current_context->reveal(),
+ $this->prophesize(RendererInterface::class)->reveal(),
+ $this->prophesize(ResourceTypeRepositoryInterface::class)->reveal(),
+ $this->prophesize(EntityTypeManagerInterface::class)->reveal(),
+ $this->prophesize(EntityFieldManagerInterface::class)->reveal(),
+ $this->prophesize(FieldTypePluginManagerInterface::class)->reveal(),
+ $this->prophesize(LinkManager::class)->reveal()
+ );
+
+ try {
+ $this->setExpectedException(HttpException::class, "There was an error un-serializing the data. Message: Foo");
+ $request_handler->deserializeBody(
+ $request->reveal(),
+ 'invalid'
+ );
+ $this->fail('Expected exception.');
+ }
+ catch (HttpException $e) {
+ $this->assertEquals(422, $e->getStatusCode());
+ // Re-throw the exception so the test runner can catch it.
+ throw $e;
+ }
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/EventSubscriber/ResourceResponseSubscriberTest.php b/core/modules/jsonapi/tests/src/Unit/EventSubscriber/ResourceResponseSubscriberTest.php
new file mode 100644
index 0000000..a4a628d
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/EventSubscriber/ResourceResponseSubscriberTest.php
@@ -0,0 +1,321 @@
+fail('The JSON Schema validator is missing. You can install it with `composer require justinrainbow/json-schema`.');
+ }
+
+ $module_handler = $this->prophesize(ModuleHandlerInterface::class);
+ $module = $this->prophesize(Extension::class);
+ $module_path = dirname(dirname(dirname(dirname(__DIR__))));
+ $module->getPath()->willReturn($module_path);
+ $module_handler->getModule('jsonapi')->willReturn($module->reveal());
+ $subscriber = new ResourceResponseSubscriber(
+ new Serializer([], [new JsonSchemaEncoder()]),
+ $this->prophesize(RendererInterface::class)->reveal(),
+ $this->prophesize(LoggerInterface::class)->reveal(),
+ $module_handler->reveal(),
+ ''
+ );
+ $subscriber->setValidator();
+ $this->subscriber = $subscriber;
+ }
+
+ /**
+ * @covers ::doValidateResponse
+ */
+ public function testDoValidateResponse() {
+ $request = $this->createRequest(
+ 'jsonapi.node--article.individual',
+ '/jsonapi/node/article/{node}',
+ ['_entity_type' => 'node', '_bundle' => 'article']
+ );
+
+ $response = $this->createResponse('{"data":null}');
+
+ // Capture the default assert settings.
+ $zend_assertions_default = ini_get('zend.assertions');
+ $assert_active_default = assert_options(ASSERT_ACTIVE);
+
+ // The validator *should* be called when asserts are active.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldBeCalled('Validation should be run when asserts are active.');
+ $validator->isValid()->willReturn(TRUE);
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Ensure asset is active.
+ ini_set('zend.assertions', 1);
+ assert_options(ASSERT_ACTIVE, 1);
+ $this->subscriber->doValidateResponse($response, $request);
+
+ // The validator should *not* be called when asserts are inactive.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldNotBeCalled('Validation should not be run when asserts are not active.');
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Ensure asset is inactive.
+ ini_set('zend.assertions', 0);
+ assert_options(ASSERT_ACTIVE, 0);
+ $this->subscriber->doValidateResponse($response, $request);
+
+ // Reset the original assert values.
+ ini_set('zend.assertions', $zend_assertions_default);
+ assert_options(ASSERT_ACTIVE, $assert_active_default);
+ }
+
+ /**
+ * @covers ::onResponse
+ */
+ public function testValidateResponseSchemata() {
+ $request = $this->createRequest(
+ 'jsonapi.node--article.individual',
+ '/jsonapi/node/article/{node}',
+ ['_entity_type' => 'node', '_bundle' => 'article']
+ );
+
+ $response = $this->createResponse('{"data":null}');
+
+ // The validator should be called *once* if schemata is *not* installed.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldBeCalledTimes(1);
+ $validator->isValid()->willReturn(TRUE);
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Run validations.
+ $this->subscriber->doValidateResponse($response, $request);
+
+ // The validator should be called *twice* if schemata is installed.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldBeCalledTimes(2);
+ $validator->isValid()->willReturn(TRUE);
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Make the schemata factory available.
+ $schema_factory = $this->prophesize(SchemaFactory::class);
+ $schema_factory->create('node', 'article')->willReturn('{}');
+ $this->subscriber->setSchemaFactory($schema_factory->reveal());
+
+ // Run validations.
+ $this->subscriber->doValidateResponse($response, $request);
+
+ // The validator resource specific schema should *not* be validated on
+ // 'related' routes.
+ $request = $this->createRequest(
+ 'jsonapi.node--article.related',
+ '/jsonapi/node/article/{node}/foo',
+ ['_entity_type' => 'node', '_bundle' => 'article']
+ );
+
+ // Since only the generic schema should be validated, the validator should
+ // only be called once.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldBeCalledTimes(1);
+ $validator->isValid()->willReturn(TRUE);
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Run validations.
+ $this->subscriber->doValidateResponse($response, $request);
+
+ // The validator resource specific schema should *not* be validated on
+ // 'relationship' routes.
+ $request = $this->createRequest(
+ 'jsonapi.node--article.relationship',
+ '/jsonapi/node/article/{node}/relationships/foo',
+ ['_entity_type' => 'node', '_bundle' => 'article']
+ );
+
+ // Since only the generic schema should be validated, the validator should
+ // only be called once.
+ $validator = $this->prophesize(Validator::class);
+ $validator->check(Argument::any(), Argument::any())->shouldBeCalledTimes(1);
+ $validator->isValid()->willReturn(TRUE);
+ $this->subscriber->setValidator($validator->reveal());
+
+ // Run validations.
+ $this->subscriber->doValidateResponse($response, $request);
+ }
+
+ /**
+ * @covers ::validateResponse
+ * @dataProvider validateResponseProvider
+ */
+ public function testValidateResponse($request, $response, $expected, $description) {
+ // Expose protected ResourceResponseSubscriber::validateResponse() method.
+ $object = new \ReflectionObject($this->subscriber);
+ $method = $object->getMethod('validateResponse');
+ $method->setAccessible(TRUE);
+
+ $this->assertSame($expected, $method->invoke($this->subscriber, $response, $request), $description);
+ }
+
+ /**
+ * Provides test cases for testValidateResponse.
+ *
+ * @return array
+ * An array of test cases.
+ */
+ public function validateResponseProvider() {
+ $defaults = [
+ 'route_name' => 'jsonapi.node--article.individual',
+ 'route' => '/jsonapi/node/article/{node}',
+ 'requirements' => ['_entity_type' => 'node', '_bundle' => 'article'],
+ ];
+
+ $test_data = [
+ // Test validation success.
+ [
+ 'json' => <<<'EOD'
+{
+ "data": {
+ "type": "node--article",
+ "id": "4f342419-e668-4b76-9f87-7ce20c436169",
+ "attributes": {
+ "nid": "1",
+ "uuid": "4f342419-e668-4b76-9f87-7ce20c436169"
+ }
+ }
+}
+EOD
+ ,
+ 'expected' => TRUE,
+ 'description' => 'Response validation flagged a valid response.',
+ ],
+ // Test validation failure: no "type" in "data".
+ [
+ 'json' => <<<'EOD'
+{
+ "data": {
+ "id": "4f342419-e668-4b76-9f87-7ce20c436169",
+ "attributes": {
+ "nid": "1",
+ "uuid": "4f342419-e668-4b76-9f87-7ce20c436169"
+ }
+ }
+}
+EOD
+ ,
+ 'expected' => FALSE,
+ 'description' => 'Response validation failed to flag an invalid response.',
+ ],
+ // Test validation failure: "errors" at the root level.
+ [
+ 'json' => <<<'EOD'
+{
+ "data": {
+ "type": "node--article",
+ "id": "4f342419-e668-4b76-9f87-7ce20c436169",
+ "attributes": {
+ "nid": "1",
+ "uuid": "4f342419-e668-4b76-9f87-7ce20c436169"
+ }
+ },
+ "errors": [{}]
+}
+EOD
+ ,
+ 'expected' => FALSE,
+ 'description' => 'Response validation failed to flag an invalid response.',
+ ],
+ // Test validation of an empty response passes.
+ [
+ 'json' => NULL,
+ 'expected' => TRUE,
+ 'description' => 'Response validation flagged a valid empty response.',
+ ],
+ // Test validation fails on empty object.
