tests/phpunit/includes/api/ApiBlockTest.php

   1 <?php
   2
   3 /**
   4  * @group API
   5  * @group Database
   6  * @group medium
   7  *
   8  * @covers ApiBlock
   9  */
  10 class ApiBlockTest extends ApiTestCase {
  11         protected $mUser = null;
  12
  13         protected function setUp() {
  14                 parent::setUp();
  15
  16                 $this->mUser = $this->getMutableTestUser()->getUser();
  17         }
  18
  19         protected function tearDown() {
  20                 $block = Block::newFromTarget( $this->mUser->getName() );
  21                 if ( !is_null( $block ) ) {
  22                         $block->delete();
  23                 }
  24                 parent::tearDown();
  25         }
  26
  27         protected function getTokens() {
  28                 return $this->getTokenList( self::$users['sysop'] );
  29         }
  30
  31         /**
  32          * @param array $extraParams Extra API parameters to pass to doApiRequest
  33          * @param User  $blocker     User to do the blocking, null to pick
  34          *                           arbitrarily
  35          */
  36         private function doBlock( array $extraParams = [], User $blocker = null ) {
  37                 if ( $blocker === null ) {
  38                         $blocker = self::$users['sysop']->getUser();
  39                 }
  40
  41                 $tokens = $this->getTokens();
  42
  43                 $this->assertNotNull( $this->mUser, 'Sanity check' );
  44                 $this->assertNotSame( 0, $this->mUser->getId(), 'Sanity check' );
  45
  46                 $this->assertArrayHasKey( 'blocktoken', $tokens, 'Sanity check' );
  47
  48                 $params = [
  49                         'action' => 'block',
  50                         'user' => $this->mUser->getName(),
  51                         'reason' => 'Some reason',
  52                         'token' => $tokens['blocktoken'],
  53                 ];
  54                 if ( array_key_exists( 'userid', $extraParams ) ) {
  55                         // Make sure we don't have both user and userid
  56                         unset( $params['user'] );
  57                 }
  58                 $ret = $this->doApiRequest( array_merge( $params, $extraParams ), null,
  59                         false, $blocker );
  60
  61                 $block = Block::newFromTarget( $this->mUser->getName() );
  62
  63                 $this->assertTrue( !is_null( $block ), 'Block is valid' );
  64
  65                 $this->assertSame( $this->mUser->getName(), (string)$block->getTarget() );
  66                 $this->assertSame( 'Some reason', $block->mReason );
  67
  68                 return $ret;
  69         }
  70
  71         /**
  72          * Block by username
  73          */
  74         public function testNormalBlock() {
  75                 $this->doBlock();
  76         }
  77
  78         /**
  79          * Block by user ID
  80          */
  81         public function testBlockById() {
  82                 $this->doBlock( [ 'userid' => $this->mUser->getId() ] );
  83         }
  84
  85         /**
  86          * A blocked user can't block
  87          */
  88         public function testBlockByBlockedUser() {
  89                 $this->setExpectedException( ApiUsageException::class,
  90                         'You cannot block or unblock other users because you are yourself blocked.' );
  91
  92                 $blocked = $this->getMutableTestUser( [ 'sysop' ] )->getUser();
  93                 $block = new Block( [
  94                         'address' => $blocked->getName(),
  95                         'by' => self::$users['sysop']->getUser()->getId(),
  96                         'reason' => 'Capriciousness',
  97                         'timestamp' => '19370101000000',
  98                         'expiry' => 'infinity',
  99                 ] );
 100                 $block->insert();
 101
 102                 $this->doBlock( [], $blocked );
 103         }
 104
 105         public function testBlockOfNonexistentUser() {
 106                 $this->setExpectedException( ApiUsageException::class,
 107                         'There is no user by the name "Nonexistent". Check your spelling.' );
 108
 109                 $this->doBlock( [ 'user' => 'Nonexistent' ] );
 110         }
 111
 112         public function testBlockOfNonexistentUserId() {
 113                 $id = 948206325;
 114                 $this->setExpectedException( ApiUsageException::class,
 115                         "There is no user with ID $id." );
 116
 117                 $this->assertFalse( User::whoIs( $id ), 'Sanity check' );
 118
 119                 $this->doBlock( [ 'userid' => $id ] );
 120         }
 121
 122         public function testBlockWithTag() {
