dépôts / lhc / web / wiklou.git / blob
? search:


63803cc5b6ad07b382d2f5f9ae9596e4138d4ebd
[lhc/web/wiklou.git] / tests / phpunit / includes / TitlePermissionTest.php
1 <?php
2
3 use MediaWiki\MediaWikiServices;
4
5 /**
6 * @group Database
7 *
8 * @covers Title::getUserPermissionsErrors
9 * @covers Title::getUserPermissionsErrorsInternal
10 */
11 class TitlePermissionTest extends MediaWikiLangTestCase {
12
13 /**
14 * @var string
15 */
16 protected $userName, $altUserName;
17
18 /**
19 * @var Title
20 */
21 protected $title;
22
23 /**
24 * @var User
25 */
26 protected $user, $anonUser, $userUser, $altUser;
27
28 protected function setUp() {
29 parent::setUp();
30
31 $localZone = 'UTC';
32 $localOffset = date( 'Z' ) / 60;
33
34 $this->setMwGlobals( [
35 'wgLocaltimezone' => $localZone,
36 'wgLocalTZoffset' => $localOffset,
37 'wgNamespaceProtection' => [
38 NS_MEDIAWIKI => 'editinterface',
39 ],
40 ] );
41 // Without this testUserBlock will use a non-English context on non-English MediaWiki
42 // installations (because of how Title::checkUserBlock is implemented) and fail.
43 RequestContext::resetMain();
44
45 $this->userName = 'Useruser';
46 $this->altUserName = 'Altuseruser';
47 date_default_timezone_set( $localZone );
48
49 $this->title = Title::makeTitle( NS_MAIN, "Main Page" );
50 if ( !isset( $this->userUser ) || !( $this->userUser instanceof User ) ) {
51 $this->userUser = User::newFromName( $this->userName );
52
53 if ( !$this->userUser->getId() ) {
54 $this->userUser = User::createNew( $this->userName, [
55 "email" => "test@example.com",
56 "real_name" => "Test User" ] );
57 $this->userUser->load();
58 }
59
60 $this->altUser = User::newFromName( $this->altUserName );
61 if ( !$this->altUser->getId() ) {
62 $this->altUser = User::createNew( $this->altUserName, [
63 "email" => "alttest@example.com",
64 "real_name" => "Test User Alt" ] );
65 $this->altUser->load();
66 }
67
68 $this->anonUser = User::newFromId( 0 );
69
70 $this->user = $this->userUser;
71 }
72 $this->overrideMwServices();
73 }
74
75 protected function setUserPerm( $perm ) {
76 // Setting member variables is evil!!!
77
78 if ( is_array( $perm ) ) {
79 $this->user->mRights = $perm;
80 } else {
81 $this->user->mRights = [ $perm ];
82 }
83 }
84
85 protected function setTitle( $ns, $title = "Main_Page" ) {
86 $this->title = Title::makeTitle( $ns, $title );
87 }
88
89 protected function setUser( $userName = null ) {
90 if ( $userName === 'anon' ) {
91 $this->user = $this->anonUser;
92 } elseif ( $userName === null || $userName === $this->userName ) {
93 $this->user = $this->userUser;
94 } else {
95 $this->user = $this->altUser;
96 }
97 }
98
99 /**
100 * @todo This test method should be split up into separate test methods and
101 * data providers
102 * @covers Title::checkQuickPermissions
103 */
104 public function testQuickPermissions() {
105 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
106 getFormattedNsText( NS_PROJECT );
107
108 $this->setUser( 'anon' );
109 $this->setTitle( NS_TALK );
110 $this->setUserPerm( "createtalk" );
111 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
112 $this->assertEquals( [], $res );
113
114 $this->setTitle( NS_TALK );
115 $this->setUserPerm( "createpage" );
116 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
117 $this->assertEquals( [ [ "nocreatetext" ] ], $res );
118
119 $this->setTitle( NS_TALK );
120 $this->setUserPerm( "" );
121 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
122 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
123
124 $this->setTitle( NS_MAIN );
125 $this->setUserPerm( "createpage" );
126 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
127 $this->assertEquals( [], $res );
128
129 $this->setTitle( NS_MAIN );
130 $this->setUserPerm( "createtalk" );
131 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
132 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
133
134 $this->setUser( $this->userName );
135 $this->setTitle( NS_TALK );
136 $this->setUserPerm( "createtalk" );
137 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
138 $this->assertEquals( [], $res );
139
140 $this->setTitle( NS_TALK );
141 $this->setUserPerm( "createpage" );
142 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
143 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
144
145 $this->setTitle( NS_TALK );
146 $this->setUserPerm( "" );
147 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
148 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
149
150 $this->setTitle( NS_MAIN );
151 $this->setUserPerm( "createpage" );
152 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
153 $this->assertEquals( [], $res );
154
155 $this->setTitle( NS_MAIN );