+ [
+ 'json' => '{}',
+ 'expected' => FALSE,
+ 'description' => 'Response validation flags empty array as invalid.',
+ ],
+ ];
+
+ $test_cases = array_map(function ($input) use ($defaults) {
+ list($json, $expected, $description, $route_name, $route, $requirements) = array_values($input + $defaults);
+ return [
+ $this->createRequest($route_name, $route, $requirements),
+ $this->createResponse($json),
+ $expected,
+ $description,
+ ];
+ }, $test_data);
+
+ return $test_cases;
+ }
+
+ /**
+ * Helper method to create a request object.
+ *
+ * @param string $route_name
+ * The route name with which to construct a request.
+ * @param string $route
+ * The route object with which to construct a request.
+ * @param array $requirements
+ * The route requirements.
+ *
+ * @return \Symfony\Component\HttpFoundation\Request
+ * The mock request object.
+ */
+ protected function createRequest($route_name, $route, array $requirements = []) {
+ $request = new Request();
+ $request->attributes->set(RouteObjectInterface::ROUTE_NAME, $route_name);
+ $request->attributes->set(RouteObjectInterface::ROUTE_OBJECT, (new Route($route))->setRequirements($requirements));
+ return $request;
+ }
+
+ /**
+ * Helper method to create a resource response from arbitrary JSON.
+ *
+ * @param string|null $json
+ * The JSON with which to create a mock response.
+ *
+ * @return \Drupal\rest\ResourceResponse
+ * The mock response object.
+ */
+ protected function createResponse($json = NULL) {
+ $response = new ResourceResponse();
+ if ($json) {
+ $response->setContent($json);
+ }
+ return $response;
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/JsonApiSpecTest.php b/core/modules/jsonapi/tests/src/Unit/JsonApiSpecTest.php
new file mode 100644
index 0000000..a55c096
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/JsonApiSpecTest.php
@@ -0,0 +1,126 @@
+assertSame($expected, JsonApiSpec::isValidMemberName($member_name));
+ }
+
+ /**
+ * Data provider for testIsValidMemberName.
+ */
+ public function providerTestIsValidMemberName() {
+ // Copied from http://jsonapi.org/format/upcoming/#document-member-names.
+ $data = [];
+ $data['alphanumeric-lowercase'] = ['12kittens', TRUE];
+ $data['alphanumeric-uppercase'] = ['12KITTENS', TRUE];
+ $data['alphanumeric-mixed'] = ['12KiTtEnS', TRUE];
+ $data['unicode-above-u+0080'] = ['12🐱🐱', TRUE];
+ $data['hyphen-start'] = ['-kittens', FALSE];
+ $data['hyphen-middle'] = ['kitt-ens', TRUE];
+ $data['hyphen-end'] = ['kittens-', FALSE];
+ $data['lowline-start'] = ['_kittens', FALSE];
+ $data['lowline-middle'] = ['kitt_ens', TRUE];
+ $data['lowline-end'] = ['kittens_', FALSE];
+ $data['space-start'] = [' kittens', FALSE];
+ $data['space-middle'] = ['kitt ens', TRUE];
+ $data['space-end'] = ['kittens ', FALSE];
+
+ // Additional test cases.
+ // @todo When D8 requires PHP >= 7, convert to \u{10FFFF}.
+ $data['unicode-above-u+0080-highest-allowed'] = ["12", TRUE];
+ $data['single-character'] = ['a', TRUE];
+
+ $unsafe_chars = [
+ '+',
+ ',',
+ '.',
+ '[',
+ ']',
+ '!',
+ '"',
+ '#',
+ '$',
+ '%',
+ '&',
+ '\'',
+ '(',
+ ')',
+ '*',
+ '/',
+ ':',
+ ';',
+ '<',
+ '=',
+ '>',
+ '?',
+ '@',
+ '\\',
+ '^',
+ '`',
+ '{',
+ '|',
+ '}',
+ '~',
+ ];
+ foreach ($unsafe_chars as $unsafe_char) {
+ $data['unsafe-' . $unsafe_char] = ['kitt' . $unsafe_char . 'ens', FALSE];
+ }
+
+ // The ASCII control characters are in the range 0x00 to 0x1F plus 0x7F.
+ for ($ascii = 0; $ascii <= 0x1F; $ascii++) {
+ $data['unsafe-ascii-control-' . $ascii] = ['kitt' . chr($ascii) . 'ens', FALSE];
+ }
+ $data['unsafe-ascii-control-' . 0x7F] = ['kitt' . chr(0x7F) . 'ens', FALSE];
+
+ return $data;
+ }
+
+ /**
+ * Provides test cases.
+ *
+ * @dataProvider providerTestIsValidCustomQueryParameter
+ * @covers ::isValidCustomQueryParameter
+ * @covers ::isValidMemberName
+ */
+ public function testIsValidCustomQueryParameter($custom_query_parameter, $expected) {
+ $this->assertSame($expected, JsonApiSpec::isValidCustomQueryParameter($custom_query_parameter));
+ }
+
+ /**
+ * Data provider for testIsValidCustomQueryParameter.
+ */
+ public function providerTestIsValidCustomQueryParameter() {
+ $data = $this->providerTestIsValidMemberName();
+
+ // All valid member names are also valid custom query parameters, except for
+ // single-character ones.
+ $data['single-character'][1] = FALSE;
+
+ // Custom query parameter test cases.
+ $data['custom-query-parameter-lowercase'] = ['foobar', FALSE];
+ $data['custom-query-parameter-dash'] = ['foo-bar', TRUE];
+ $data['custom-query-parameter-underscore'] = ['foo_bar', TRUE];
+ $data['custom-query-parameter-camelcase'] = ['fooBar', TRUE];
+
+ return $data;
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/LinkManager/LinkManagerTest.php b/core/modules/jsonapi/tests/src/Unit/LinkManager/LinkManagerTest.php
new file mode 100644
index 0000000..99c2616
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/LinkManager/LinkManagerTest.php
@@ -0,0 +1,210 @@
+prophesize(ChainRouterInterface::class);
+ $url_generator = $this->prophesize(UrlGeneratorInterface::class);
+ $url_generator->generateFromRoute(Argument::cetera())->willReturnArgument(2);
+ $this->linkManager = new LinkManager($router->reveal(), $url_generator->reveal());
+ }
+
+ /**
+ * @covers ::getPagerLinks
+ * @dataProvider getPagerLinksProvider
+ */
+ public function testGetPagerLinks($offset, $size, $has_next_page, $total, $include_count, array $pages) {
+ $assembler = $this->prophesize(UnroutedUrlAssemblerInterface::class);
+ $assembler->assemble(Argument::type('string'), Argument::type('array'), FALSE)
+ ->will(function ($args) {
+ return $args[0] . '?' . UrlHelper::buildQuery($args[1]['query']);
+ });
+
+ $container = new ContainerBuilder();
+ $container->set('unrouted_url_assembler', $assembler->reveal());
+ \Drupal::setContainer($container);
+
+ // Add the extra stuff to the expected query.
+ $pages = array_filter($pages);
+ $pages = array_map(function ($page) {
+ return 'https://example.com/drupal/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72?amet=pax&page%5Boffset%5D=' . $page['offset'] . '&page%5Blimit%5D=' . $page['limit'];
+ }, $pages);
+
+ $request = $this->prophesize(Request::class);
+ // Have the request return the desired page parameter.
+ $page_param = $this->prophesize(OffsetPage::class);
+ $page_param->getOffset()->willReturn($offset);
+ $page_param->getSize()->willReturn($size);
+ $request->getUri()->willReturn('https://example.com/drupal/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72?amet=pax');
+ $request->getBaseUrl()->willReturn('/drupal');
+ $request->getPathInfo()->willReturn('');
+ $request->getSchemeAndHttpHost()->willReturn('https://example.com');
+ $request->getBaseUrl()->willReturn('/drupal');
+ $request->getPathInfo()->willReturn('/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72');
+ $request->get('_json_api_params')->willReturn(['page' => $page_param->reveal()]);
+ $request->query = new ParameterBag(['amet' => 'pax']);
+
+ $context = ['has_next_page' => $has_next_page];
+ if ($include_count) {
+ $context['total_count'] = $total;
+ }
+
+ $links = $this->linkManager
+ ->getPagerLinks($request->reveal(), $context);
+ ksort($pages);
+ ksort($links);
+ $this->assertSame($pages, $links);
+ }
+
+ /**
+ * Data provider for testGetPagerLinks.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function getPagerLinksProvider() {
+ return [
+ [1, 4, TRUE, 8, TRUE, [
+ 'first' => ['offset' => 0, 'limit' => 4],
+ 'prev' => ['offset' => 0, 'limit' => 4],
+ 'next' => ['offset' => 5, 'limit' => 4],
+ 'last' => ['offset' => 4, 'limit' => 4],
+ ],
+ ],
+ [6, 4, FALSE, 4, TRUE, [
+ 'first' => ['offset' => 0, 'limit' => 4],
+ 'prev' => ['offset' => 2, 'limit' => 4],
+ 'next' => NULL,
+ ],
+ ],
+ [7, 4, FALSE, 5, FALSE, [
+ 'first' => ['offset' => 0, 'limit' => 4],
+ 'prev' => ['offset' => 3, 'limit' => 4],
+ 'next' => NULL,
+ ],
+ ],
+ [10, 4, FALSE, 20, FALSE, [
+ 'first' => ['offset' => 0, 'limit' => 4],
+ 'prev' => ['offset' => 6, 'limit' => 4],
+ 'next' => NULL,
+ ],
+ ],
+ [5, 4, TRUE, 30, FALSE, [
+ 'first' => ['offset' => 0, 'limit' => 4],
+ 'prev' => ['offset' => 1, 'limit' => 4],
+ 'next' => ['offset' => 9, 'limit' => 4],
+ ],
+ ],
+ [0, 4, TRUE, 100, TRUE, [
+ 'first' => NULL,
+ 'prev' => NULL,
+ 'next' => ['offset' => 4, 'limit' => 4],
+ 'last' => ['offset' => 96, 'limit' => 4],
+ ],
+ ],
+ [0, 1, FALSE, 1, FALSE, [
+ 'first' => NULL,
+ 'prev' => NULL,
+ 'next' => NULL,
+ ],
+ ],
+ [0, 1, FALSE, 2, FALSE, [
+ 'first' => NULL,
+ 'prev' => NULL,
+ 'next' => NULL,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * Test errors.
