namespace MediaWiki\Tests\Rest\BasicAccess;
use GuzzleHttp\Psr7\Uri;
-use MediaWiki\MediaWikiServices;
+use MediaWiki\Permissions\PermissionManager;
use MediaWiki\Rest\BasicAccess\MWBasicAuthorizer;
use MediaWiki\Rest\Handler;
use MediaWiki\Rest\RequestData;
use MediaWiki\Rest\ResponseFactory;
use MediaWiki\Rest\Router;
+use MediaWiki\Rest\Validator\Validator;
use MediaWikiTestCase;
+use Psr\Container\ContainerInterface;
use User;
+use Wikimedia\ObjectFactory;
/**
* @group Database
* @covers \MediaWiki\Rest\BasicAccess\MWBasicRequestAuthorizer
*/
class MWBasicRequestAuthorizerTest extends MediaWikiTestCase {
- private function createRouter( $userRights ) {
+ private function createRouter( $userRights, $request ) {
$user = User::newFromName( 'Test user' );
- // Don't allow the rights to everybody so that user rights kick in.
- $this->mergeMwGlobalArrayValue( 'wgGroupPermissions', [ '*' => $userRights ] );
- $this->overrideUserPermissions(
- $user,
- array_keys( array_filter( $userRights ), function ( $value ) {
- return $value === true;
- } )
+ $objectFactory = new ObjectFactory(
+ $this->getMockForAbstractClass( ContainerInterface::class )
);
+ $permissionManager = $this->createMock( PermissionManager::class );
+ // Don't allow the rights to everybody so that user rights kick in.
+ $permissionManager->method( 'isEveryoneAllowed' )->willReturn( false );
+ $permissionManager->method( 'userHasRight' )
+ ->will( $this->returnCallback( function ( $user, $action ) use ( $userRights ) {
+ return isset( $userRights[$action] ) && $userRights[$action];
+ } ) );
global $IP;
[],
'/rest',
new \EmptyBagOStuff(),
- new ResponseFactory(),
- new MWBasicAuthorizer( $user, MediaWikiServices::getInstance()->getPermissionManager() ) );
+ new ResponseFactory( [] ),
+ new MWBasicAuthorizer( $user, $permissionManager ),
+ $objectFactory,
+ new Validator( $objectFactory, $permissionManager, $request, $user )
+ );
}
public function testReadDenied() {
- $router = $this->createRouter( [ 'read' => false ] );
$request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] );
+ $router = $this->createRouter( [ 'read' => false ], $request );
$response = $router->execute( $request );
$this->assertSame( 403, $response->getStatusCode() );
}
public function testReadAllowed() {
- $router = $this->createRouter( [ 'read' => true ] );
$request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] );
+ $router = $this->createRouter( [ 'read' => true ], $request );
$response = $router->execute( $request );
$this->assertSame( 200, $response->getStatusCode() );
}
}
public function testWriteDenied() {
- $router = $this->createRouter( [ 'read' => true, 'writeapi' => false ] );
$request = new RequestData( [
'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' )
] );
+ $router = $this->createRouter( [ 'read' => true, 'writeapi' => false ], $request );
$response = $router->execute( $request );
$this->assertSame( 403, $response->getStatusCode() );
}
public function testWriteAllowed() {
- $router = $this->createRouter( [ 'read' => true, 'writeapi' => true ] );
$request = new RequestData( [
'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' )
] );
+ $router = $this->createRouter( [ 'read' => true, 'writeapi' => true ], $request );
$response = $router->execute( $request );
$this->assertSame( 200, $response->getStatusCode() );