156 $this->setUserPerm( "createtalk" );
157 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
158 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
159
160 $this->setTitle( NS_MAIN );
161 $this->setUserPerm( "" );
162 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
163 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
164
165 $this->setUser( 'anon' );
166 $this->setTitle( NS_USER, $this->userName . '' );
167 $this->setUserPerm( "" );
168 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
169 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
170
171 $this->setTitle( NS_USER, $this->userName . '/subpage' );
172 $this->setUserPerm( "" );
173 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
174 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
175
176 $this->setTitle( NS_USER, $this->userName . '' );
177 $this->setUserPerm( "move-rootuserpages" );
178 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
179 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
180
181 $this->setTitle( NS_USER, $this->userName . '/subpage' );
182 $this->setUserPerm( "move-rootuserpages" );
183 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
184 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
185
186 $this->setTitle( NS_USER, $this->userName . '' );
187 $this->setUserPerm( "" );
188 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
189 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
190
191 $this->setTitle( NS_USER, $this->userName . '/subpage' );
192 $this->setUserPerm( "" );
193 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
194 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
195
196 $this->setTitle( NS_USER, $this->userName . '' );
197 $this->setUserPerm( "move-rootuserpages" );
198 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
199 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
200
201 $this->setTitle( NS_USER, $this->userName . '/subpage' );
202 $this->setUserPerm( "move-rootuserpages" );
203 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
204 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
205
206 $this->setUser( $this->userName );
207 $this->setTitle( NS_FILE, "img.png" );
208 $this->setUserPerm( "" );
209 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
210 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
211
212 $this->setTitle( NS_FILE, "img.png" );
213 $this->setUserPerm( "movefile" );
214 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
215 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
216
217 $this->setUser( 'anon' );
218 $this->setTitle( NS_FILE, "img.png" );
219 $this->setUserPerm( "" );
220 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
221 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
222
223 $this->setTitle( NS_FILE, "img.png" );
224 $this->setUserPerm( "movefile" );
225 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
226 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
227
228 $this->setUser( $this->userName );
229 $this->setUserPerm( "move" );
230 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
231
232 $this->setUserPerm( "" );
233 $this->runGroupPermissions(
234 'move',
235 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
236 );
237
238 $this->setUser( 'anon' );
239 $this->setUserPerm( "move" );
240 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
241
242 $this->setUserPerm( "" );
243 $this->runGroupPermissions(
244 'move',
245 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
246 [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
247 );
248
249 if ( $this->isWikitextNS( NS_MAIN ) ) {
250 // NOTE: some content models don't allow moving
251 // @todo find a Wikitext namespace for testing
252
253 $this->setTitle( NS_MAIN );
254 $this->setUser( 'anon' );
255 $this->setUserPerm( "move" );
256 $this->runGroupPermissions( 'move', [] );
257
258 $this->setUserPerm( "" );
259 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
260 [ [ 'movenologintext' ] ] );
261
262 $this->setUser( $this->userName );
263 $this->setUserPerm( "" );
264 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
265
266 $this->setUserPerm( "move" );
267 $this->runGroupPermissions( 'move', [] );
268
269 $this->setUser( 'anon' );
270 $this->setUserPerm( 'move' );
271 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
272 $this->assertEquals( [], $res );
273
274 $this->setUserPerm( '' );
275 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
276 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
277 }
278
279 $this->setTitle( NS_USER );
280 $this->setUser( $this->userName );
281 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
282 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