+ *
+ * @covers ::getPagerLinks
+ * @dataProvider getPagerLinksErrorProvider
+ */
+ public function testGetPagerLinksError($offset, $size, $has_next_page, $total, $include_count, array $pages) {
+ $this->setExpectedException(BadRequestHttpException::class);
+ $this->testGetPagerLinks($offset, $size, $has_next_page, $total, $include_count, $pages);
+ }
+
+ /**
+ * Data provider for testGetPagerLinksError.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function getPagerLinksErrorProvider() {
+ return [
+ [0, -5, FALSE, 10, TRUE, [
+ 'first' => NULL,
+ 'prev' => NULL,
+ 'last' => NULL,
+ 'next' => NULL,
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::getRequestLink
+ */
+ public function testGetRequestLink() {
+ $assembler = $this->prophesize(UnroutedUrlAssemblerInterface::class);
+ $assembler->assemble(Argument::type('string'), ['external' => TRUE, 'query' => ['dolor' => 'sid']], FALSE)
+ ->will(function ($args) {
+ return $args[0] . '?dolor=sid';
+ })
+ ->shouldBeCalled();
+
+ $container = new ContainerBuilder();
+ $container->set('unrouted_url_assembler', $assembler->reveal());
+ \Drupal::setContainer($container);
+
+ $request = $this->prophesize(Request::class);
+ $request->getUri()->willReturn('https://example.com/drupal/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72?amet=pax');
+ $request->getBaseUrl()->willReturn('/drupal');
+ $request->getPathInfo()->willReturn('');
+ $request->getSchemeAndHttpHost()->willReturn('https://example.com');
+ $request->getBaseUrl()->willReturn('/drupal');
+ $request->getPathInfo()->willReturn('/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72');
+
+ $this->assertSame('https://example.com/drupal/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72?dolor=sid', $this->linkManager->getRequestLink($request->reveal(), ['dolor' => 'sid']));
+
+ // Get the default query from the request object.
+ $this->assertSame('https://example.com/drupal/jsonapi/node/article/07c870e9-491b-4173-8e2b-4e059400af72?amet=pax', $this->linkManager->getRequestLink($request->reveal()));
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/ConfigEntityNormalizerTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/ConfigEntityNormalizerTest.php
new file mode 100644
index 0000000..3d1aab1
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/ConfigEntityNormalizerTest.php
@@ -0,0 +1,88 @@
+prophesize(LinkManager::class);
+
+ $resource_type_repository = $this->prophesize(ResourceTypeRepository::class);
+ $resource_type_repository->get(Argument::type('string'), Argument::type('string'))
+ ->willReturn(new ResourceType('dolor', 'sid', NULL));
+
+ $this->normalizer = new ConfigEntityNormalizer(
+ $link_manager->reveal(),
+ $resource_type_repository->reveal(),
+ $this->prophesize(EntityTypeManagerInterface::class)->reveal()
+ );
+ }
+
+ /**
+ * @covers ::normalize
+ * @dataProvider normalizeProvider
+ */
+ public function testNormalize($input, $expected) {
+ $entity = $this->prophesize(ConfigEntityInterface::class);
+ $entity->toArray()->willReturn(['amet' => $input]);
+ $entity->getCacheContexts()->willReturn([]);
+ $entity->getCacheTags()->willReturn([]);
+ $entity->getCacheMaxAge()->willReturn(-1);
+ $entity->getEntityTypeId()->willReturn('');
+ $entity->bundle()->willReturn('');
+ $normalized = $this->normalizer->normalize($entity->reveal(), 'api_json', []);
+ $first = $normalized->getValues();
+ $first = reset($first);
+ $this->assertSame($expected, $first->rasterizeValue());
+ }
+
+ /**
+ * Data provider for the normalize test.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function normalizeProvider() {
+ return [
+ ['lorem', 'lorem'],
+ [
+ ['ipsum' => 'dolor', 'ra' => 'foo'],
+ ['ipsum' => 'dolor', 'ra' => 'foo'],
+ ],
+ [
+ ['ipsum' => 'dolor'],
+ ['ipsum' => 'dolor'],
+ ],
+ [
+ ['lorem' => ['ipsum' => ['dolor' => 'sid', 'amet' => 'ra']]],
+ ['lorem' => ['ipsum' => ['dolor' => 'sid', 'amet' => 'ra']]],
+ ],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/EntityReferenceFieldNormalizerTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/EntityReferenceFieldNormalizerTest.php
new file mode 100644
index 0000000..0319cdd
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/EntityReferenceFieldNormalizerTest.php
@@ -0,0 +1,190 @@
+prophesize(LinkManager::class);
+ $field_manager = $this->prophesize(EntityFieldManagerInterface::class);
+ $field_definition = $this->prophesize(FieldConfig::class);
+ $item_definition = $this->prophesize(FieldItemDataDefinition::class);
+ $item_definition->getMainPropertyName()->willReturn('bunny');
+ $item_definition->getSetting('target_type')->willReturn('fake_entity_type');
+ $item_definition->getSetting('handler_settings')->willReturn([
+ 'target_bundles' => ['dummy_bundle'],
+ ]);
+ $field_definition->getItemDefinition()
+ ->willReturn($item_definition->reveal());
+ $storage_definition = $this->prophesize(FieldStorageDefinitionInterface::class);
+ $storage_definition->isMultiple()->willReturn(TRUE);
+ $field_definition->getFieldStorageDefinition()->willReturn($storage_definition->reveal());
+
+ $field_definition2 = $this->prophesize(FieldConfig::class);
+ $field_definition2->getItemDefinition()
+ ->willReturn($item_definition->reveal());
+ $storage_definition2 = $this->prophesize(FieldStorageDefinitionInterface::class);
+ $storage_definition2->isMultiple()->willReturn(FALSE);
+ $field_definition2->getFieldStorageDefinition()->willReturn($storage_definition2->reveal());
+
+ $field_manager->getFieldDefinitions('fake_entity_type', 'dummy_bundle')
+ ->willReturn([
+ 'field_dummy' => $field_definition->reveal(),
+ 'field_dummy_single' => $field_definition2->reveal(),
+ ]);
+ $plugin_manager = $this->prophesize(FieldTypePluginManagerInterface::class);
+ $plugin_manager->createFieldItemList(
+ Argument::type(FieldableEntityInterface::class),
+ Argument::type('string'),
+ Argument::type('array')
+ )->willReturnArgument(2);
+ $resource_type_repository = $this->prophesize(ResourceTypeRepository::class);
+ $resource_type_repository->get('fake_entity_type', 'dummy_bundle')
+ ->willReturn(new ResourceType('lorem', 'dummy_bundle', NULL));
+
+ $entity = $this->prophesize(EntityInterface::class);
+ $entity->uuid()->willReturn('4e6cb61d-4f04-437f-99fe-42c002393658');
+ $entity->id()->willReturn(42);
+ $entity_repository = $this->prophesize(EntityRepositoryInterface::class);
+ $entity_repository->loadEntityByUuid('lorem', '4e6cb61d-4f04-437f-99fe-42c002393658')
+ ->willReturn($entity->reveal());
+
+ $this->normalizer = new EntityReferenceFieldNormalizer(
+ $link_manager->reveal(),
+ $field_manager->reveal(),
+ $plugin_manager->reveal(),
+ $resource_type_repository->reveal(),
+ $entity_repository->reveal()
+ );
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($input, $field_name, $expected) {
+ $entity = $this->prophesize(FieldableEntityInterface::class);
+ $context = [
+ 'resource_type' => new ResourceType('fake_entity_type', 'dummy_bundle', NULL),
+ 'related' => $field_name,
+ 'target_entity' => $entity->reveal(),
+ ];
+ $denormalized = $this->normalizer->denormalize($input, NULL, 'api_json', $context);
+ $this->assertSame($expected, $denormalized);
+ }
+
+ /**
+ * Data provider for the denormalize test.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function denormalizeProvider() {
+ return [
+ [
+ ['data' => [['type' => 'lorem--dummy_bundle', 'id' => '4e6cb61d-4f04-437f-99fe-42c002393658']]],
+ 'field_dummy',
+ [['bunny' => 42]],
+ ],
+ [
+ ['data' => []],
+ 'field_dummy',
+ [],
+ ],
+ [
+ ['data' => NULL],
+ 'field_dummy_single',
+ [],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeInvalidResourceProvider
+ */
+ public function testDenormalizeInvalidResource($data, $field_name) {
+ $context = [
+ 'resource_type' => new ResourceType('fake_entity_type', 'dummy_bundle', NULL),
+ 'related' => $field_name,
+ 'target_entity' => $this->prophesize(FieldableEntityInterface::class)->reveal(),
+ ];
+ $this->setExpectedException(BadRequestHttpException::class);
+ $this->normalizer->denormalize($data, NULL, 'api_json', $context);
+ }
+
+ /**
+ * Data provider for the denormalize test.
