testUser = $user; $this->testUserRights = $userRights; } public function userHasRight( UserIdentity $user, $action = '' ) { if ( $user === $this->testUser ) { return $this->testUserRights[$action] ?? false; } return parent::userHasRight( $user, $action ); } }; global $IP; return new Router( [ "$IP/tests/phpunit/unit/includes/Rest/testRoutes.json" ], [], '/rest', new \EmptyBagOStuff(), new ResponseFactory(), new MWBasicAuthorizer( $user, $pm ) ); } public function testReadDenied() { $router = $this->createRouter( [ 'read' => false ] ); $request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] ); $response = $router->execute( $request ); $this->assertSame( 403, $response->getStatusCode() ); $body = $response->getBody(); $body->rewind(); $data = json_decode( $body->getContents(), true ); $this->assertSame( 'rest-read-denied', $data['error'] ); } public function testReadAllowed() { $router = $this->createRouter( [ 'read' => true ] ); $request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] ); $response = $router->execute( $request ); $this->assertSame( 200, $response->getStatusCode() ); } public static function writeHandlerFactory() { return new class extends Handler { public function needsWriteAccess() { return true; } public function execute() { return ''; } }; } public function testWriteDenied() { $router = $this->createRouter( [ 'read' => true, 'writeapi' => false ] ); $request = new RequestData( [ 'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' ) ] ); $response = $router->execute( $request ); $this->assertSame( 403, $response->getStatusCode() ); $body = $response->getBody(); $body->rewind(); $data = json_decode( $body->getContents(), true ); $this->assertSame( 'rest-write-denied', $data['error'] ); } public function testWriteAllowed() { $router = $this->createRouter( [ 'read' => true, 'writeapi' => true ] ); $request = new RequestData( [ 'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' ) ] ); $response = $router->execute( $request ); $this->assertSame( 200, $response->getStatusCode() ); } }