283 $this->assertEquals( [], $res );
284
285 $this->setUserPerm( "move" );
286 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
287 $this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
288
289 $this->setUser( 'anon' );
290 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
291 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
292 $this->assertEquals( [], $res );
293
294 $this->setTitle( NS_USER, "User/subpage" );
295 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
296 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
297 $this->assertEquals( [], $res );
298
299 $this->setUserPerm( "move" );
300 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
301 $this->assertEquals( [], $res );
302
303 $this->setUser( 'anon' );
304 $check = [
305 'edit' => [
306 [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ] ],
307 [ [ 'badaccess-group0' ] ],
308 [],
309 true
310 ],
311 'protect' => [
312 [ [
313 'badaccess-groups',
314 "[[$prefix:Administrators|Administrators]]", 1 ],
315 [ 'protect-cantedit'
316 ] ],
317 [ [ 'badaccess-group0' ], [ 'protect-cantedit' ] ],
318 [ [ 'protect-cantedit' ] ],
319 false
320 ],
321 '' => [ [], [], [], true ]
322 ];
323
324 foreach ( [ "edit", "protect", "" ] as $action ) {
325 $this->setUserPerm( null );
326 $this->assertEquals( $check[$action][0],
327 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
328 $this->assertEquals( $check[$action][0],
329 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
330 $this->assertEquals( $check[$action][0],
331 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
332
333 global $wgGroupPermissions;
334 $old = $wgGroupPermissions;
335 $wgGroupPermissions = [];
336
337 $this->assertEquals( $check[$action][1],
338 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
339 $this->assertEquals( $check[$action][1],
340 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
341 $this->assertEquals( $check[$action][1],
342 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
343 $wgGroupPermissions = $old;
344
345 $this->setUserPerm( $action );
346 $this->assertEquals( $check[$action][2],
347 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
348 $this->assertEquals( $check[$action][2],
349 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
350 $this->assertEquals( $check[$action][2],
351 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
352
353 $this->setUserPerm( $action );
354 $this->assertEquals( $check[$action][3],
355 $this->title->userCan( $action, $this->user, true ) );
356 $this->assertEquals( $check[$action][3],
357 $this->title->quickUserCan( $action, $this->user ) );
358 # count( User::getGroupsWithPermissions( $action ) ) < 1
359 }
360 }
361
362 protected function runGroupPermissions( $action, $result, $result2 = null ) {
363 global $wgGroupPermissions;
364
365 if ( $result2 === null ) {
366 $result2 = $result;
367 }
368
369 $wgGroupPermissions['autoconfirmed']['move'] = false;
370 $wgGroupPermissions['user']['move'] = false;
371 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
372 $this->assertEquals( $result, $res );
373
374 $wgGroupPermissions['autoconfirmed']['move'] = true;
375 $wgGroupPermissions['user']['move'] = false;
376 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
377 $this->assertEquals( $result2, $res );
378
379 $wgGroupPermissions['autoconfirmed']['move'] = true;
380 $wgGroupPermissions['user']['move'] = true;
381 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
382 $this->assertEquals( $result2, $res );
383
384 $wgGroupPermissions['autoconfirmed']['move'] = false;
385 $wgGroupPermissions['user']['move'] = true;
386 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
387 $this->assertEquals( $result2, $res );
388 }
389
390 /**
391 * @todo This test method should be split up into separate test methods and
392 * data providers
393 * @covers Title::checkSpecialsAndNSPermissions
394 */
395 public function testSpecialsAndNSPermissions() {
396 global $wgNamespaceProtection;
397 $this->setUser( $this->userName );
398
399 $this->setTitle( NS_SPECIAL );
400
401 $this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
402 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
403
404 $this->setTitle( NS_MAIN );
405 $this->setUserPerm( 'bogus' );
406 $this->assertEquals( [],
407 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
408
409 $this->setTitle( NS_MAIN );
410 $this->setUserPerm( '' );
411 $this->assertEquals( [ [ 'badaccess-group0' ] ],
412 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
413
414 $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
415
416 $this->setTitle( NS_USER );
417 $this->setUserPerm( '' );
418 $this->assertEquals( [ [ 'badaccess-group0' ],