+ *
+ * @return array
+ * The input data for the test method.
+ */
+ public function denormalizeInvalidResourceProvider() {
+ return [
+ [
+ [
+ 'data' => [
+ [
+ 'type' => 'invalid',
+ 'id' => '4e6cb61d-4f04-437f-99fe-42c002393658',
+ ],
+ ],
+ ],
+ 'field_dummy',
+ ],
+ [
+ [
+ 'data' => [
+ 'type' => 'lorem',
+ 'id' => '4e6cb61d-4f04-437f-99fe-42c002393658',
+ ],
+ ],
+ 'field_dummy',
+ ],
+ [
+ [
+ 'data' => [
+ [
+ 'type' => 'lorem',
+ 'id' => '4e6cb61d-4f04-437f-99fe-42c002393658',
+ ],
+ ],
+ ],
+ 'field_dummy_single',
+ ],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/HttpExceptionNormalizerTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/HttpExceptionNormalizerTest.php
new file mode 100644
index 0000000..c3ea66d
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/HttpExceptionNormalizerTest.php
@@ -0,0 +1,47 @@
+prophesize(AccountInterface::class);
+ $current_user->hasPermission('access site reports')->willReturn(TRUE);
+ $normalizer = new HttpExceptionNormalizer($current_user->reveal());
+ $normalized = $normalizer->normalize($exception, 'api_json');
+ $normalized = $normalized->rasterizeValue();
+ $error = $normalized[0];
+ $this->assertNotEmpty($error['meta']);
+ $this->assertNotEmpty($error['source']);
+ $this->assertEquals(13, $error['code']);
+ $this->assertEquals(403, $error['status']);
+ $this->assertEquals('Forbidden', $error['title']);
+ $this->assertEquals('lorem', $error['detail']);
+ $this->assertNull($error['meta']['trace'][1]['args'][0]);
+
+ $current_user = $this->prophesize(AccountInterface::class);
+ $current_user->hasPermission('access site reports')->willReturn(FALSE);
+ $normalizer = new HttpExceptionNormalizer($current_user->reveal());
+ $normalized = $normalizer->normalize($exception, 'api_json');
+ $normalized = $normalized->rasterizeValue();
+ $error = $normalized[0];
+ $this->assertTrue(empty($error['meta']));
+ $this->assertTrue(empty($error['source']));
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php
new file mode 100644
index 0000000..1c32d87
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/JsonApiDocumentTopLevelNormalizerTest.php
@@ -0,0 +1,267 @@
+prophesize(LinkManager::class);
+ $current_context_manager = $this->prophesize(CurrentContext::class);
+ $resource_type_repository = $this->prophesize(ResourceTypeRepository::class);
+ $field_resolver = $this->prophesize(FieldResolver::class);
+
+ $resource_type_repository
+ ->getByTypeName(Argument::any())
+ ->willReturn(new ResourceType('node', 'article', NULL));
+
+ $entity_storage = $this->prophesize(EntityStorageInterface::class);
+ $self = $this;
+ $uuid_to_id = [
+ '76dd5c18-ea1b-4150-9e75-b21958a2b836' => 1,
+ 'fcce1b61-258e-4054-ae36-244d25a9e04c' => 2,
+ ];
+ $entity_storage->loadByProperties(Argument::type('array'))
+ ->will(function ($args) use ($self, $uuid_to_id) {
+ $result = [];
+ foreach ($args[0]['uuid'] as $uuid) {
+ $entity = $self->prophesize(EntityInterface::class);
+ $entity->uuid()->willReturn($uuid);
+ $entity->id()->willReturn($uuid_to_id[$uuid]);
+ $result[$uuid] = $entity->reveal();
+ }
+ return $result;
+ });
+ $entity_type_manager = $this->prophesize(EntityTypeManagerInterface::class);
+ $entity_type_manager->getStorage('node')->willReturn($entity_storage->reveal());
+ $entity_type = $this->prophesize(EntityTypeInterface::class);
+ $entity_type->getKey('uuid')->willReturn('uuid');
+ $entity_type_manager->getDefinition('node')->willReturn($entity_type->reveal());
+
+ $current_route = $this->prophesize(Route::class);
+ $current_route->getDefault('_on_relationship')->willReturn(FALSE);
+
+ $current_context_manager->isOnRelationship()->willReturn(FALSE);
+
+ $this->normalizer = new JsonApiDocumentTopLevelNormalizer(
+ $link_manager->reveal(),
+ $current_context_manager->reveal(),
+ $entity_type_manager->reveal(),
+ $resource_type_repository->reveal(),
+ $field_resolver->reveal()
+ );
+
+ $serializer = $this->prophesize(DenormalizerInterface::class);
+ $serializer->willImplement(SerializerInterface::class);
+ $serializer->denormalize(
+ Argument::type('array'),
+ Argument::type('string'),
+ Argument::type('string'),
+ Argument::type('array')
+ )->willReturnArgument(0);
+
+ $this->normalizer->setSerializer($serializer->reveal());
+ }
+
+ /**
+ * @covers ::denormalize
+ * @dataProvider denormalizeProvider
+ */
+ public function testDenormalize($input, $expected) {
+ $context = [
+ 'resource_type' => new ResourceType($this->randomMachineName(), $this->randomMachineName(), FieldableEntityInterface::class),
+ ];
+ $denormalized = $this->normalizer->denormalize($input, NULL, 'api_json', $context);
+ $this->assertSame($expected, $denormalized);
+ }
+
+ /**
+ * Data provider for the denormalize test.
+ *
+ * @return array
+ * The data for the test method.
+ */
+ public function denormalizeProvider() {
+ return [
+ [
+ [
+ 'data' => [
+ 'type' => 'lorem',
+ 'id' => 'e1a613f6-f2b9-4e17-9d33-727eb6509d8b',
+ 'attributes' => ['title' => 'dummy_title'],
+ ],
+ ],
+ [
+ 'title' => 'dummy_title',
+ 'uuid' => 'e1a613f6-f2b9-4e17-9d33-727eb6509d8b',
+ ],
+ ],
+ [
+ [
+ 'data' => [
+ 'type' => 'lorem',
+ 'id' => '0676d1bf-55b3-4bbc-9fbc-3df10f4599d5',
+ 'relationships' => ['field_dummy' => ['data' => ['type' => 'node', 'id' => '76dd5c18-ea1b-4150-9e75-b21958a2b836']]],
+ ],
+ ],
+ [
+ 'uuid' => '0676d1bf-55b3-4bbc-9fbc-3df10f4599d5',
+ 'field_dummy' => [
+ [
+ 'target_id' => 1,
+ ],
+ ],
+ ],
+ ],
+ [
+ [
+ 'data' => [
+ 'type' => 'lorem',
+ 'id' => '535ba297-8d79-4fc1-b0d6-dc2f047765a1',
+ 'relationships' => [
+ 'field_dummy' => [
+ 'data' => [
+ [
+ 'type' => 'node',
+ 'id' => '76dd5c18-ea1b-4150-9e75-b21958a2b836',
+ ],
+ [
+ 'type' => 'node',
+ 'id' => 'fcce1b61-258e-4054-ae36-244d25a9e04c',
+ ],
+ ],
+ ],
+ ],
+ ],
+ ],
+ [
+ 'uuid' => '535ba297-8d79-4fc1-b0d6-dc2f047765a1',
+ 'field_dummy' => [
+ ['target_id' => 1],
+ ['target_id' => 2],
+ ],
+ ],
+ ],
+ [
+ [
+ 'data' => [
+ 'type' => 'lorem',
+ 'id' => '535ba297-8d79-4fc1-b0d6-dc2f047765a1',
+ 'relationships' => [
+ 'field_dummy' => [
+ 'data' => [
+ [
+ 'type' => 'node',
+ 'id' => '76dd5c18-ea1b-4150-9e75-b21958a2b836',
+ 'meta' => ['foo' => 'bar'],
+ ],
+ [
+ 'type' => 'node',
+ 'id' => 'fcce1b61-258e-4054-ae36-244d25a9e04c',
+ ],
+ ],
+ ],
+ ],
+ ],
+ ],
+ [
+ 'uuid' => '535ba297-8d79-4fc1-b0d6-dc2f047765a1',
+ 'field_dummy' => [
+ [
+ 'target_id' => 1,
+ 'foo' => 'bar',
+ ],
+ ['target_id' => 2],
+ ],
+ ],
+ ],
+ ];
+ }
+
+ /**
+ * Ensures only valid UUIDs can be specified.
