Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
In the patch that marks the Workspaces module as stable, we found that the workspace
entity type is missing some REST and JSON:API test coverage.
Proposed resolution
Add the missing test coverage.
Remaining tasks
Review.
User interface changes
Nope.
API changes
Nope.
Data model changes
Nope.
Release notes snippet
TBD.
Comment | File | Size | Author |
---|
Issue fork drupal-3088870
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #2
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedThis should do it. The combined patch includes #3088643-2: Mark Workspaces as a stable core module.
Comment #5
SpokjeWeirdly (at least to me) it looks like the
$access_result->orIf($any_access_result);
returns aAccessResultNeutral
even when$access_result
isAccessResultNeutral
and$any_access_result
isAccessResultAllowed
.I (and it looks like the code also) was expecting an
AccessResultAllowed
which would prevent the current fails in this test:Drupal\workspaces\WorkspaceAccessException: The user does not have permission to view that workspace.Note to self:
No more posting on d.o before at least 2 coffees.
Comment #6
SpokjeLet's see how this goes.
Only the non-combined patch for starters (seeing my previous "success" above, let's do baby steps...)
Comment #7
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedWhoa, that was very stupid of me :) Thanks, @Spokje!
This should fix the rest of the fails.
Comment #9
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedThat test fail is not related to the REST and JSON:API tests and will be fixed in #3088643: Mark Workspaces as a stable core module, so the non-combined patch is ready for reviews :)
Comment #10
Wim LeersThis … must mean that we're lacking test coverage 😨
👍 We have this pattern already in many other places in this test.
We use
elsewhere in this test.
🙏 Can you copy/paste that same code in these places, for consistency sake?
🤔😅 I … don't understand this. Is "our normalization" the JSON:API normalization or the normalization that the Workspace JSON:API test happens to send in a POST request? It seems like it's the latter? If so, this seems like a hack? Why is it not? (I am sincerely asking, I am having a hard time understanding this — please bear with me.)
🤔 Why are these the same? This is especially strange because
\Drupal\Tests\workspaces\Functional\Rest\WorkspaceResourceTestBase
uses🤔 Why doesn't this grant only the
create workspace
permission in case ofPOST
?🤔 Why does this need to be unset? This is the only entity type that needs this. What makes
workspace
entities so special?Similar question here.
🤓 Wrong
@see
.🤔 Can we add an
@see
here? I can't find any other entity type with such a comment, so it's hard to figure out why string IDs are a problem.🤔 These changes look great! But they also seem out of scope. This makes me suspect that this is being changed to fix a (cacheability) bug in the existing workspace access control handler. If so, that should have explicit test coverage. If you disagree: I'd love to hear why, but the argument needs to especially convince a core committer, not me :)
✅ This seems like a trivial enough bugfix/improvement to be included here.
🤔 But … it also makes me wonder why
administer workspaces
does not haverestrict access: true
set inworkspaces.permissions.yml
?🤓🐛
path_alias
→workspace
Other than that nitpick these Workspace HAL+JSON tests looks great 👍
🤔 These changes seem unnecessary?
Comment #11
Wim LeersThis blocks #3088643: Mark Workspaces as a stable core module.
Comment #12
amateescu CreditAttribution: amateescu for Pfizer, Inc. commented@Wim Leers, awesome review, as always :)
Re #10:
\Drupal\Tests\jsonapi\Functional\WorkspaceTest
:)\Drupal\Tests\jsonapi\Functional\ResourceTestBase::testPostIndividual()
uses the return value of::getPostDocument()
for both requests that create a new entity, without explicitly setting the$firstCreatedEntityId
and$secondCreatedEntityId
variables for the entity ID.As mentioned in the expanded comment for point 3. above, entity types with string IDs need to send the ID for the new entity because they don't get a new ID assigned automatically by the database :)
And this is different than
\Drupal\Tests\workspaces\Functional\Rest\WorkspaceResourceTestBase
because\Drupal\Tests\rest\Functional\EntityResource\EntityResourceTestBase::testPost()
allows you to customize the data for the "second created entity", but the JSON:API counterpart doesn't provide that flexibility:\Drupal\Tests\jsonapi\Functional\ResourceTestBase
, but they're not really needed for this patch so I reverted them.restrict access: true
for the general administer workspaces permission, I think it is important enough to warrant that special flag.Comment #13
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedMeh :)
Comment #14
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedComment #15
Wim LeersRE #10.4: Worked with @amateescu in Drupal Slack. I now finally understand why this was there. It's because the
id
field was aliased todrupal_internal__id
and he didn't know JSON:API would also respect aliases onPOST
requests. (If it didn't, that'd make for one hell of a confusing user experience.)Just making the
POST
request send that allows the code I was concerned about to be deleted.That makes this patch a lot easier to understand :)
Comment #16
Wim LeersThe previous interdiff changed this. But we shouldn't need this at all.
getModifiedEntityForPostTesting()
is smart enough to not generate an entity with the same value for a field that has a uniqueness constraint.But we need to tell the base test class what fields need to be unique. So doing that. This requires knowing the JSON:API test infrastructure, @amateescu could only have figured this out by diving deeper into the existing tests. So did it for him :)
Comment #17
Wim Leers#12:
IDK about "always" but I sure try :D
More detailed patch review based on having dealt with #15 and #16
With #15 and #16,
\Drupal\Tests\jsonapi\Functional\WorkspaceTest
looks much simpler, making it easier to maintain in the future. That was my goal 🙂 👍I spotted two more things thanks to that work, and they don't require knowing this test infrastructure in detail:
It's confusing that the keyword "updated" is used in here, because this is used to create a new workspace. Let's rename that?
because the only reason we have this, is to
->set('id', 'duplicate')
.The proper way to fix this is by adding a
createDuplicate()
override to\Drupal\workspaces\Entity\Workspace
. It should get something like this:That way, it works for all Entity API users, of which the JSON:API module is just one!