419 [ 'namespaceprotected', 'User', 'bogus' ] ],
420 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
421
422 $this->setTitle( NS_MEDIAWIKI );
423 $this->setUserPerm( 'bogus' );
424 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
425 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
426
427 $this->setTitle( NS_MEDIAWIKI );
428 $this->setUserPerm( 'bogus' );
429 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
430 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
431
432 $wgNamespaceProtection = null;
433
434 $this->setUserPerm( 'bogus' );
435 $this->assertEquals( [],
436 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
437 $this->assertEquals( true,
438 $this->title->userCan( 'bogus', $this->user ) );
439
440 $this->setUserPerm( '' );
441 $this->assertEquals( [ [ 'badaccess-group0' ] ],
442 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
443 $this->assertEquals( false,
444 $this->title->userCan( 'bogus', $this->user ) );
445 }
446
447 /**
448 * @todo This test method should be split up into separate test methods and
449 * data providers
450 * @covers Title::checkUserConfigPermissions
451 */
452 public function testJsConfigEditPermissions() {
453 $this->setUser( $this->userName );
454
455 $this->setTitle( NS_USER, $this->userName . '/test.js' );
456 $this->runConfigEditPermissions(
457 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
458
459 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
460 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
461 [ [ 'badaccess-group0' ] ],
462
463 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
464 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
465 [ [ 'badaccess-group0' ] ]
466 );
467 }
468
469 /**
470 * @todo This test method should be split up into separate test methods and
471 * data providers
472 * @covers Title::checkUserConfigPermissions
473 */
474 public function testJsonConfigEditPermissions() {
475 $this->setUser( $this->userName );
476
477 $this->setTitle( NS_USER, $this->userName . '/test.json' );
478 $this->runConfigEditPermissions(
479 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
480
481 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
482 [ [ 'badaccess-group0' ] ],
483 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
484
485 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
486 [ [ 'badaccess-group0' ] ],
487 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ]
488 );
489 }
490
491 /**
492 * @todo This test method should be split up into separate test methods and
493 * data providers
494 * @covers Title::checkUserConfigPermissions
495 */
496 public function testCssConfigEditPermissions() {
497 $this->setUser( $this->userName );
498
499 $this->setTitle( NS_USER, $this->userName . '/test.css' );
500 $this->runConfigEditPermissions(
501 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
502
503 [ [ 'badaccess-group0' ] ],
504 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
505 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
506
507 [ [ 'badaccess-group0' ] ],
508 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
509 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ]
510 );
511 }
512
513 /**
514 * @todo This test method should be split up into separate test methods and
515 * data providers
516 * @covers Title::checkUserConfigPermissions
517 */
518 public function testOtherJsConfigEditPermissions() {
519 $this->setUser( $this->userName );
520
521 $this->setTitle( NS_USER, $this->altUserName . '/test.js' );
522 $this->runConfigEditPermissions(
523 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
524
525 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
526 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
527 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
528
529 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
530 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
531 [ [ 'badaccess-group0' ] ]
532 );
533 }
534
535 /**
536 * @todo This test method should be split up into separate test methods and
537 * data providers
538 * @covers Title::checkUserConfigPermissions
539 */
540 public function testOtherJsonConfigEditPermissions() {
541 $this->setUser( $this->userName );
542
543 $this->setTitle( NS_USER, $this->altUserName . '/test.json' );
544 $this->runConfigEditPermissions(
545 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
546
547 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
548 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
549 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
550
551 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
552 [ [ 'badaccess-group0' ] ],