+ *
+ * @param string $id
+ * The input UUID. May be invalid.
+ * @param bool $expect_exception
+ * Whether to expect an exception.
+ *
+ * @covers ::denormalize
+ * @dataProvider denormalizeUuidProvider
+ */
+ public function testDenormalizeUuid($id, $expect_exception) {
+ $data['data'] = (isset($id)) ?
+ ['type' => 'node--article', 'id' => $id] :
+ ['type' => 'node--article'];
+
+ if ($expect_exception) {
+ $this->setExpectedException(
+ EntityAccessDeniedHttpException::class,
+ 'IDs should be properly generated and formatted UUIDs as described in RFC 4122.'
+ );
+ }
+
+ $denormalized = $this->normalizer->denormalize($data, NULL, 'api_json', [
+ 'resource_type' => new ResourceType(
+ $this->randomMachineName(),
+ $this->randomMachineName(),
+ FieldableEntityInterface::class
+ ),
+ ]);
+
+ if (isset($id)) {
+ $this->assertSame($id, $denormalized['uuid']);
+ }
+ else {
+ $this->assertArrayNotHasKey('uuid', $denormalized);
+ }
+ }
+
+ /**
+ * Provides test cases for testDenormalizeUuid.
+ */
+ public function denormalizeUuidProvider() {
+ return [
+ 'valid' => ['76dd5c18-ea1b-4150-9e75-b21958a2b836', FALSE],
+ 'missing' => [NULL, FALSE],
+ 'invalid_empty' => ['', TRUE],
+ 'invalid_alpha' => ['invalid', TRUE],
+ 'invalid_numeric' => [1234, TRUE],
+ 'invalid_alphanumeric' => ['abc123', TRUE],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/EntityNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/EntityNormalizerValueTest.php
new file mode 100644
index 0000000..e184f02
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/EntityNormalizerValueTest.php
@@ -0,0 +1,197 @@
+cacheContextsManager = $this->getMockBuilder('Drupal\Core\Cache\Context\CacheContextsManager')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $this->cacheContextsManager->method('assertValidTokens')->willReturn(TRUE);
+
+ $container = new ContainerBuilder();
+ $container->set('cache_contexts_manager', $this->cacheContextsManager);
+ \Drupal::setContainer($container);
+
+ $field1 = $this->prophesize(FieldNormalizerValueInterface::class);
+ $field1->getIncludes()->willReturn([]);
+ $field1->getPropertyType()->willReturn('attributes');
+ $field1->rasterizeValue()->willReturn('dummy_title');
+ $field1->getCacheContexts()->willReturn(['ccbar']);
+ $field1->getCacheTags()->willReturn(['ctbar']);
+ $field1->getCacheMaxAge()->willReturn(20);
+ $field2 = $this->prophesize(RelationshipNormalizerValue::class);
+ $field2->getPropertyType()->willReturn('relationships');
+ $field2->rasterizeValue()->willReturn(['data' => ['type' => 'node', 'id' => 2]]);
+ $field2->getCacheContexts()->willReturn(['ccbaz']);
+ $field2->getCacheTags()->willReturn(['ctbaz']);
+ $field2->getCacheMaxAge()->willReturn(25);
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[0]->getIncludes()->willReturn([]);
+ $included[0]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '199c681d-a9dc-4b6f-a4dc-e3811f24141b',
+ 'attributes' => ['body' => 'dummy_body1'],
+ ],
+ ]);
+ $included[0]->getCacheContexts()->willReturn(['lorem', 'ipsum']);
+ // Type & id duplicated on purpose.
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[1]->getIncludes()->willReturn([]);
+ $included[1]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '199c681d-a9dc-4b6f-a4dc-e3811f24141b',
+ 'attributes' => ['body' => 'dummy_body2'],
+ ],
+ ]);
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[2]->getIncludes()->willReturn([]);
+ $included[2]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '83771375-a4ba-4d7d-a4d5-6153095bb5c5',
+ 'attributes' => ['body' => 'dummy_body3'],
+ ],
+ ]);
+ $field2->getIncludes()->willReturn(array_map(function ($included_item) {
+ return $included_item->reveal();
+ }, $included));
+ $context = [
+ 'resource_type' => new ResourceType('node', 'article',
+ NodeInterface::class),
+ ];
+ $entity = $this->prophesize(EntityInterface::class);
+ $entity->uuid()->willReturn('248150b2-79a2-4b44-9f49-bf405a51414a');
+ $entity->isNew()->willReturn(FALSE);
+ $entity->getEntityTypeId()->willReturn('node');
+ $entity->bundle()->willReturn('article');
+ $entity->getCacheContexts()->willReturn(['ccfoo']);
+ $entity->getCacheTags()->willReturn(['ctfoo']);
+ $entity->getCacheMaxAge()->willReturn(15);
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+
+ // Stub the addCacheableDependency on the SUT. We'll test the cacheable
+ // metadata bubbling using Kernel tests.
+ $this->object = $this->getMockBuilder(EntityNormalizerValue::class)
+ ->setMethods(['addCacheableDependency'])
+ ->setConstructorArgs([
+ ['title' => $field1->reveal(), 'field_related' => $field2->reveal()],
+ $context,
+ $entity->reveal(),
+ ['link_manager' => $link_manager->reveal()],
+ ])
+ ->getMock();
+ $this->object->method('addCacheableDependency');
+ }
+
+ /**
+ * @covers ::__construct
+ */
+ public function testCacheability() {
+ $this->assertSame(['ccbar', 'ccbaz', 'ccfoo'], $this->object->getCacheContexts());
+ $this->assertSame(['ctbar', 'ctbaz', 'ctfoo'], $this->object->getCacheTags());
+ $this->assertSame(15, $this->object->getCacheMaxAge());
+ }
+
+ /**
+ * @covers ::rasterizeValue
+ */
+ public function testRasterizeValue() {
+ $this->assertEquals([
+ 'type' => 'node--article',
+ 'id' => '248150b2-79a2-4b44-9f49-bf405a51414a',
+ 'attributes' => ['title' => 'dummy_title'],
+ 'relationships' => [
+ 'field_related' => ['data' => ['type' => 'node', 'id' => 2]],
+ ],
+ 'links' => [
+ 'self' => 'dummy_entity_link',
+ ],
+ ], $this->object->rasterizeValue());
+ }
+
+ /**
+ * @covers ::rasterizeIncludes
+ */
+ public function testRasterizeIncludes() {
+ $expected = [
+ [
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '199c681d-a9dc-4b6f-a4dc-e3811f24141b',
+ 'attributes' => ['body' => 'dummy_body1'],
+ ],
+ ],
+ [
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '199c681d-a9dc-4b6f-a4dc-e3811f24141b',
+ 'attributes' => ['body' => 'dummy_body2'],
+ ],
+ ],
+ [
+ 'data' => [
+ 'type' => 'node',
+ 'id' => '83771375-a4ba-4d7d-a4d5-6153095bb5c5',
+ 'attributes' => ['body' => 'dummy_body3'],
+ ],
+ ],
+ ];
+ $this->assertEquals($expected, $this->object->rasterizeIncludes());
+ }
+
+ /**
+ * @covers ::getIncludes
+ */
+ public function testGetIncludes() {
+ $includes = $this->object->getIncludes();
+ $includes = array_filter($includes, function ($included) {
+ return $included instanceof JsonApiDocumentTopLevelNormalizerValue;
+ });
+ $this->assertCount(3, $includes);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldItemNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldItemNormalizerValueTest.php
new file mode 100644
index 0000000..17dcbfd
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldItemNormalizerValueTest.php
@@ -0,0 +1,49 @@
+assertEquals($expected, $object->rasterizeValue());
+ }
+
+ /**
+ * Provider for testRasterizeValue.
