dépôts / lhc / web / wiklou.git / blob
? search:


baf824352baa9f9de1020359695aa3077d5ae900
[lhc/web/wiklou.git] / tests / phpunit / includes / TitlePermissionTest.php
1 <?php
2
3 use MediaWiki\MediaWikiServices;
4
5 /**
6 * @group Database
7 *
8 * @covers Title::getUserPermissionsErrors
9 * @covers Title::getUserPermissionsErrorsInternal
10 */
11 class TitlePermissionTest extends MediaWikiLangTestCase {
12
13 /**
14 * @var string
15 */
16 protected $userName, $altUserName;
17
18 /**
19 * @var Title
20 */
21 protected $title;
22
23 /**
24 * @var User
25 */
26 protected $user, $anonUser, $userUser, $altUser;
27
28 protected function setUp() {
29 parent::setUp();
30
31 $localZone = 'UTC';
32 $localOffset = date( 'Z' ) / 60;
33
34 $this->setMwGlobals( [
35 'wgLocaltimezone' => $localZone,
36 'wgLocalTZoffset' => $localOffset,
37 'wgNamespaceProtection' => [
38 NS_MEDIAWIKI => 'editinterface',
39 ],
40 ] );
41 // Without this testUserBlock will use a non-English context on non-English MediaWiki
42 // installations (because of how Title::checkUserBlock is implemented) and fail.
43 RequestContext::resetMain();
44
45 $this->userName = 'Useruser';
46 $this->altUserName = 'Altuseruser';
47 date_default_timezone_set( $localZone );
48
49 $this->title = Title::makeTitle( NS_MAIN, "Main Page" );
50 if ( !isset( $this->userUser ) || !( $this->userUser instanceof User ) ) {
51 $this->userUser = User::newFromName( $this->userName );
52
53 if ( !$this->userUser->getId() ) {
54 $this->userUser = User::createNew( $this->userName, [
55 "email" => "test@example.com",
56 "real_name" => "Test User" ] );
57 $this->userUser->load();
58 }
59
60 $this->altUser = User::newFromName( $this->altUserName );
61 if ( !$this->altUser->getId() ) {
62 $this->altUser = User::createNew( $this->altUserName, [
63 "email" => "alttest@example.com",
64 "real_name" => "Test User Alt" ] );
65 $this->altUser->load();
66 }
67
68 $this->anonUser = User::newFromId( 0 );
69
70 $this->user = $this->userUser;
71 }
72 $this->overrideMwServices();
73 }
74
75 protected function setUserPerm( $perm ) {
76 // Setting member variables is evil!!!
77
78 if ( is_array( $perm ) ) {
79 $this->user->mRights = $perm;
80 } else {
81 $this->user->mRights = [ $perm ];
82 }
83 }
84
85 protected function setTitle( $ns, $title = "Main_Page" ) {
86 $this->title = Title::makeTitle( $ns, $title );
87 }
88
89 protected function setUser( $userName = null ) {
90 if ( $userName === 'anon' ) {
91 $this->user = $this->anonUser;
92 } elseif ( $userName === null || $userName === $this->userName ) {
93 $this->user = $this->userUser;
94 } else {
95 $this->user = $this->altUser;
96 }
97 }
98
99 /**
100 * @todo This test method should be split up into separate test methods and
101 * data providers
102 *
103 * This test is failing per T201776.