553 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ]
554 );
555 }
556
557 /**
558 * @todo This test method should be split up into separate test methods and
559 * data providers
560 * @covers Title::checkUserConfigPermissions
561 */
562 public function testOtherCssConfigEditPermissions() {
563 $this->setUser( $this->userName );
564
565 $this->setTitle( NS_USER, $this->altUserName . '/test.css' );
566 $this->runConfigEditPermissions(
567 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
568
569 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
570 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
571 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
572
573 [ [ 'badaccess-group0' ] ],
574 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
575 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ]
576 );
577 }
578
579 /**
580 * @todo This test method should be split up into separate test methods and
581 * data providers
582 * @covers Title::checkUserConfigPermissions
583 */
584 public function testOtherNonConfigEditPermissions() {
585 $this->setUser( $this->userName );
586
587 $this->setTitle( NS_USER, $this->altUserName . '/tempo' );
588 $this->runConfigEditPermissions(
589 [ [ 'badaccess-group0' ] ],
590
591 [ [ 'badaccess-group0' ] ],
592 [ [ 'badaccess-group0' ] ],
593 [ [ 'badaccess-group0' ] ],
594
595 [ [ 'badaccess-group0' ] ],
596 [ [ 'badaccess-group0' ] ],
597 [ [ 'badaccess-group0' ] ]
598 );
599 }
600
601 protected function runConfigEditPermissions(
602 $resultNone,
603 $resultMyCss,
604 $resultMyJson,
605 $resultMyJs,
606 $resultUserCss,
607 $resultUserJson,
608 $resultUserJs
609 ) {
610 $this->setUserPerm( '' );
611 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
612 $this->assertEquals( $resultNone, $result );
613
614 $this->setUserPerm( 'editmyusercss' );
615 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
616 $this->assertEquals( $resultMyCss, $result );
617
618 $this->setUserPerm( 'editmyuserjson' );
619 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
620 $this->assertEquals( $resultMyJson, $result );
621
622 $this->setUserPerm( 'editmyuserjs' );
623 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
624 $this->assertEquals( $resultMyJs, $result );
625
626 $this->setUserPerm( 'editusercss' );
627 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
628 $this->assertEquals( $resultUserCss, $result );
629
630 $this->setUserPerm( 'edituserjson' );
631 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
632 $this->assertEquals( $resultUserJson, $result );
633
634 $this->setUserPerm( 'edituserjs' );
635 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
636 $this->assertEquals( $resultUserJs, $result );
637
638 $this->setUserPerm( [ 'edituserjs', 'edituserjson', 'editusercss' ] );
639 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
640 $this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
641 }
642
643 /**
644 * @todo This test method should be split up into separate test methods and
645 * data providers
646 * @covers Title::checkPageRestrictions
647 */
648 public function testPageRestrictions() {
649 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
650 getFormattedNsText( NS_PROJECT );
651
652 $this->setTitle( NS_MAIN );
653 $this->title->mRestrictionsLoaded = true;
654 $this->setUserPerm( "edit" );
655 $this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
656
657 $this->assertEquals( [],
658 $this->title->getUserPermissionsErrors( 'edit',
659 $this->user ) );
660
661 $this->assertEquals( true,
662 $this->title->quickUserCan( 'edit', $this->user ) );
663 $this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
664 "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
665
666 $this->assertEquals( [ [ 'badaccess-group0' ],
667 [ 'protectedpagetext', 'bogus', 'bogus' ],
668 [ 'protectedpagetext', 'editprotected', 'bogus' ],
669 [ 'protectedpagetext', 'protect', 'bogus' ] ],
670 $this->title->getUserPermissionsErrors( 'bogus',
671 $this->user ) );
672 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
673 [ 'protectedpagetext', 'editprotected', 'edit' ],
674 [ 'protectedpagetext', 'protect', 'edit' ] ],
675 $this->title->getUserPermissionsErrors( 'edit',
676 $this->user ) );
677 $this->setUserPerm( "" );
678 $this->assertEquals( [ [ 'badaccess-group0' ],
679 [ 'protectedpagetext', 'bogus', 'bogus' ],
680 [ 'protectedpagetext', 'editprotected', 'bogus' ],
681 [ 'protectedpagetext', 'protect', 'bogus' ] ],
682 $this->title->getUserPermissionsErrors( 'bogus',
683 $this->user ) );
684 $this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
685 [ 'protectedpagetext', 'bogus', 'edit' ],
686 [ 'protectedpagetext', 'editprotected', 'edit' ],