+ */
+ public function rasterizeValueProvider() {
+ return [
+ [['value' => 1], 1],
+ [['value' => 1, 'safe_value' => 1], ['value' => 1, 'safe_value' => 1]],
+ [[], []],
+ [[NULL], NULL],
+ [
+ [
+ 'lorem' => [
+ 'ipsum' => [
+ 'dolor' => 'sid',
+ 'amet' => 'ra',
+ ],
+ ],
+ ],
+ ['ipsum' => ['dolor' => 'sid', 'amet' => 'ra']],
+ ],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldNormalizerValueTest.php
new file mode 100644
index 0000000..e5dac5f
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/FieldNormalizerValueTest.php
@@ -0,0 +1,94 @@
+cacheContextsManager = $this->getMockBuilder('Drupal\Core\Cache\Context\CacheContextsManager')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $this->cacheContextsManager->method('assertValidTokens')->willReturn(TRUE);
+
+ $container = new ContainerBuilder();
+ $container->set('cache_contexts_manager', $this->cacheContextsManager);
+ \Drupal::setContainer($container);
+ }
+
+ /**
+ * @covers ::rasterizeValue
+ * @covers ::__construct
+ * @dataProvider rasterizeValueProvider
+ */
+ public function testRasterizeValue($values, $cardinality, $expected) {
+ $object = new FieldNormalizerValue(AccessResult::allowed()->cachePerUser()->addCacheTags(['field:foo']), $values, $cardinality, 'attributes');
+ $this->assertEquals($expected, $object->rasterizeValue());
+ $this->assertSame(['ccfoo', 'user'], $object->getCacheContexts());
+ $this->assertSame(['ctfoo', 'field:foo'], $object->getCacheTags());
+ $this->assertSame(15, $object->getCacheMaxAge());
+ }
+
+ /**
+ * Data provider for testRasterizeValue.
+ */
+ public function rasterizeValueProvider() {
+ $uuid_raw = '4ae99eec-8b0e-41f7-9400-fbd65c174902';
+ $uuid_value = $this->prophesize(FieldItemNormalizerValue::class);
+ $uuid_value->rasterizeValue()->willReturn('4ae99eec-8b0e-41f7-9400-fbd65c174902');
+ $uuid_value->getCacheContexts()->willReturn(['ccfoo']);
+ $uuid_value->getCacheTags()->willReturn(['ctfoo']);
+ $uuid_value->getCacheMaxAge()->willReturn(15);
+ return [
+ [[$uuid_value->reveal()], 1, $uuid_raw],
+ [
+ [
+ $uuid_value->reveal(),
+ $uuid_value->reveal(),
+ ],
+ -1,
+ [$uuid_raw, $uuid_raw],
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::rasterizeIncludes
+ */
+ public function testRasterizeIncludes() {
+ $value = $this->prophesize(RelationshipItemNormalizerValue::class);
+ $include = $this->prophesize('\Drupal\jsonapi\Normalizer\Value\EntityNormalizerValue');
+ $include->rasterizeValue()->willReturn('Lorem');
+ $value->getCacheContexts()->willReturn(['ccfoo']);
+ $value->getCacheTags()->willReturn(['ctfoo']);
+ $value->getCacheMaxAge()->willReturn(15);
+ $value->getInclude()->willReturn($include->reveal());
+ $object = new FieldNormalizerValue(AccessResult::allowed(), [$value->reveal()], 1, 'attributes');
+ $this->assertEquals(['Lorem'], $object->rasterizeIncludes());
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/JsonApiDocumentTopLevelNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/JsonApiDocumentTopLevelNormalizerValueTest.php
new file mode 100644
index 0000000..0d184aa
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/JsonApiDocumentTopLevelNormalizerValueTest.php
@@ -0,0 +1,125 @@
+getMockBuilder('Drupal\Core\Cache\Context\CacheContextsManager')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $cache_contexts_manager->method('assertValidTokens')->willReturn(TRUE);
+ $container = new Container();
+ $container->set('cache_contexts_manager', $cache_contexts_manager);
+ \Drupal::setContainer($container);
+
+ $field1 = $this->prophesize(FieldNormalizerValueInterface::class);
+ $field1->getIncludes()->willReturn([]);
+ $field1->getPropertyType()->willReturn('attributes');
+ $field1->rasterizeValue()->willReturn('dummy_title');
+ $field2 = $this->prophesize(RelationshipNormalizerValue::class);
+ $field2->getPropertyType()->willReturn('relationships');
+ $field2->rasterizeValue()->willReturn(['data' => ['type' => 'node', 'id' => 2]]);
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[0]->getIncludes()->willReturn([]);
+ $included[0]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => 3,
+ 'attributes' => ['body' => 'dummy_body1'],
+ ],
+ ]);
+ $included[0]->getCacheContexts()->willReturn(['lorem:ipsum']);
+ // Type & id duplicated in purpose.
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[1]->getIncludes()->willReturn([]);
+ $included[1]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => 3,
+ 'attributes' => ['body' => 'dummy_body2'],
+ ],
+ ]);
+ $included[] = $this->prophesize(JsonApiDocumentTopLevelNormalizerValue::class);
+ $included[2]->getIncludes()->willReturn([]);
+ $included[2]->rasterizeValue()->willReturn([
+ 'data' => [
+ 'type' => 'node',
+ 'id' => 4,
+ 'attributes' => ['body' => 'dummy_body3'],
+ ],
+ ]);
+ $field2->getIncludes()->willReturn(array_map(function ($included_item) {
+ return $included_item->reveal();
+ }, $included));
+ $context = [
+ 'resource_type' => new ResourceType('node', 'article', NodeInterface::class),
+ ];
+ $entity = $this->prophesize(EntityInterface::class);
+ $entity->id()->willReturn(1);
+ $entity->isNew()->willReturn(FALSE);
+ $entity->getEntityTypeId()->willReturn('node');
+ $entity->bundle()->willReturn('article');
+ $entity->hasLinkTemplate(Argument::type('string'))->willReturn(TRUE);
+ $url = $this->prophesize(Url::class);
+ $url->toString()->willReturn('dummy_entity_link');
+ $url->setRouteParameter(Argument::any(), Argument::any())->willReturn($url->reveal());
+ $entity->toUrl(Argument::type('string'), Argument::type('array'))->willReturn($url->reveal());
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+ $this->object = $this->getMockBuilder(JsonApiDocumentTopLevelNormalizerValue::class)
+ ->setMethods(['addCacheableDependency'])
+ ->setConstructorArgs([
+ ['title' => $field1->reveal(), 'field_related' => $field2->reveal()],
+ $context,
+ ['link_manager' => $link_manager->reveal()],
+ $entity->reveal(),
+ ])
+ ->getMock();
+ $this->object->method('addCacheableDependency');
+ }
+
+ /**
+ * @covers ::getIncludes
+ */
+ public function testGetIncludes() {
+ $includes = $this->object->getIncludes();
+ $includes = array_filter($includes, function ($included) {
+ return $included instanceof JsonApiDocumentTopLevelNormalizerValue;
+ });
+ $this->assertCount(2, $includes);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipItemNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipItemNormalizerValueTest.php
new file mode 100644
index 0000000..8f400c1
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipItemNormalizerValueTest.php
@@ -0,0 +1,50 @@
+assertEquals($expected, $object->rasterizeValue());
+ }
+
+ /**
+ * Data provider for testRasterizeValue.
+ */
+ public function rasterizeValueProvider() {
+ return [
+ [
+ ['target_id' => 1],
+ 'node',
+ 'article',
+ ['type' => 'node--article', 'id' => 1],
+ ],
+ [
+ ['value' => 1],
+ 'node',
+ 'page',
+ ['type' => 'node--page', 'id' => 1],
+ ],
+ [[1], 'node', 'foo', ['type' => 'node--foo', 'id' => 1]],
+ [[], 'node', 'bar', []],
+ [[NULL], 'node', 'baz', NULL],
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipNormalizerValueTest.php b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipNormalizerValueTest.php
new file mode 100644
index 0000000..27e4675
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Normalizer/Value/RelationshipNormalizerValueTest.php
@@ -0,0 +1,138 @@
+cacheContextsManager = $this->getMockBuilder('Drupal\Core\Cache\Context\CacheContextsManager')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $this->cacheContextsManager->method('assertValidTokens')->willReturn(TRUE);
+
+ $container = new ContainerBuilder();
+ $container->set('cache_contexts_manager', $this->cacheContextsManager);
+ \Drupal::setContainer($container);
+ }
+
+ /**
+ * @covers ::rasterizeValue
+ * @dataProvider rasterizeValueProvider
+ */
+ public function testRasterizeValue($values, $cardinality, $expected, CacheableMetadata $expected_cacheability) {
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+ $resource_type = new ResourceType($this->randomMachineName(), $this->randomMachineName(), NULL);
+ $resource_type->setRelatableResourceTypes([
+ 'ipsum' => [$resource_type],
+ ]);
+ $object = new RelationshipNormalizerValue(AccessResult::allowed()->cachePerUser()->addCacheTags(['relationship:foo']), $values, $cardinality, [
+ 'link_manager' => $link_manager->reveal(),
+ 'host_entity_id' => 'lorem',
+ 'resource_type' => $resource_type,
+ 'field_name' => 'ipsum',
+ ]);
+ $this->assertEquals($expected, $object->rasterizeValue());
+ $this->assertSame($expected_cacheability->getCacheContexts(), $object->getCacheContexts());
+ $this->assertSame($expected_cacheability->getCacheTags(), $object->getCacheTags());
+ $this->assertSame($expected_cacheability->getCacheMaxAge(), $object->getCacheMaxAge());
+ }
+
+ /**
+ * Data provider fortestRasterizeValue.