104 *
105 * @group Broken
106 * @covers Title::checkQuickPermissions
107 */
108 public function testQuickPermissions() {
109 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
110 getFormattedNsText( NS_PROJECT );
111
112 $this->setUser( 'anon' );
113 $this->setTitle( NS_TALK );
114 $this->setUserPerm( "createtalk" );
115 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
116 $this->assertEquals( [], $res );
117
118 $this->setTitle( NS_TALK );
119 $this->setUserPerm( "createpage" );
120 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
121 $this->assertEquals( [ [ "nocreatetext" ] ], $res );
122
123 $this->setTitle( NS_TALK );
124 $this->setUserPerm( "" );
125 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
126 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
127
128 $this->setTitle( NS_MAIN );
129 $this->setUserPerm( "createpage" );
130 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
131 $this->assertEquals( [], $res );
132
133 $this->setTitle( NS_MAIN );
134 $this->setUserPerm( "createtalk" );
135 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
136 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
137
138 $this->setUser( $this->userName );
139 $this->setTitle( NS_TALK );
140 $this->setUserPerm( "createtalk" );
141 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
142 $this->assertEquals( [], $res );
143
144 $this->setTitle( NS_TALK );
145 $this->setUserPerm( "createpage" );
146 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
147 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
148
149 $this->setTitle( NS_TALK );
150 $this->setUserPerm( "" );
151 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
152 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
153
154 $this->setTitle( NS_MAIN );
155 $this->setUserPerm( "createpage" );
156 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
157 $this->assertEquals( [], $res );
158
159 $this->setTitle( NS_MAIN );
160 $this->setUserPerm( "createtalk" );
161 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
162 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
163
164 $this->setTitle( NS_MAIN );
165 $this->setUserPerm( "" );
166 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
167 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
168
169 $this->setUser( 'anon' );
170 $this->setTitle( NS_USER, $this->userName . '' );
171 $this->setUserPerm( "" );
172 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
173 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
174
175 $this->setTitle( NS_USER, $this->userName . '/subpage' );
176 $this->setUserPerm( "" );
177 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
178 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
179
180 $this->setTitle( NS_USER, $this->userName . '' );
181 $this->setUserPerm( "move-rootuserpages" );
182 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
183 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
184
185 $this->setTitle( NS_USER, $this->userName . '/subpage' );
186 $this->setUserPerm( "move-rootuserpages" );
187 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
188 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
189
190 $this->setTitle( NS_USER, $this->userName . '' );
191 $this->setUserPerm( "" );
192 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
193 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
194
195 $this->setTitle( NS_USER, $this->userName . '/subpage' );
196 $this->setUserPerm( "" );
197 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
198 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
199
200 $this->setTitle( NS_USER, $this->userName . '' );
201 $this->setUserPerm( "move-rootuserpages" );
202 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
203 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
204
205 $this->setTitle( NS_USER, $this->userName . '/subpage' );
206 $this->setUserPerm( "move-rootuserpages" );
207 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
208 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
209
210 $this->setUser( $this->userName );
211 $this->setTitle( NS_FILE, "img.png" );
212 $this->setUserPerm( "" );
213 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
214 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
215
216 $this->setTitle( NS_FILE, "img.png" );
217 $this->setUserPerm( "movefile" );
218 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
219 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
220
221 $this->setUser( 'anon' );
222 $this->setTitle( NS_FILE, "img.png" );
223 $this->setUserPerm( "" );
224 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
225 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
226
227 $this->setTitle( NS_FILE, "img.png" );
228 $this->setUserPerm( "movefile" );
229 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
230 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
231
232 $this->setUser( $this->userName );
233 $this->setUserPerm( "move" );
234 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
235
236 $this->setUserPerm( "" );
237 $this->runGroupPermissions(
238 'move',
239 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
240 );
241
242 $this->setUser( 'anon' );
243 $this->setUserPerm( "move" );
