API平台测试授权
我正在使用 Symfony 4.4 和api-platform/api-pack v1.2.1
我创建了一个支持带前缀的字符串的自定义选民PERM_
我将端点 ( /api/roles) 设置为security: 'is_granted("PERM_READ_USER")'
我创建了一个如下所示的测试:
/**
* @depends testLoginRegularUser
* @param $token
* @return string JWT Token
*/
public function testRegularUserReadRole($token)
{
$this->expectException(AccessDeniedHttpException::class);
$this->expectExceptionCode(403);
$response = static ::createClient()->request('GET', '/api/roles',[
'json' => [
'page' => 1
],
'headers' => [
'Authorization' => 'Bearer ' . $token,
]
]);
return $token;
}
而且我总是收到错误消息:
Testing App\Tests\Functional\GroupRoleTest
.2020-01-06T00:49:48+00:00 [error] Uncaught PHP Exception Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException: "Access Denied." at /home/vagrant/Code/wikaunting/vendor/symfony/security-http/Firewall/ExceptionListener.php line 137
FS 3 / 3 (100%)
Time: 14.27 seconds, Memory: 44.50 MB
There was 1 failure:
1) App\Tests\Functional\GroupRoleTest::testRegularUserReadRole
Failed asserting that exception of type "Symfony\Component\HttpClient\Exception\AccessDeniedHttpException" is thrown.
当我使用休息客户端(失眠症)进行测试时,它返回
萧十郎2回答
-
翻翻过去那场雪
您将功能与单元测试混合在一起。 $this->expectException用于单元测试,当您的代码抛出异常时。在这种情况下,您正在向客户端发出 HTTP 请求,该请求将返回响应并且不会引发异常。您应该检查响应状态代码是否为 403。 -
暮色呼如
请记住,该异常不会在您的测试中引发。当您的请求被拒绝时,它会被抛出“服务器端”。因此,您不应断言抛出异常,而应在测试中检查该请求的状态码和响应。API 平台为此提供了辅助方法。查看:self::assertResponseStatusCodeSameself::assertJsonContains
随时随地看视频慕课网APP
PHP