+ */
+ public function rasterizeValueProvider() {
+ $uid_raw = 1;
+ $uid1 = $this->prophesize(RelationshipItemNormalizerValue::class);
+ $uid1->rasterizeValue()->willReturn(['type' => 'user', 'id' => $uid_raw++]);
+ $uid1->getInclude()->willReturn(NULL);
+ $uid1->getCacheContexts()->willReturn(['ccfoo']);
+ $uid1->getCacheTags()->willReturn(['ctfoo']);
+ $uid1->getCacheMaxAge()->willReturn(15);
+ $uid2 = $this->prophesize(RelationshipItemNormalizerValue::class);
+ $uid2->rasterizeValue()->willReturn(['type' => 'user', 'id' => $uid_raw]);
+ $uid2->getInclude()->willReturn(NULL);
+ $uid2->getCacheContexts()->willReturn(['ccbar']);
+ $uid2->getCacheTags()->willReturn(['ctbar']);
+ $uid2->getCacheMaxAge()->willReturn(10);
+ $links = [
+ 'self' => 'dummy_entity_link',
+ 'related' => 'dummy_entity_link',
+ ];
+ return [
+ [[$uid1->reveal()], 1, [
+ 'data' => ['type' => 'user', 'id' => 1],
+ 'links' => $links,
+ ],
+ (new CacheableMetadata())
+ ->setCacheContexts(['ccfoo', 'user'])
+ ->setCacheTags(['ctfoo', 'relationship:foo'])
+ ->setCacheMaxAge(15),
+ ],
+ [
+ [$uid1->reveal(), $uid2->reveal()], 2, [
+ 'data' => [
+ ['type' => 'user', 'id' => 1],
+ ['type' => 'user', 'id' => 2],
+ ],
+ 'links' => $links,
+ ],
+ (new CacheableMetadata())
+ ->setCacheContexts(['ccbar', 'ccfoo', 'user'])
+ ->setCacheTags(['ctbar', 'ctfoo', 'relationship:foo'])
+ ->setCacheMaxAge(10),
+ ],
+ ];
+ }
+
+ /**
+ * @covers ::rasterizeValue
+ */
+ public function testRasterizeValueFails() {
+ $uid1 = $this->prophesize(FieldItemNormalizerValue::class);
+ $uid1->rasterizeValue()->willReturn(1);
+ $link_manager = $this->prophesize(LinkManager::class);
+ $link_manager
+ ->getEntityLink(Argument::any(), Argument::any(), Argument::type('array'), Argument::type('string'))
+ ->willReturn('dummy_entity_link');
+ $this->setExpectedException(\RuntimeException::class, 'Unexpected normalizer item value for this Drupal\jsonapi\Normalizer\Value\RelationshipNormalizerValue.');
+ new RelationshipNormalizerValue(AccessResult::allowed(), [$uid1->reveal()], 1, [
+ 'link_manager' => $link_manager->reveal(),
+ 'host_entity_id' => 'lorem',
+ 'resource_type' => new ResourceType($this->randomMachineName(), $this->randomMachineName(), NULL),
+ 'field_name' => 'ipsum',
+ ]);
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Routing/JsonApiParamEnhancerTest.php b/core/modules/jsonapi/tests/src/Unit/Routing/JsonApiParamEnhancerTest.php
new file mode 100644
index 0000000..c7c4972
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Routing/JsonApiParamEnhancerTest.php
@@ -0,0 +1,144 @@
+getMockNormalizers();
+ $object = new JsonApiParamEnhancer($filter_normalizer, $sort_normalizer, $page_normalizer);
+ $route = $this->prophesize(Route::class);
+ $route->getDefault(RouteObjectInterface::CONTROLLER_NAME)->will(new ReturnPromise([Routes::FRONT_CONTROLLER, 'lorem']));
+
+ $this->assertTrue($object->applies($route->reveal()));
+ $this->assertFalse($object->applies($route->reveal()));
+ }
+
+ /**
+ * @covers ::enhance
+ */
+ public function testEnhanceFilter() {
+ list($filter_normalizer, $sort_normalizer, $page_normalizer) = $this->getMockNormalizers();
+ $object = new JsonApiParamEnhancer($filter_normalizer, $sort_normalizer, $page_normalizer);
+ $request = $this->prophesize(Request::class);
+ $query = $this->prophesize(ParameterBag::class);
+ $query->get('filter')->willReturn(['filed1' => 'lorem']);
+ $query->has(Argument::type('string'))->willReturn(FALSE);
+ $query->has('filter')->willReturn(TRUE);
+ $request->query = $query->reveal();
+
+ $route = $this->prophesize(Route::class);
+ $route->getRequirement('_entity_type')->willReturn('dolor');
+ $route->getRequirement('_bundle')->willReturn('sit');
+ $defaults = $object->enhance([
+ RouteObjectInterface::ROUTE_OBJECT => $route->reveal(),
+ ], $request->reveal());
+ $this->assertInstanceOf(Filter::class, $defaults['_json_api_params']['filter']);
+ $this->assertInstanceOf(OffsetPage::class, $defaults['_json_api_params']['page']);
+ $this->assertTrue(empty($defaults['_json_api_params']['sort']));
+ }
+
+ /**
+ * @covers ::enhance
+ */
+ public function testEnhancePage() {
+ list($filter_normalizer, $sort_normalizer, $page_normalizer) = $this->getMockNormalizers();
+ $object = new JsonApiParamEnhancer($filter_normalizer, $sort_normalizer, $page_normalizer);
+ $request = $this->prophesize(Request::class);
+ $query = $this->prophesize(ParameterBag::class);
+ $query->get('page')->willReturn(['cursor' => 'lorem']);
+ $query->has(Argument::type('string'))->willReturn(FALSE);
+ $query->has('page')->willReturn(TRUE);
+ $request->query = $query->reveal();
+
+ $route = $this->prophesize(Route::class);
+ $route->getRequirement('_entity_type')->willReturn('dolor');
+ $route->getRequirement('_bundle')->willReturn('sit');
+ $defaults = $object->enhance([
+ RouteObjectInterface::ROUTE_OBJECT => $route->reveal(),
+ ], $request->reveal());
+ $this->assertInstanceOf(OffsetPage::class, $defaults['_json_api_params']['page']);
+ $this->assertTrue(empty($defaults['_json_api_params']['filter']));
+ $this->assertTrue(empty($defaults['_json_api_params']['sort']));
+ }
+
+ /**
+ * @covers ::enhance
+ */
+ public function testEnhanceSort() {
+ list($filter_normalizer, $sort_normalizer, $page_normalizer) = $this->getMockNormalizers();
+ $object = new JsonApiParamEnhancer($filter_normalizer, $sort_normalizer, $page_normalizer);
+ $request = $this->prophesize(Request::class);
+ $query = $this->prophesize(ParameterBag::class);
+ $query->get('sort')->willReturn('-lorem');
+ $query->has(Argument::type('string'))->willReturn(FALSE);
+ $query->has('sort')->willReturn(TRUE);
+ $request->query = $query->reveal();
+
+ $route = $this->prophesize(Route::class);
+ $route->getRequirement('_entity_type')->willReturn('dolor');
+ $route->getRequirement('_bundle')->willReturn('sit');
+ $defaults = $object->enhance([
+ RouteObjectInterface::ROUTE_OBJECT => $route->reveal(),
+ ], $request->reveal());
+ $this->assertInstanceOf(Sort::class, $defaults['_json_api_params']['sort']);
+ $this->assertInstanceOf(OffsetPage::class, $defaults['_json_api_params']['page']);
+ $this->assertTrue(empty($defaults['_json_api_params']['filter']));
+ }
+
+ /**
+ * Builds mock normalizers.