687 [ 'protectedpagetext', 'protect', 'edit' ] ],
688 $this->title->getUserPermissionsErrors( 'edit',
689 $this->user ) );
690 $this->setUserPerm( [ "edit", "editprotected" ] );
691 $this->assertEquals( [ [ 'badaccess-group0' ],
692 [ 'protectedpagetext', 'bogus', 'bogus' ],
693 [ 'protectedpagetext', 'protect', 'bogus' ] ],
694 $this->title->getUserPermissionsErrors( 'bogus',
695 $this->user ) );
696 $this->assertEquals( [
697 [ 'protectedpagetext', 'bogus', 'edit' ],
698 [ 'protectedpagetext', 'protect', 'edit' ] ],
699 $this->title->getUserPermissionsErrors( 'edit',
700 $this->user ) );
701
702 $this->title->mCascadeRestriction = true;
703 $this->setUserPerm( "edit" );
704 $this->assertEquals( false,
705 $this->title->quickUserCan( 'bogus', $this->user ) );
706 $this->assertEquals( false,
707 $this->title->quickUserCan( 'edit', $this->user ) );
708 $this->assertEquals( [ [ 'badaccess-group0' ],
709 [ 'protectedpagetext', 'bogus', 'bogus' ],
710 [ 'protectedpagetext', 'editprotected', 'bogus' ],
711 [ 'protectedpagetext', 'protect', 'bogus' ] ],
712 $this->title->getUserPermissionsErrors( 'bogus',
713 $this->user ) );
714 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
715 [ 'protectedpagetext', 'editprotected', 'edit' ],
716 [ 'protectedpagetext', 'protect', 'edit' ] ],
717 $this->title->getUserPermissionsErrors( 'edit',
718 $this->user ) );
719
720 $this->setUserPerm( [ "edit", "editprotected" ] );
721 $this->assertEquals( false,
722 $this->title->quickUserCan( 'bogus', $this->user ) );
723 $this->assertEquals( false,
724 $this->title->quickUserCan( 'edit', $this->user ) );
725 $this->assertEquals( [ [ 'badaccess-group0' ],
726 [ 'protectedpagetext', 'bogus', 'bogus' ],
727 [ 'protectedpagetext', 'protect', 'bogus' ],
728 [ 'protectedpagetext', 'protect', 'bogus' ] ],
729 $this->title->getUserPermissionsErrors( 'bogus',
730 $this->user ) );
731 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
732 [ 'protectedpagetext', 'protect', 'edit' ],
733 [ 'protectedpagetext', 'protect', 'edit' ] ],
734 $this->title->getUserPermissionsErrors( 'edit',
735 $this->user ) );
736 }
737
738 /**
739 * @covers Title::checkCascadingSourcesRestrictions
740 */
741 public function testCascadingSourcesRestrictions() {
742 $this->setTitle( NS_MAIN, "test page" );
743 $this->setUserPerm( [ "edit", "bogus" ] );
744
745 $this->title->mCascadeSources = [
746 Title::makeTitle( NS_MAIN, "Bogus" ),
747 Title::makeTitle( NS_MAIN, "UnBogus" )
748 ];
749 $this->title->mCascadingRestrictions = [
750 "bogus" => [ 'bogus', "sysop", "protect", "" ]
751 ];
752
753 $this->assertEquals( false,
754 $this->title->userCan( 'bogus', $this->user ) );
755 $this->assertEquals( [
756 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
757 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
758 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
759 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
760
761 $this->assertEquals( true,
762 $this->title->userCan( 'edit', $this->user ) );
763 $this->assertEquals( [],
764 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
765 }
766
767 /**
768 * @todo This test method should be split up into separate test methods and
769 * data providers
770 * @covers Title::checkActionPermissions
771 */
772 public function testActionPermissions() {
773 $this->setUserPerm( [ "createpage" ] );
774 $this->setTitle( NS_MAIN, "test page" );
775 $this->title->mTitleProtection['permission'] = '';
776 $this->title->mTitleProtection['user'] = $this->user->getId();
777 $this->title->mTitleProtection['expiry'] = 'infinity';
778 $this->title->mTitleProtection['reason'] = 'test';
779 $this->title->mCascadeRestriction = false;
780
781 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
782 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
783 $this->assertEquals( false,
784 $this->title->userCan( 'create', $this->user ) );
785
786 $this->title->mTitleProtection['permission'] = 'editprotected';
787 $this->setUserPerm( [ 'createpage', 'protect' ] );
788 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
789 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
790 $this->assertEquals( false,
791 $this->title->userCan( 'create', $this->user ) );
792
793 $this->setUserPerm( [ 'createpage', 'editprotected' ] );
794 $this->assertEquals( [],
795 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
796 $this->assertEquals( true,
797 $this->title->userCan( 'create', $this->user ) );
798
799 $this->setUserPerm( [ 'createpage' ] );
800 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
801 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
802 $this->assertEquals( false,
803 $this->title->userCan( 'create', $this->user ) );