244 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
245
246 $this->setUserPerm( "" );
247 $this->runGroupPermissions(
248 'move',
249 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
250 [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
251 );
252
253 if ( $this->isWikitextNS( NS_MAIN ) ) {
254 // NOTE: some content models don't allow moving
255 // @todo find a Wikitext namespace for testing
256
257 $this->setTitle( NS_MAIN );
258 $this->setUser( 'anon' );
259 $this->setUserPerm( "move" );
260 $this->runGroupPermissions( 'move', [] );
261
262 $this->setUserPerm( "" );
263 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
264 [ [ 'movenologintext' ] ] );
265
266 $this->setUser( $this->userName );
267 $this->setUserPerm( "" );
268 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
269
270 $this->setUserPerm( "move" );
271 $this->runGroupPermissions( 'move', [] );
272
273 $this->setUser( 'anon' );
274 $this->setUserPerm( 'move' );
275 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
276 $this->assertEquals( [], $res );
277
278 $this->setUserPerm( '' );
279 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
280 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
281 }
282
283 $this->setTitle( NS_USER );
284 $this->setUser( $this->userName );
285 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
286 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
287 $this->assertEquals( [], $res );
288
289 $this->setUserPerm( "move" );
290 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
291 $this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
292
293 $this->setUser( 'anon' );
294 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
295 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
296 $this->assertEquals( [], $res );
297
298 $this->setTitle( NS_USER, "User/subpage" );
299 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
300 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
301 $this->assertEquals( [], $res );
302
303 $this->setUserPerm( "move" );
304 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
305 $this->assertEquals( [], $res );
306
307 $this->setUser( 'anon' );
308 $check = [
309 'edit' => [
310 [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ] ],
311 [ [ 'badaccess-group0' ] ],
312 [],
313 true
314 ],
315 'protect' => [
316 [ [
317 'badaccess-groups',
318 "[[$prefix:Administrators|Administrators]]", 1 ],
319 [ 'protect-cantedit'
320 ] ],
321 [ [ 'badaccess-group0' ], [ 'protect-cantedit' ] ],
322 [ [ 'protect-cantedit' ] ],
323 false
324 ],
325 '' => [ [], [], [], true ]
326 ];
327
328 foreach ( [ "edit", "protect", "" ] as $action ) {
329 $this->setUserPerm( null );
330 $this->assertEquals( $check[$action][0],
331 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
332 $this->assertEquals( $check[$action][0],
333 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
334 $this->assertEquals( $check[$action][0],
335 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
336
337 global $wgGroupPermissions;
338 $old = $wgGroupPermissions;
339 $wgGroupPermissions = [];
340
341 $this->assertEquals( $check[$action][1],
342 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
343 $this->assertEquals( $check[$action][1],
344 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
345 $this->assertEquals( $check[$action][1],
346 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
347 $wgGroupPermissions = $old;
348
349 $this->setUserPerm( $action );
350 $this->assertEquals( $check[$action][2],
351 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
352 $this->assertEquals( $check[$action][2],
353 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
354 $this->assertEquals( $check[$action][2],
355 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
356
357 $this->setUserPerm( $action );
358 $this->assertEquals( $check[$action][3],
359 $this->title->userCan( $action, $this->user, true ) );
360 $this->assertEquals( $check[$action][3],
361 $this->title->quickUserCan( $action, $this->user ) );
362 # count( User::getGroupsWithPermissions( $action ) ) < 1
363 }
364 }
365
366 protected function runGroupPermissions( $action, $result, $result2 = null ) {
367 global $wgGroupPermissions;
368
369 if ( $result2 === null ) {
370 $result2 = $result;
371 }
372
373 $wgGroupPermissions['autoconfirmed']['move'] = false;
374 $wgGroupPermissions['user']['move'] = false;
375 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
376 $this->assertEquals( $result, $res );
377
378 $wgGroupPermissions['autoconfirmed']['move'] = true;
379 $wgGroupPermissions['user']['move'] = false;
380 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
381 $this->assertEquals( $result2, $res );
382
383 $wgGroupPermissions['autoconfirmed']['move'] = true;
384 $wgGroupPermissions['user']['move'] = true;
385 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
386 $this->assertEquals( $result2, $res );
387
388 $wgGroupPermissions['autoconfirmed']['move'] = false;
389 $wgGroupPermissions['user']['move'] = true;
390 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
391 $this->assertEquals( $result2, $res );
392 }
393
394 /**
395 * @todo This test method should be split up into separate test methods and
396 * data providers
397 * @covers Title::checkSpecialsAndNSPermissions
398 */