+ */
+ public function getMockNormalizers() {
+ $filter_normalizer = $this->prophesize(DenormalizerInterface::class);
+ $filter_normalizer->denormalize(
+ Argument::any(),
+ Filter::class,
+ Argument::any(),
+ Argument::any()
+ )->willReturn($this->prophesize(Filter::class)->reveal());
+
+ $sort_normalizer = $this->prophesize(DenormalizerInterface::class);
+ $sort_normalizer->denormalize(
+ Argument::any(),
+ Sort::class,
+ Argument::any(),
+ Argument::any()
+ )->willReturn($this->prophesize(Sort::class)->reveal());
+
+ $page_normalizer = $this->prophesize(DenormalizerInterface::class);
+ $page_normalizer->denormalize(Argument::any(), OffsetPage::class)->willReturn($this->prophesize(OffsetPage::class)->reveal());
+
+ return [
+ $filter_normalizer->reveal(),
+ $sort_normalizer->reveal(),
+ $page_normalizer->reveal(),
+ ];
+ }
+
+}
diff --git a/core/modules/jsonapi/tests/src/Unit/Routing/RoutesTest.php b/core/modules/jsonapi/tests/src/Unit/Routing/RoutesTest.php
new file mode 100644
index 0000000..67f3c1a
--- /dev/null
+++ b/core/modules/jsonapi/tests/src/Unit/Routing/RoutesTest.php
@@ -0,0 +1,187 @@
+ [$type_1],
+ 'internal' => [$type_2],
+ 'both' => [$type_1, $type_2],
+ ];
+ $type_1->setRelatableResourceTypes($relatable_resource_types);
+ $type_2->setRelatableResourceTypes($relatable_resource_types);
+ // This type ensures that we can create routes for bundle IDs which might be
+ // cast from strings to integers. It should not affect related resource
+ // routing.
+ $type_3 = new ResourceType('entity_type_3', '123', EntityInterface::class, TRUE);
+ $type_3->setRelatableResourceTypes([]);
+ $resource_type_repository = $this->prophesize(ResourceTypeRepository::class);
+ $resource_type_repository->all()->willReturn([$type_1, $type_2, $type_3]);
+ $resource_type_repository->getPathPrefix()->willReturn('jsonapi');
+ $container = $this->prophesize(ContainerInterface::class);
+ $container->get('jsonapi.resource_type.repository')->willReturn($resource_type_repository->reveal());
+ $auth_collector = $this->prophesize(AuthenticationCollectorInterface::class);
+ $auth_collector->getSortedProviders()->willReturn([
+ 'lorem' => [],
+ 'ipsum' => [],
+ ]);
+ $container->get('authentication_collector')->willReturn($auth_collector->reveal());
+
+ $this->routes['ok'] = Routes::create($container->reveal());
+ }
+
+ /**
+ * @covers ::routes
+ */
+ public function testRoutesCollection() {
+ // Get the route collection and start making assertions.
+ $routes = $this->routes['ok']->routes();
+
+ // Make sure that there are 4 routes for the non-internal resource.
+ $this->assertEquals(4, $routes->count());
+
+ $iterator = $routes->getIterator();
+ // Check the collection route.
+ /** @var \Symfony\Component\Routing\Route $route */
+ $route = $iterator->offsetGet('jsonapi.entity_type_1--bundle_1_1.collection');
+ $this->assertSame('/jsonapi/entity_type_1/bundle_1_1', $route->getPath());
+ $this->assertSame('entity_type_1', $route->getRequirement('_entity_type'));
+ $this->assertSame('bundle_1_1', $route->getRequirement('_bundle'));
+ $this->assertSame(['lorem', 'ipsum'], $route->getOption('_auth'));
+ $this->assertEquals(['GET', 'POST'], $route->getMethods());
+ $this->assertSame(Routes::FRONT_CONTROLLER, $route->getDefault(RouteObjectInterface::CONTROLLER_NAME));
+ $this->assertSame('Drupal\jsonapi\Resource\JsonApiDocumentTopLevel', $route->getOption('serialization_class'));
+ }
+
+ /**
+ * @covers ::routes
+ */
+ public function testRoutesIndividual() {
+ // Get the route collection and start making assertions.
+ $iterator = $this->routes['ok']->routes()->getIterator();
+
+ // Check the individual route.
+ /** @var \Symfony\Component\Routing\Route $route */
+ $route = $iterator->offsetGet('jsonapi.entity_type_1--bundle_1_1.individual');
+ $this->assertSame('/jsonapi/entity_type_1/bundle_1_1/{entity_type_1}', $route->getPath());
+ $this->assertSame('entity_type_1', $route->getRequirement('_entity_type'));
+ $this->assertSame('bundle_1_1', $route->getRequirement('_bundle'));
+ $this->assertEquals(['GET', 'PATCH', 'DELETE'], $route->getMethods());
+ $this->assertSame(Routes::FRONT_CONTROLLER, $route->getDefault(RouteObjectInterface::CONTROLLER_NAME));
+ $this->assertSame('Drupal\jsonapi\Resource\JsonApiDocumentTopLevel', $route->getOption('serialization_class'));
+ $this->assertSame(['lorem', 'ipsum'], $route->getOption('_auth'));
+ $this->assertEquals(['entity_type_1' => ['type' => 'entity:entity_type_1']], $route->getOption('parameters'));
+ }
+
+ /**
+ * @covers ::routes
+ */
+ public function testRoutesRelated() {
+ // Get the route collection and start making assertions.
+ $iterator = $this->routes['ok']->routes()->getIterator();
+
+ // Check the related route.
+ /** @var \Symfony\Component\Routing\Route $route */
+ $route = $iterator->offsetGet('jsonapi.entity_type_1--bundle_1_1.related');
+ $this->assertSame('/jsonapi/entity_type_1/bundle_1_1/{entity_type_1}/{related}', $route->getPath());
+ $this->assertSame('entity_type_1', $route->getRequirement('_entity_type'));
+ $this->assertSame('bundle_1_1', $route->getRequirement('_bundle'));
+ $this->assertEquals(['GET'], $route->getMethods());
+ $this->assertSame(Routes::FRONT_CONTROLLER, $route->getDefault(RouteObjectInterface::CONTROLLER_NAME));
+ $this->assertSame(['lorem', 'ipsum'], $route->getOption('_auth'));
+ $this->assertEquals(['entity_type_1' => ['type' => 'entity:entity_type_1']], $route->getOption('parameters'));
+ }
+
+ /**
+ * @covers ::routes
+ */
+ public function testRoutesRelationships() {
+ // Get the route collection and start making assertions.
+ $iterator = $this->routes['ok']->routes()->getIterator();
+
+ // Check the relationships route.
+ /** @var \Symfony\Component\Routing\Route $route */
+ $route = $iterator->offsetGet('jsonapi.entity_type_1--bundle_1_1.relationship');
+ $this->assertSame('/jsonapi/entity_type_1/bundle_1_1/{entity_type_1}/relationships/{related}', $route->getPath());
+ $this->assertSame('entity_type_1', $route->getRequirement('_entity_type'));
+ $this->assertSame('bundle_1_1', $route->getRequirement('_bundle'));
+ $this->assertEquals(['GET', 'POST', 'PATCH', 'DELETE'], $route->getMethods());
+ $this->assertSame(Routes::FRONT_CONTROLLER, $route->getDefault(RouteObjectInterface::CONTROLLER_NAME));
+ $this->assertSame(['lorem', 'ipsum'], $route->getOption('_auth'));
+ $this->assertEquals(['entity_type_1' => ['type' => 'entity:entity_type_1']], $route->getOption('parameters'));
+ $this->assertSame('Drupal\Core\Field\EntityReferenceFieldItemList', $route->getOption('serialization_class'));
+ }
+
+ /**
+ * Ensures that the expected routes are created or not created.
+ *
+ * @dataProvider expectedRoutes
+ */
+ public function testRoutes($route) {
+ $this->assertArrayHasKey($route, $this->routes['ok']->routes()->all());
+ }
+
+ /**
+ * Lists routes which should have been created.
+ */
+ public function expectedRoutes() {
+ return [
+ ['jsonapi.entity_type_1--bundle_1_1.individual'],
+ ['jsonapi.entity_type_1--bundle_1_1.collection'],
+ ['jsonapi.entity_type_1--bundle_1_1.related'],
+ ['jsonapi.entity_type_1--bundle_1_1.relationship'],
+ ];
+ }
+
+ /**
+ * Ensures that no routes are created for internal resources.
+ *
+ * @dataProvider notExpectedRoutes
+ */
+ public function testInternalRoutes($route) {
+ $this->assertArrayNotHasKey($route, $this->routes['ok']->routes()->all());
+ }
+
+ /**
+ * Lists routes which should have been created.
+ */
+ public function notExpectedRoutes() {
+ return [
+ ['jsonapi.entity_type_2--bundle_2_1.individual'],
+ ['jsonapi.entity_type_2--bundle_2_1.collection'],
+ ['jsonapi.entity_type_2--bundle_2_1.related'],
+ ['jsonapi.entity_type_2--bundle_2_1.relationship'],
+ ];
+ }
+
+}