* @group Database
*/
class BotPasswordTest extends MediaWikiTestCase {
+
+ /** @var TestUser */
+ private $testUser;
+
+ /** @var string */
+ private $testUserName;
+
protected function setUp() {
parent::setUp();
'wgUserrightsInterwikiDelimiter' => '@',
] );
+ $this->testUser = $this->getMutableTestUser();
+ $this->testUserName = $this->testUser->getUser()->getName();
+
$mock1 = $this->getMockForAbstractClass( 'CentralIdLookup' );
$mock1->expects( $this->any() )->method( 'isAttached' )
->will( $this->returnValue( true ) );
$mock1->expects( $this->any() )->method( 'lookupUserNames' )
- ->will( $this->returnValue( [ 'UTSysop' => 42, 'UTDummy' => 43, 'UTInvalid' => 0 ] ) );
+ ->will( $this->returnValue( [ $this->testUserName => 42, 'UTDummy' => 43, 'UTInvalid' => 0 ] ) );
$mock1->expects( $this->never() )->method( 'lookupCentralIds' );
$mock2 = $this->getMockForAbstractClass( 'CentralIdLookup' );
public function addDBData() {
$passwordFactory = new \PasswordFactory();
$passwordFactory->init( \RequestContext::getMain()->getConfig() );
- // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
- $passwordFactory->setDefaultType( 'A' );
- $pwhash = $passwordFactory->newFromPlaintext( 'foobaz' );
+ $passwordHash = $passwordFactory->newFromPlaintext( 'foobaz' );
$dbw = wfGetDB( DB_MASTER );
$dbw->delete(
[
'bp_user' => 42,
'bp_app_id' => 'BotPassword',
- 'bp_password' => $pwhash->toString(),
+ 'bp_password' => $passwordHash->toString(),
'bp_token' => 'token!',
'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}',
'bp_grants' => '["test"]',
[
'bp_user' => 43,
'bp_app_id' => 'BotPassword',
- 'bp_password' => $pwhash->toString(),
+ 'bp_password' => $passwordHash->toString(),
'bp_token' => 'token!',
'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}',
'bp_grants' => '["test"]',
}
public function testBasics() {
- $user = User::newFromName( 'UTSysop' );
+ $user = $this->testUser->getUser();
$bp = BotPassword::newFromUser( $user, 'BotPassword' );
$this->assertInstanceOf( 'BotPassword', $bp );
$this->assertTrue( $bp->isSaved() );
}
public function testUnsaved() {
- $user = User::newFromName( 'UTSysop' );
+ $user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved( [
'user' => $user,
'appId' => 'DoesNotExist'
$this->assertEquals( '{"IPAddresses":["127.0.0.0/8"]}', $bp->getRestrictions()->toJson() );
$this->assertSame( [ 'test' ], $bp->getGrants() );
- $user = User::newFromName( 'UTSysop' );
+ $user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved( [
'centralId' => 45,
'appId' => 'DoesNotExist'
$this->assertSame( 45, $bp->getUserCentralId() );
$this->assertSame( 'DoesNotExist', $bp->getAppId() );
- $user = User::newFromName( 'UTSysop' );
+ $user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved( [
'user' => $user,
'appId' => 'BotPassword'
'appId' => str_repeat( 'X', BotPassword::APPID_MAXLENGTH + 1 ),
] ) );
$this->assertNull( BotPassword::newUnsaved( [
- 'user' => 'UTSysop',
+ 'user' => $this->testUserName,
'appId' => 'Ok',
] ) );
$this->assertNull( BotPassword::newUnsaved( [
$this->assertNotInstanceOf( 'InvalidPassword', $bp1->getPassword(), 'sanity check' );
$this->assertNotInstanceOf( 'InvalidPassword', $bp2->getPassword(), 'sanity check' );
- BotPassword::invalidateAllPasswordsForUser( 'UTSysop' );
+ BotPassword::invalidateAllPasswordsForUser( $this->testUserName );
$this->assertInstanceOf( 'InvalidPassword', $bp1->getPassword() );
$this->assertNotInstanceOf( 'InvalidPassword', $bp2->getPassword() );
$this->assertNotNull( BotPassword::newFromCentralId( 42, 'BotPassword' ), 'sanity check' );
$this->assertNotNull( BotPassword::newFromCentralId( 43, 'BotPassword' ), 'sanity check' );
- BotPassword::removeAllPasswordsForUser( 'UTSysop' );
+ BotPassword::removeAllPasswordsForUser( $this->testUserName );
$this->assertNull( BotPassword::newFromCentralId( 42, 'BotPassword' ) );
$this->assertNotNull( BotPassword::newFromCentralId( 43, 'BotPassword' ) );
public function testLogin() {
// Test failure when bot passwords aren't enabled
$this->setMwGlobals( 'wgEnableBotPasswords', false );