399 public function testSpecialsAndNSPermissions() {
400 global $wgNamespaceProtection;
401 $this->setUser( $this->userName );
402
403 $this->setTitle( NS_SPECIAL );
404
405 $this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
406 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
407
408 $this->setTitle( NS_MAIN );
409 $this->setUserPerm( 'bogus' );
410 $this->assertEquals( [],
411 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
412
413 $this->setTitle( NS_MAIN );
414 $this->setUserPerm( '' );
415 $this->assertEquals( [ [ 'badaccess-group0' ] ],
416 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
417
418 $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
419
420 $this->setTitle( NS_USER );
421 $this->setUserPerm( '' );
422 $this->assertEquals( [ [ 'badaccess-group0' ],
423 [ 'namespaceprotected', 'User', 'bogus' ] ],
424 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
425
426 $this->setTitle( NS_MEDIAWIKI );
427 $this->setUserPerm( 'bogus' );
428 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
429 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
430
431 $this->setTitle( NS_MEDIAWIKI );
432 $this->setUserPerm( 'bogus' );
433 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
434 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
435
436 $wgNamespaceProtection = null;
437
438 $this->setUserPerm( 'bogus' );
439 $this->assertEquals( [],
440 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
441 $this->assertEquals( true,
442 $this->title->userCan( 'bogus', $this->user ) );
443
444 $this->setUserPerm( '' );
445 $this->assertEquals( [ [ 'badaccess-group0' ] ],
446 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
447 $this->assertEquals( false,
448 $this->title->userCan( 'bogus', $this->user ) );
449 }
450
451 /**
452 * @todo This test method should be split up into separate test methods and
453 * data providers
454 * @covers Title::checkUserConfigPermissions
455 */
456 public function testJsConfigEditPermissions() {
457 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
458 getFormattedNsText( NS_PROJECT );
459 $this->setUser( $this->userName );
460
461 $this->setTitle( NS_USER, $this->userName . '/test.js' );
462 $this->runConfigEditPermissions(
463 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
464
465 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
466 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
467 [ [ 'badaccess-group0' ] ],
468
469 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
470 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
471 [ [ 'badaccess-group0' ] ],
472 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
473 );
474 }
475
476 /**
477 * @todo This test method should be split up into separate test methods and
478 * data providers
479 * @covers Title::checkUserConfigPermissions
480 */
481 public function testJsonConfigEditPermissions() {
482 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
483 getFormattedNsText( NS_PROJECT );
484 $this->setUser( $this->userName );
485
486 $this->setTitle( NS_USER, $this->userName . '/test.json' );
487 $this->runConfigEditPermissions(
488 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
489
490 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
491 [ [ 'badaccess-group0' ] ],
492 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
493
494 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
495 [ [ 'badaccess-group0' ] ],
496 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
497 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
498 );
499 }
500
501 /**
502 * @todo This test method should be split up into separate test methods and
503 * data providers
504 * @covers Title::checkUserConfigPermissions
505 */
506 public function testCssConfigEditPermissions() {
507 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
508 getFormattedNsText( NS_PROJECT );
509 $this->setUser( $this->userName );
510
511 $this->setTitle( NS_USER, $this->userName . '/test.css' );
512 $this->runConfigEditPermissions(
513 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
514
515 [ [ 'badaccess-group0' ] ],
516 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
517 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
518
519 [ [ 'badaccess-group0' ] ],
520 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
521 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
522 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
523 );
524 }
525
526 /**
527 * @todo This test method should be split up into separate test methods and
528 * data providers
529 * @covers Title::checkUserConfigPermissions
530 */
531 public function testOtherJsConfigEditPermissions() {
532 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
533 getFormattedNsText( NS_PROJECT );
534 $this->setUser( $this->userName );
535
536 $this->setTitle( NS_USER, $this->altUserName . '/test.js' );
537 $this->runConfigEditPermissions(
538 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
539
540 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
541 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
542 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
543
544 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
545 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