 123                 ChangeTags::defineTag( 'custom tag' );
 124
 125                 $this->doBlock( [ 'tags' => 'custom tag' ] );
 126
 127                 $dbw = wfGetDB( DB_MASTER );
 128                 $this->assertSame( 'custom tag', $dbw->selectField(
 129                         [ 'change_tag', 'logging' ],
 130                         'ct_tag',
 131                         [ 'log_type' => 'block' ],
 132                         __METHOD__,
 133                         [],
 134                         [ 'change_tag' => [ 'INNER JOIN', 'ct_log_id = log_id' ] ]
 135                 ) );
 136         }
 137
 138         public function testBlockWithProhibitedTag() {
 139                 $this->setExpectedException( ApiUsageException::class,
 140                         'You do not have permission to apply change tags along with your changes.' );
 141
 142                 ChangeTags::defineTag( 'custom tag' );
 143
 144                 $this->setMwGlobals( 'wgRevokePermissions',
 145                         [ 'user' => [ 'applychangetags' => true ] ] );
 146
 147                 $this->doBlock( [ 'tags' => 'custom tag' ] );
 148         }
 149
 150         public function testBlockWithHide() {
 151                 global $wgGroupPermissions;
 152                 $newPermissions = $wgGroupPermissions['sysop'];
 153                 $newPermissions['hideuser'] = true;
 154                 $this->mergeMwGlobalArrayValue( 'wgGroupPermissions',
 155                         [ 'sysop' => $newPermissions ] );
 156
 157                 $res = $this->doBlock( [ 'hidename' => '' ] );
 158
 159                 $dbw = wfGetDB( DB_MASTER );
 160                 $this->assertSame( '1', $dbw->selectField(
 161                         'ipblocks',
 162                         'ipb_deleted',
 163                         [ 'ipb_id' => $res[0]['block']['id'] ],
 164                         __METHOD__
 165                 ) );
 166         }
 167
 168         public function testBlockWithProhibitedHide() {
 169                 $this->setExpectedException( ApiUsageException::class,
 170                         "You don't have permission to hide user names from the block log." );
 171
 172                 $this->doBlock( [ 'hidename' => '' ] );
 173         }
 174
 175         public function testBlockWithEmailBlock() {
 176                 $res = $this->doBlock( [ 'noemail' => '' ] );
 177
 178                 $dbw = wfGetDB( DB_MASTER );
 179                 $this->assertSame( '1', $dbw->selectField(
 180                         'ipblocks',
 181                         'ipb_block_email',
 182                         [ 'ipb_id' => $res[0]['block']['id'] ],
 183                         __METHOD__
 184                 ) );
 185         }
 186
 187         public function testBlockWithProhibitedEmailBlock() {
 188                 $this->setExpectedException( ApiUsageException::class,
 189                         "You don't have permission to block users from sending email through the wiki." );
 190
 191                 $this->setMwGlobals( 'wgRevokePermissions',
 192                         [ 'sysop' => [ 'blockemail' => true ] ] );
 193
 194                 $this->doBlock( [ 'noemail' => '' ] );
 195         }
 196
 197         public function testBlockWithExpiry() {
 198                 $res = $this->doBlock( [ 'expiry' => '1 day' ] );
 199
 200                 $dbw = wfGetDB( DB_MASTER );
 201                 $expiry = $dbw->selectField(
 202                         'ipblocks',
 203                         'ipb_expiry',
 204                         [ 'ipb_id' => $res[0]['block']['id'] ],
 205                         __METHOD__
 206                 );
 207
 208                 // Allow flakiness up to one second
 209                 $this->assertLessThanOrEqual( 1,
 210                         abs( wfTimestamp( TS_UNIX, $expiry ) - ( time() + 86400 ) ) );
 211         }
 212
 213         public function testBlockWithInvalidExpiry() {
 214                 $this->setExpectedException( ApiUsageException::class, "Expiry time invalid." );
 215
 216                 $this->doBlock( [ 'expiry' => '' ] );
 217         }
 218
 219         /**
 220          * @expectedException ApiUsageException
 221          * @expectedExceptionMessage The "token" parameter must be set
 222          */
 223         public function testBlockingActionWithNoToken() {
 224                 $this->doApiRequest(
 225                         [
 226                                 'action' => 'block',
 227                                 'user' => $this->mUser->getName(),
 228                                 'reason' => 'Some reason',
 229                         ],
 230                         null,
 231                         false,
 232                         self::$users['sysop']->getUser()
 233                 );
 234         }
 235 }