- $status = BotPassword::login( 'UTSysop@BotPassword', 'foobaz', new FauxRequest );
+ $status = BotPassword::login( "{$this->testUserName}@BotPassword", 'foobaz', new FauxRequest );
$this->assertEquals( Status::newFatal( 'botpasswords-disabled' ), $status );
$this->setMwGlobals( 'wgEnableBotPasswords', true );
$manager->getProvider( MediaWiki\Session\BotPasswordSessionProvider::class ),
'sanity check'
);
- $status = BotPassword::login( 'UTSysop@BotPassword', 'foobaz', new FauxRequest );
+ $status = BotPassword::login( "{$this->testUserName}@BotPassword", 'foobaz', new FauxRequest );
$this->assertEquals( Status::newFatal( 'botpasswords-no-provider' ), $status );
ScopedCallback::consume( $reset );
$reset = MediaWiki\Session\TestUtils::setSessionManagerSingleton( $manager );
// No "@"-thing in the username
- $status = BotPassword::login( 'UTSysop', 'foobaz', new FauxRequest );
+ $status = BotPassword::login( $this->testUserName, 'foobaz', new FauxRequest );
$this->assertEquals( Status::newFatal( 'botpasswords-invalid-name', '@' ), $status );
// No base user
$this->assertEquals( Status::newFatal( 'nosuchuser', 'UTDummy' ), $status );
// No bot password
- $status = BotPassword::login( 'UTSysop@DoesNotExist', 'foobaz', new FauxRequest );
+ $status = BotPassword::login( "{$this->testUserName}@DoesNotExist", 'foobaz', new FauxRequest );
$this->assertEquals(
- Status::newFatal( 'botpasswords-not-exist', 'UTSysop', 'DoesNotExist' ),
+ Status::newFatal( 'botpasswords-not-exist', $this->testUserName, 'DoesNotExist' ),
$status
);
$request = $this->getMock( 'FauxRequest', [ 'getIP' ] );
$request->expects( $this->any() )->method( 'getIP' )
->will( $this->returnValue( '10.0.0.1' ) );
- $status = BotPassword::login( 'UTSysop@BotPassword', 'foobaz', $request );
+ $status = BotPassword::login( "{$this->testUserName}@BotPassword", 'foobaz', $request );
$this->assertEquals( Status::newFatal( 'botpasswords-restriction-failed' ), $status );
// Wrong password
- $status = BotPassword::login( 'UTSysop@BotPassword', 'UTSysopPassword', new FauxRequest );
+ $status = BotPassword::login(
+ "{$this->testUserName}@BotPassword", $this->testUser->getPassword(), new FauxRequest );
$this->assertEquals( Status::newFatal( 'wrongpassword' ), $status );
// Success!
$request->getSession()->getProvider(),
'sanity check'
);
- $status = BotPassword::login( 'UTSysop@BotPassword', 'foobaz', $request );
+ $status = BotPassword::login( "{$this->testUserName}@BotPassword", 'foobaz', $request );
$this->assertInstanceOf( 'Status', $status );
$this->assertTrue( $status->isGood() );
$session = $status->getValue();
public function testSave( $password ) {
$passwordFactory = new \PasswordFactory();
$passwordFactory->init( \RequestContext::getMain()->getConfig() );
- // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
- $passwordFactory->setDefaultType( 'A' );
$bp = BotPassword::newUnsaved( [
'centralId' => 42,
BotPassword::newFromCentralId( 42, 'TestSave', BotPassword::READ_LATEST ), 'sanity check'
);
- $pwhash = $password ? $passwordFactory->newFromPlaintext( $password ) : null;
- $this->assertFalse( $bp->save( 'update', $pwhash ) );
- $this->assertTrue( $bp->save( 'insert', $pwhash ) );
+ $passwordHash = $password ? $passwordFactory->newFromPlaintext( $password ) : null;
+ $this->assertFalse( $bp->save( 'update', $passwordHash ) );
+ $this->assertTrue( $bp->save( 'insert', $passwordHash ) );
$bp2 = BotPassword::newFromCentralId( 42, 'TestSave', BotPassword::READ_LATEST );
$this->assertInstanceOf( 'BotPassword', $bp2 );
$this->assertEquals( $bp->getUserCentralId(), $bp2->getUserCentralId() );
$this->assertTrue( $pw->equals( $password ) );
}
- $pwhash = $passwordFactory->newFromPlaintext( 'XXX' );
+ $passwordHash = $passwordFactory->newFromPlaintext( 'XXX' );
$token = $bp->getToken();
- $this->assertTrue( $bp->save( 'update', $pwhash ) );
+ $this->assertTrue( $bp->save( 'update', $passwordHash ) );
$this->assertNotEquals( $token, $bp->getToken() );
$pw = TestingAccessWrapper::newFromObject( $bp )->getPassword();
$this->assertTrue( $pw->equals( 'XXX' ) );
dépôts / lhc / web / wiklou.git / blobdiff