546 [ [ 'badaccess-group0' ] ],
547 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
548 );
549 }
550
551 /**
552 * @todo This test method should be split up into separate test methods and
553 * data providers
554 * @covers Title::checkUserConfigPermissions
555 */
556 public function testOtherJsonConfigEditPermissions() {
557 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
558 getFormattedNsText( NS_PROJECT );
559 $this->setUser( $this->userName );
560
561 $this->setTitle( NS_USER, $this->altUserName . '/test.json' );
562 $this->runConfigEditPermissions(
563 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
564
565 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
566 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
567 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
568
569 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
570 [ [ 'badaccess-group0' ] ],
571 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
572 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
573 );
574 }
575
576 /**
577 * @todo This test method should be split up into separate test methods and
578 * data providers
579 * @covers Title::checkUserConfigPermissions
580 */
581 public function testOtherCssConfigEditPermissions() {
582 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
583 getFormattedNsText( NS_PROJECT );
584 $this->setUser( $this->userName );
585
586 $this->setTitle( NS_USER, $this->altUserName . '/test.css' );
587 $this->runConfigEditPermissions(
588 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
589
590 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
591 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
592 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
593
594 [ [ 'badaccess-group0' ] ],
595 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
596 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
597 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
598 );
599 }
600
601 /**
602 * @todo This test method should be split up into separate test methods and
603 * data providers
604 * @covers Title::checkUserConfigPermissions
605 */
606 public function testOtherNonConfigEditPermissions() {
607 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
608 getFormattedNsText( NS_PROJECT );
609 $this->setUser( $this->userName );
610
611 $this->setTitle( NS_USER, $this->altUserName . '/tempo' );
612 $this->runConfigEditPermissions(
613 [ [ 'badaccess-group0' ] ],
614
615 [ [ 'badaccess-group0' ] ],
616 [ [ 'badaccess-group0' ] ],
617 [ [ 'badaccess-group0' ] ],
618
619 [ [ 'badaccess-group0' ] ],
620 [ [ 'badaccess-group0' ] ],
621 [ [ 'badaccess-group0' ] ],
622 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
623 );
624 }
625
626 /**
627 * @todo This should use data providers like the other methods here.
628 * @covers Title::checkUserConfigPermissions
629 */
630 public function testPatrolActionConfigEditPermissions() {
631 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
632 getFormattedNsText( NS_PROJECT );
633 $this->setUser( 'anon' );
634 $this->setTitle( NS_USER, 'ToPatrolOrNotToPatrol' );
635 $this->runConfigEditPermissions(
636 [ [ 'badaccess-group0' ] ],
637
638 [ [ 'badaccess-group0' ] ],
639 [ [ 'badaccess-group0' ] ],
640 [ [ 'badaccess-group0' ] ],
641
642 [ [ 'badaccess-group0' ] ],
643 [ [ 'badaccess-group0' ] ],
644 [ [ 'badaccess-group0' ] ],
645 [ [ 'badaccess-groups', "[[$prefix:Administrators|Administrators]]", 1 ] ]
646 );
647 }
648
649 protected function runConfigEditPermissions(
650 $resultNone,
651 $resultMyCss,
652 $resultMyJson,
653 $resultMyJs,
654 $resultUserCss,
655 $resultUserJson,
656 $resultUserJs,
657 $resultPatrol
658 ) {
659 $this->setUserPerm( '' );
660 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
661 $this->assertEquals( $resultNone, $result );
662
663 $this->setUserPerm( 'editmyusercss' );
664 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
665 $this->assertEquals( $resultMyCss, $result );
666
667 $this->setUserPerm( 'editmyuserjson' );
668 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
669 $this->assertEquals( $resultMyJson, $result );
670
671 $this->setUserPerm( 'editmyuserjs' );
672 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
673 $this->assertEquals( $resultMyJs, $result );
674
675 $this->setUserPerm( 'editusercss' );
676 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
677 $this->assertEquals( $resultUserCss, $result );
678
679 $this->setUserPerm( 'edituserjson' );
680 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
681 $this->assertEquals( $resultUserJson, $result );
682
683 $this->setUserPerm( 'edituserjs' );
684 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
685 $this->assertEquals( $resultUserJs, $result );
686
687 $this->setUserPerm( '' );
688 $result = $this->title->getUserPermissionsErrors( 'patrol', $this->user );
689 $this->assertEquals( $resultPatrol, $result );
690
691 $this->setUserPerm( [ 'edituserjs', 'edituserjson', 'editusercss' ] );
692 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
693 $this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
694 }
695
696 /**
697 * @todo This test method should be split up into separate test methods and
698 * data providers
699 *
700 * This test is failing per T201776.