804
805 $this->setTitle( NS_MEDIA, "test page" );
806 $this->setUserPerm( [ "move" ] );
807 $this->assertEquals( false,
808 $this->title->userCan( 'move', $this->user ) );
809 $this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
810 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
811
812 $this->setTitle( NS_HELP, "test page" );
813 $this->assertEquals( [],
814 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
815 $this->assertEquals( true,
816 $this->title->userCan( 'move', $this->user ) );
817
818 $this->title->mInterwiki = "no";
819 $this->assertEquals( [ [ 'immobile-source-page' ] ],
820 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
821 $this->assertEquals( false,
822 $this->title->userCan( 'move', $this->user ) );
823
824 $this->setTitle( NS_MEDIA, "test page" );
825 $this->assertEquals( false,
826 $this->title->userCan( 'move-target', $this->user ) );
827 $this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
828 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
829
830 $this->setTitle( NS_HELP, "test page" );
831 $this->assertEquals( [],
832 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
833 $this->assertEquals( true,
834 $this->title->userCan( 'move-target', $this->user ) );
835
836 $this->title->mInterwiki = "no";
837 $this->assertEquals( [ [ 'immobile-target-page' ] ],
838 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
839 $this->assertEquals( false,
840 $this->title->userCan( 'move-target', $this->user ) );
841 }
842
843 /**
844 * @covers Title::checkUserBlock
845 */
846 public function testUserBlock() {
847 $this->setMwGlobals( [
848 'wgEmailConfirmToEdit' => true,
849 'wgEmailAuthentication' => true,
850 ] );
851
852 $this->setUserPerm( [ "createpage", "move" ] );
853 $this->setTitle( NS_HELP, "test page" );
854
855 # $wgEmailConfirmToEdit only applies to 'edit' action
856 $this->assertEquals( [],
857 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
858 $this->assertContains( [ 'confirmedittext' ],
859 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
860
861 $this->setMwGlobals( 'wgEmailConfirmToEdit', false );
862 $this->assertNotContains( [ 'confirmedittext' ],
863 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
864
865 # $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
866 $this->assertEquals( [],
867 $this->title->getUserPermissionsErrors( 'move-target',
868 $this->user ) );
869
870 global $wgLang;
871 $prev = time();
872 $now = time() + 120;
873 $this->user->mBlockedby = $this->user->getId();
874 $this->user->mBlock = new Block( [
875 'address' => '127.0.8.1',
876 'by' => $this->user->getId(),
877 'reason' => 'no reason given',
878 'timestamp' => $prev + 3600,
879 'auto' => true,
880 'expiry' => 0
881 ] );
882 $this->user->mBlock->mTimestamp = 0;
883 $this->assertEquals( [ [ 'autoblockedtext',
884 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
885 'Useruser', null, 'infinite', '127.0.8.1',
886 $wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
887 $this->title->getUserPermissionsErrors( 'move-target',
888 $this->user ) );
889
890 $this->assertEquals( false, $this->title->userCan( 'move-target', $this->user ) );
891 // quickUserCan should ignore user blocks
892 $this->assertEquals( true, $this->title->quickUserCan( 'move-target', $this->user ) );
893
894 global $wgLocalTZoffset;
895 $wgLocalTZoffset = -60;
896 $this->user->mBlockedby = $this->user->getName();
897 $this->user->mBlock = new Block( [
898 'address' => '127.0.8.1',
899 'by' => $this->user->getId(),
900 'reason' => 'no reason given',
901 'timestamp' => $now,
902 'auto' => false,
903 'expiry' => 10,
904 ] );
905 $this->assertEquals( [ [ 'blockedtext',
906 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
907 'Useruser', null, '23:00, 31 December 1969', '127.0.8.1',
908 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
909 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
910 # $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
911 # $user->blockedFor() == ''
912 # $user->mBlock->mExpiry == 'infinity'
913
914 $this->user->mBlockedby = $this->user->getName();
915 $this->user->mBlock = new Block( [
916 'address' => '127.0.8.1',
917 'by' => $this->user->getId(),
918 'reason' => 'no reason given',
919 'timestamp' => $now,
920 'auto' => false,
921 'expiry' => 10,
922 'systemBlock' => 'test',
923 ] );
924 $this->assertEquals( [ [ 'systemblockedtext',
925 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
926 'Useruser', 'test', '23:00, 31 December 1969', '127.0.8.1',
927 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
928 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
929 }
930 }
Wiklou, le Wiki du Wiklou