Sets up the necessary authorization.

In case of a test verifying publicly accessible REST resources: grant permissions to the anonymous user role.

In case of a test verifying behavior when using a particular authentication provider: create a user with a particular set of permissions.

Because of the $method parameter, it's possible to first set up authentication for only GET, then add POST, et cetera. This then also allows for verifying a 403 in case of missing authorization.

Parameters

string $method: The HTTP method for which to set up authentication.

Overrides ResourceTestBase::setUpAuthorization

2 calls to UserTest::setUpAuthorization()

UserTest::testQueryInvolvingRoles in core/modules/jsonapi/tests/src/Functional/UserTest.php

Test good error DX when trying to filter users by role.

UserTest::testResaveAccountName in core/modules/jsonapi/tests/src/Functional/UserTest.php

Tests users with altered display names.

File

core/modules/jsonapi/tests/src/Functional/UserTest.php, line 79

Class

UserTest

JSON:API integration test for the "User" content entity type.

Namespace

Drupal\Tests\jsonapi\Functional

Code

protected function setUpAuthorization($method) {
  // @todo Remove this in
  $this->grantPermissionsToTestedRole([
    'access content',
  ]);
  switch ($method) {
    case 'GET':
      $this->grantPermissionsToTestedRole([
        'access user profiles',
      ]);
      break;

    case 'POST':
    case 'PATCH':
    case 'DELETE':
      $this->grantPermissionsToTestedRole([
        'administer users',
      ]);
      break;

  }
}

---