701 *
702 * @group Broken
703 * @covers Title::checkPageRestrictions
704 */
705 public function testPageRestrictions() {
706 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
707 getFormattedNsText( NS_PROJECT );
708
709 $this->setTitle( NS_MAIN );
710 $this->title->mRestrictionsLoaded = true;
711 $this->setUserPerm( "edit" );
712 $this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
713
714 $this->assertEquals( [],
715 $this->title->getUserPermissionsErrors( 'edit',
716 $this->user ) );
717
718 $this->assertEquals( true,
719 $this->title->quickUserCan( 'edit', $this->user ) );
720 $this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
721 "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
722
723 $this->assertEquals( [ [ 'badaccess-group0' ],
724 [ 'protectedpagetext', 'bogus', 'bogus' ],
725 [ 'protectedpagetext', 'editprotected', 'bogus' ],
726 [ 'protectedpagetext', 'protect', 'bogus' ] ],
727 $this->title->getUserPermissionsErrors( 'bogus',
728 $this->user ) );
729 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
730 [ 'protectedpagetext', 'editprotected', 'edit' ],
731 [ 'protectedpagetext', 'protect', 'edit' ] ],
732 $this->title->getUserPermissionsErrors( 'edit',
733 $this->user ) );
734 $this->setUserPerm( "" );
735 $this->assertEquals( [ [ 'badaccess-group0' ],
736 [ 'protectedpagetext', 'bogus', 'bogus' ],
737 [ 'protectedpagetext', 'editprotected', 'bogus' ],
738 [ 'protectedpagetext', 'protect', 'bogus' ] ],
739 $this->title->getUserPermissionsErrors( 'bogus',
740 $this->user ) );
741 $this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
742 [ 'protectedpagetext', 'bogus', 'edit' ],
743 [ 'protectedpagetext', 'editprotected', 'edit' ],
744 [ 'protectedpagetext', 'protect', 'edit' ] ],
745 $this->title->getUserPermissionsErrors( 'edit',
746 $this->user ) );
747 $this->setUserPerm( [ "edit", "editprotected" ] );
748 $this->assertEquals( [ [ 'badaccess-group0' ],
749 [ 'protectedpagetext', 'bogus', 'bogus' ],
750 [ 'protectedpagetext', 'protect', 'bogus' ] ],
751 $this->title->getUserPermissionsErrors( 'bogus',
752 $this->user ) );
753 $this->assertEquals( [
754 [ 'protectedpagetext', 'bogus', 'edit' ],
755 [ 'protectedpagetext', 'protect', 'edit' ] ],
756 $this->title->getUserPermissionsErrors( 'edit',
757 $this->user ) );
758
759 $this->title->mCascadeRestriction = true;
760 $this->setUserPerm( "edit" );
761 $this->assertEquals( false,
762 $this->title->quickUserCan( 'bogus', $this->user ) );
763 $this->assertEquals( false,
764 $this->title->quickUserCan( 'edit', $this->user ) );
765 $this->assertEquals( [ [ 'badaccess-group0' ],
766 [ 'protectedpagetext', 'bogus', 'bogus' ],
767 [ 'protectedpagetext', 'editprotected', 'bogus' ],
768 [ 'protectedpagetext', 'protect', 'bogus' ] ],
769 $this->title->getUserPermissionsErrors( 'bogus',
770 $this->user ) );
771 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
772 [ 'protectedpagetext', 'editprotected', 'edit' ],
773 [ 'protectedpagetext', 'protect', 'edit' ] ],
774 $this->title->getUserPermissionsErrors( 'edit',
775 $this->user ) );
776
777 $this->setUserPerm( [ "edit", "editprotected" ] );
778 $this->assertEquals( false,
779 $this->title->quickUserCan( 'bogus', $this->user ) );
780 $this->assertEquals( false,
781 $this->title->quickUserCan( 'edit', $this->user ) );
782 $this->assertEquals( [ [ 'badaccess-group0' ],
783 [ 'protectedpagetext', 'bogus', 'bogus' ],
784 [ 'protectedpagetext', 'protect', 'bogus' ],
785 [ 'protectedpagetext', 'protect', 'bogus' ] ],
786 $this->title->getUserPermissionsErrors( 'bogus',
787 $this->user ) );
788 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
789 [ 'protectedpagetext', 'protect', 'edit' ],
