dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "rdbms: add setTempTablesOnlyMode() to suppress CONN_TRX_AUTOCOMMIT during...
[lhc/web/wiklou.git] / tests / phpunit / includes / Rest / BasicAccess / MWBasicRequestAuthorizerTest.php
1 <?php
2
3 namespace MediaWiki\Tests\Rest\BasicAccess;
4
5 use GuzzleHttp\Psr7\Uri;
6 use MediaWiki\MediaWikiServices;
7 use MediaWiki\Rest\BasicAccess\MWBasicAuthorizer;
8 use MediaWiki\Rest\Handler;
9 use MediaWiki\Rest\RequestData;
10 use MediaWiki\Rest\ResponseFactory;
11 use MediaWiki\Rest\Router;
12 use MediaWikiTestCase;
13 use User;
14
15 /**
16 * @group Database
17 *
18 * @covers \MediaWiki\Rest\BasicAccess\BasicAuthorizerBase
19 * @covers \MediaWiki\Rest\BasicAccess\MWBasicAuthorizer
20 * @covers \MediaWiki\Rest\BasicAccess\BasicRequestAuthorizer
21 * @covers \MediaWiki\Rest\BasicAccess\MWBasicRequestAuthorizer
22 */
23 class MWBasicRequestAuthorizerTest extends MediaWikiTestCase {
24 private function createRouter( $userRights ) {
25 $user = User::newFromName( 'Test user' );
26 // Don't allow the rights to everybody so that user rights kick in.
27 $this->mergeMwGlobalArrayValue( 'wgGroupPermissions', [ '*' => $userRights ] );
28 $this->resetServices();
29 $this->overrideUserPermissions(
30 $user,
31 array_keys( array_filter( $userRights ), function ( $value ) {
32 return $value === true;
33 } )
34 );
35
36 global $IP;
37
38 return new Router(
39 [ "$IP/tests/phpunit/unit/includes/Rest/testRoutes.json" ],
40 [],
41 '/rest',
42 new \EmptyBagOStuff(),
43 new ResponseFactory(),
44 new MWBasicAuthorizer( $user, MediaWikiServices::getInstance()->getPermissionManager() ) );
45 }
46
47 public function testReadDenied() {
48 $router = $this->createRouter( [ 'read' => false ] );
49 $request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] );
50 $response = $router->execute( $request );
51 $this->assertSame( 403, $response->getStatusCode() );
52
53 $body = $response->getBody();
54 $body->rewind();
55 $data = json_decode( $body->getContents(), true );
56 $this->assertSame( 'rest-read-denied', $data['error'] );
57 }
58
59 public function testReadAllowed() {
60 $router = $this->createRouter( [ 'read' => true ] );
61 $request = new RequestData( [ 'uri' => new Uri( '/rest/user/joe/hello' ) ] );
62 $response = $router->execute( $request );
63 $this->assertSame( 200, $response->getStatusCode() );
64 }
65
66 public static function writeHandlerFactory() {
67 return new class extends Handler {
68 public function needsWriteAccess() {
69 return true;
70 }
71
72 public function execute() {
73 return '';
74 }
75 };
76 }
77
78 public function testWriteDenied() {
79 $router = $this->createRouter( [ 'read' => true, 'writeapi' => false ] );
80 $request = new RequestData( [
81 'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' )
82 ] );
83 $response = $router->execute( $request );
84 $this->assertSame( 403, $response->getStatusCode() );
85
86 $body = $response->getBody();
87 $body->rewind();
88 $data = json_decode( $body->getContents(), true );
89 $this->assertSame( 'rest-write-denied', $data['error'] );
90 }
91
92 public function testWriteAllowed() {
93 $router = $this->createRouter( [ 'read' => true, 'writeapi' => true ] );
94 $request = new RequestData( [
95 'uri' => new Uri( '/rest/mock/MWBasicRequestAuthorizerTest/write' )
96 ] );
97 $response = $router->execute( $request );
98
99 $this->assertSame( 200, $response->getStatusCode() );
100 }
101 }
Wiklou, le Wiki du Wiklou