X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=tests%2Fphpunit%2Fincludes%2Fapi%2Fquery%2FApiQueryTest.php;h=20bd8557d067cd3eb604f0815725b1b6dccd67d6;hb=a1ef77b2d80830fbcb617a83961d78cff9d6e384;hp=de8d8156f3bc1c275c112fa31edbc86ddb28a2c3;hpb=399d9c24a85b7e108ccfc51140af225c458f00b9;p=lhc%2Fweb%2Fwiklou.git

diff --git a/tests/phpunit/includes/api/query/ApiQueryTest.php b/tests/phpunit/includes/api/query/ApiQueryTest.php
index de8d8156f3..20bd8557d0 100644
--- a/tests/phpunit/includes/api/query/ApiQueryTest.php
+++ b/tests/phpunit/includes/api/query/ApiQueryTest.php
@@ -148,4 +148,28 @@ class ApiQueryTest extends ApiTestCase {
 			);
 		}
 	}
+
+	public function testShouldNotExportPagesThatUserCanNotRead() {
+		$title = Title::makeTitle( NS_MAIN, 'Test article' );
+		$this->insertPage( $title );
+
+		$this->setTemporaryHook( 'getUserPermissionsErrors',
+			function ( Title $page, &$user, $action, &$result ) use ( $title ) {
+				if ( $page->equals( $title ) && $action === 'read' ) {
+					$result = false;
+					return false;
+				}
+			} );
+
+		$data = $this->doApiRequest( [
+			'action' => 'query',
+			'titles' => $title->getPrefixedText(),
+			'export' => 1,
+		] );
+
+		$this->assertArrayHasKey( 'query', $data[0] );
+		$this->assertArrayHasKey( 'export', $data[0]['query'] );
+		// This response field contains an XML document even if no pages were exported
+		$this->assertNotContains( $title->getPrefixedText(), $data[0]['query']['export'] );
+	}
 }