790 [ 'protectedpagetext', 'protect', 'edit' ] ],
791 $this->title->getUserPermissionsErrors( 'edit',
792 $this->user ) );
793 }
794
795 /**
796 * @covers Title::checkCascadingSourcesRestrictions
797 */
798 public function testCascadingSourcesRestrictions() {
799 $this->setTitle( NS_MAIN, "test page" );
800 $this->setUserPerm( [ "edit", "bogus" ] );
801
802 $this->title->mCascadeSources = [
803 Title::makeTitle( NS_MAIN, "Bogus" ),
804 Title::makeTitle( NS_MAIN, "UnBogus" )
805 ];
806 $this->title->mCascadingRestrictions = [
807 "bogus" => [ 'bogus', "sysop", "protect", "" ]
808 ];
809
810 $this->assertEquals( false,
811 $this->title->userCan( 'bogus', $this->user ) );
812 $this->assertEquals( [
813 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
814 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
815 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
816 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
817
818 $this->assertEquals( true,
819 $this->title->userCan( 'edit', $this->user ) );
820 $this->assertEquals( [],
821 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
822 }
823
824 /**
825 * @todo This test method should be split up into separate test methods and
826 * data providers
827 * @covers Title::checkActionPermissions
828 */
829 public function testActionPermissions() {
830 $this->setUserPerm( [ "createpage" ] );
831 $this->setTitle( NS_MAIN, "test page" );
832 $this->title->mTitleProtection['permission'] = '';
833 $this->title->mTitleProtection['user'] = $this->user->getId();
834 $this->title->mTitleProtection['expiry'] = 'infinity';
835 $this->title->mTitleProtection['reason'] = 'test';
836 $this->title->mCascadeRestriction = false;
837
838 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
839 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
840 $this->assertEquals( false,
841 $this->title->userCan( 'create', $this->user ) );
842
843 $this->title->mTitleProtection['permission'] = 'editprotected';
844 $this->setUserPerm( [ 'createpage', 'protect' ] );
845 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
846 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
847 $this->assertEquals( false,
848 $this->title->userCan( 'create', $this->user ) );
849
850 $this->setUserPerm( [ 'createpage', 'editprotected' ] );
851 $this->assertEquals( [],
852 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
853 $this->assertEquals( true,
854 $this->title->userCan( 'create', $this->user ) );
855
856 $this->setUserPerm( [ 'createpage' ] );
857 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
858 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
859 $this->assertEquals( false,
860 $this->title->userCan( 'create', $this->user ) );
861
862 $this->setTitle( NS_MEDIA, "test page" );
863 $this->setUserPerm( [ "move" ] );
864 $this->assertEquals( false,
865 $this->title->userCan( 'move', $this->user ) );
866 $this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
867 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
868
869 $this->setTitle( NS_HELP, "test page" );
870 $this->assertEquals( [],
871 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
872 $this->assertEquals( true,
873 $this->title->userCan( 'move', $this->user ) );
874
875 $this->title->mInterwiki = "no";
876 $this->assertEquals( [ [ 'immobile-source-page' ] ],
877 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
878 $this->assertEquals( false,
879 $this->title->userCan( 'move', $this->user ) );
880
881 $this->setTitle( NS_MEDIA, "test page" );
882 $this->assertEquals( false,
883 $this->title->userCan( 'move-target', $this->user ) );
884 $this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