Comment #18
amateescu CreditAttribution: amateescu for Pfizer, Inc. commented@Wim Leers, thanks a lot for helping out with this patch! :)
Here's a test-only patch for #10.1 and another one that fixes both points #17.
Comment #20
Wim LeersPerfect: my last remarks were fixed and we have a failing test-only patch without the most tricky change.
Regarding that tricky change: The fact that that hasn't been reported yet means that literally nobody has ever tried to access
workspace
entities using JSON:API 🙃Comment #22
SpokjeFun stuff, can anybody explain the drupal:9.0.0 part of these failures whilst were testing against 8.9.x?
Drupal\Tests\BrowserTestBase::$defaultTheme is required in drupal:9.0.0 when using an install profile that does not set a default theme. See https://www.drupal.org/node/2352949, which includes recommendations on which theme to use.
Comment #23
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedRerolled to take #2352949: Deprecate using Classy as the default theme for the 'testing' profile into account.
Comment #25
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedMissed a spot :)
Comment #27
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedThe fails from #25 are identical to the ones exposed by #3093757: Test is marked skipped but shouldn't be anymore, which seems to point to a flaw in JSON:API's base test class.
I'm going to mark that method as skipped just like other JSON:API tests are doing (
BlockContentTest
,CommentTest
,ItemTest
, etc.), and the issue referenced above can handle it.Comment #28
Spokje@amateescu Nice catch, was pondering what was going on there.
Comment #30
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedRandom fail.
Comment #32
ravi.shankar CreditAttribution: ravi.shankar at OpenSense Labs commentedAs mentioned in comment #30.
Comment #35
jofitz CreditAttribution: jofitz at jofitz commentedPatch in #27 no longer applies - Needs Reroll.
Comment #36
jofitz CreditAttribution: jofitz at jofitz commentedRerolled patch from #27.
Comment #38
amateescu CreditAttribution: amateescu as a volunteer commentedFixed that test fail.
Comment #40
amateescu CreditAttribution: amateescu as a volunteer commentedI think that was a random fail.
Comment #42
amateescu CreditAttribution: amateescu as a volunteer commentedAnother FunctionalJavascript test failure, not related to this patch.
Comment #44
amateescu CreditAttribution: amateescu as a volunteer commentedComment #45
alexpottThis change deserve it's own blocking issue. There's a decent concern we should have about the id() becoming too long - there's a max length of 128. There's also a question about whether we should fix this for all string ID entity types in \Drupal\Core\Entity\ContentEntityBase::createDuplicate()
This seems to be of wider scope than this issue - should it be in its own issue so it can be tested?
I think this should be in its own issue - if this wasn't an experimental module this would be a security issue.
Comment #47
amateescu CreditAttribution: amateescu as a volunteer commented@alexpott, thanks for the review!
I opened #3192363: Ensure that moderation can not be enabled for the 'workspace' entity type, #3192292: Users with the 'administer workspaces' permission can not create a workspace and #3192305: Restrict access to the 'administer workspaces' permission for #45.2 and #45.3, and I'm still thinking about #45.1.
Comment #48
amateescu CreditAttribution: amateescu as a volunteer commentedForgot to attach the interdiff for #47.
Comment #49
amateescu CreditAttribution: amateescu for Tag1 Consulting commentedAbout #45.1, I think my change was wrong and it is the responsibility of the caller to ensure that the entity resulting from
createDuplicate()
is valid.\Drupal\Tests\jsonapi\Functional\ResourceTestBase::getEntityDuplicate()
kind of confirms this since it's setting the ID manually for config entity types.Comment #53
quietone CreditAttribution: quietone at PreviousNext commentedThis was postponed on two issues that has noe been closed, changing status.
Comment #57
amateescu CreditAttribution: amateescu for Tag1 Consulting commentedRerolled the latest patch and turned it into a MR.
Comment #58
amateescu CreditAttribution: amateescu for Tag1 Consulting commentedThe MR is fully ready for reviews now, hiding old patches.
Comment #59
smustgrave CreditAttribution: smustgrave at Mobomo commentedUsing block_content json tests as references and a few other. The test coverage seems to line up with what we've done in others.
LGTM!
Comment #60
catchI looked at this two or three times and the UNCACHEABLE/MISS changes put me off committing it just yet, but... I can't think of anything else we can do here, and this is in the base class for test coverage that even the subclasses don't directly interact with, it'll make it less likely that the next entity type has to do anything special, then noticed Wim pointing out we already do the same thing elsewhere already in the test coverage. So... committed/pushed to 11.x and cherry-picked to 10.3.x, thanks!
Comment #63
catch