885 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
886
887 $this->setTitle( NS_HELP, "test page" );
888 $this->assertEquals( [],
889 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
890 $this->assertEquals( true,
891 $this->title->userCan( 'move-target', $this->user ) );
892
893 $this->title->mInterwiki = "no";
894 $this->assertEquals( [ [ 'immobile-target-page' ] ],
895 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
896 $this->assertEquals( false,
897 $this->title->userCan( 'move-target', $this->user ) );
898 }
899
900 /**
901 * @covers Title::checkUserBlock
902 */
903 public function testUserBlock() {
904 $this->setMwGlobals( [
905 'wgEmailConfirmToEdit' => true,
906 'wgEmailAuthentication' => true,
907 ] );
908
909 $this->setUserPerm( [ "createpage", "move" ] );
910 $this->setTitle( NS_HELP, "test page" );
911
912 # $wgEmailConfirmToEdit only applies to 'edit' action
913 $this->assertEquals( [],
914 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
915 $this->assertContains( [ 'confirmedittext' ],
916 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
917
918 $this->setMwGlobals( 'wgEmailConfirmToEdit', false );
919 $this->assertNotContains( [ 'confirmedittext' ],
920 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
921
922 # $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
923 $this->assertEquals( [],
924 $this->title->getUserPermissionsErrors( 'move-target',
925 $this->user ) );
926
927 global $wgLang;
928 $prev = time();
929 $now = time() + 120;
930 $this->user->mBlockedby = $this->user->getId();
931 $this->user->mBlock = new Block( [
932 'address' => '127.0.8.1',
933 'by' => $this->user->getId(),
934 'reason' => 'no reason given',
935 'timestamp' => $prev + 3600,
936 'auto' => true,
937 'expiry' => 0
938 ] );
939 $this->user->mBlock->mTimestamp = 0;
940 $this->assertEquals( [ [ 'autoblockedtext',
941 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
942 'Useruser', null, 'infinite', '127.0.8.1',
943 $wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
944 $this->title->getUserPermissionsErrors( 'move-target',
945 $this->user ) );
946
947 $this->assertEquals( false, $this->title->userCan( 'move-target', $this->user ) );
948 // quickUserCan should ignore user blocks
949 $this->assertEquals( true, $this->title->quickUserCan( 'move-target', $this->user ) );
950
951 global $wgLocalTZoffset;
952 $wgLocalTZoffset = -60;
953 $this->user->mBlockedby = $this->user->getName();
954 $this->user->mBlock = new Block( [
955 'address' => '127.0.8.1',
956 'by' => $this->user->getId(),
957 'reason' => 'no reason given',
958 'timestamp' => $now,
959 'auto' => false,
960 'expiry' => 10,
961 ] );
962 $this->assertEquals( [ [ 'blockedtext',
963 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
964 'Useruser', null, '23:00, 31 December 1969', '127.0.8.1',
965 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
966 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
967 # $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
968 # $user->blockedFor() == ''
969 # $user->mBlock->mExpiry == 'infinity'
970
971 $this->user->mBlockedby = $this->user->getName();
972 $this->user->mBlock = new Block( [
973 'address' => '127.0.8.1',
974 'by' => $this->user->getId(),
975 'reason' => 'no reason given',
976 'timestamp' => $now,
977 'auto' => false,
978 'expiry' => 10,
979 'systemBlock' => 'test',
980 ] );
981 $this->assertEquals( [ [ 'systemblockedtext',
982 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
983 'Useruser', 'test', '23:00, 31 December 1969', '127.0.8.1',
984 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
985 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
986 }
987 }
Wiklou, le Wiki du Wiklou