dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert "Factors out permissions check from User into PermissionManager service"
[lhc/web/wiklou.git] / tests / phpunit / includes / api / ApiBlockTest.php
1 <?php
2
3 use MediaWiki\Block\DatabaseBlock;
4 use MediaWiki\Block\Restriction\PageRestriction;
5 use MediaWiki\Block\Restriction\NamespaceRestriction;
6
7 /**
8 * @group API
9 * @group Database
10 * @group medium
11 *
12 * @covers ApiBlock
13 */
14 class ApiBlockTest extends ApiTestCase {
15 protected $mUser = null;
16
17 protected function setUp() {
18 parent::setUp();
19 $this->tablesUsed = array_merge(
20 $this->tablesUsed,
21 [ 'ipblocks', 'change_tag', 'change_tag_def', 'logging' ]
22 );
23
24 $this->mUser = $this->getMutableTestUser()->getUser();
25 }
26
27 protected function getTokens() {
28 return $this->getTokenList( self::$users['sysop'] );
29 }
30
31 /**
32 * @param array $extraParams Extra API parameters to pass to doApiRequest
33 * @param User $blocker User to do the blocking, null to pick
34 * arbitrarily
35 */
36 private function doBlock( array $extraParams = [], User $blocker = null ) {
37 if ( $blocker === null ) {
38 $blocker = self::$users['sysop']->getUser();
39 }
40
41 $tokens = $this->getTokens();
42
43 $this->assertNotNull( $this->mUser, 'Sanity check' );
44 $this->assertNotSame( 0, $this->mUser->getId(), 'Sanity check' );
45
46 $this->assertArrayHasKey( 'blocktoken', $tokens, 'Sanity check' );
47
48 $params = [
49 'action' => 'block',
50 'user' => $this->mUser->getName(),
51 'reason' => 'Some reason',
52 'token' => $tokens['blocktoken'],
53 ];
54 if ( array_key_exists( 'userid', $extraParams ) ) {
55 // Make sure we don't have both user and userid
56 unset( $params['user'] );
57 }
58 $ret = $this->doApiRequest( array_merge( $params, $extraParams ), null,
59 false, $blocker );
60
61 $block = DatabaseBlock::newFromTarget( $this->mUser->getName() );
62
63 $this->assertTrue( !is_null( $block ), 'Block is valid' );
64
65 $this->assertSame( $this->mUser->getName(), (string)$block->getTarget() );
66 $this->assertSame( 'Some reason', $block->getReason() );
67
68 return $ret;
69 }
70
71 /**
72 * Block by username
73 */
74 public function testNormalBlock() {
75 $this->doBlock();
76 }
77
78 /**
79 * Block by user ID
80 */
81 public function testBlockById() {
82 $this->doBlock( [ 'userid' => $this->mUser->getId() ] );
83 }
84
85 /**
86 * A blocked user can't block
87 */
88 public function testBlockByBlockedUser() {
89 $this->setExpectedException( ApiUsageException::class,
90 'You cannot block or unblock other users because you are yourself blocked.' );
91
92 $blocked = $this->getMutableTestUser( [ 'sysop' ] )->getUser();
93 $block = new DatabaseBlock( [
94 'address' => $blocked->getName(),
95 'by' => self::$users['sysop']->getUser()->getId(),
96 'reason' => 'Capriciousness',
97 'timestamp' => '19370101000000',
98 'expiry' => 'infinity',
99 ] );
100 $block->insert();
101
102 $this->doBlock( [], $blocked );
103 }
104
105 public function testBlockOfNonexistentUser() {
106 $this->setExpectedException( ApiUsageException::class,
107 'There is no user by the name "Nonexistent". Check your spelling.' );
108
109 $this->doBlock( [ 'user' => 'Nonexistent' ] );
110 }
111
112 public function testBlockOfNonexistentUserId() {
113 $id = 948206325;
114 $this->setExpectedException( ApiUsageException::class,
115 "There is no user with ID $id." );
116
117 $this->assertFalse( User::whoIs( $id ), 'Sanity check' );
118
119 $this->doBlock( [ 'userid' => $id ] );
120 }
121
122 public function testBlockWithTag() {
123 ChangeTags::defineTag( 'custom tag' );
124
125 $this->doBlock( [ 'tags' => 'custom tag' ] );
126
127 $dbw = wfGetDB( DB_MASTER );
128 $this->assertSame( 1, (int)$dbw->selectField(
129 [ 'change_tag', 'logging', 'change_tag_def' ],
130 'COUNT(*)',
131 [ 'log_type' => 'block', 'ctd_name' => 'custom tag' ],
132 __METHOD__,
133 [],
134 [
135 'change_tag' => [ 'JOIN', 'ct_log_id = log_id' ],
136 'change_tag_def' => [ 'JOIN', 'ctd_id = ct_tag_id' ],
137 ]
138 ) );
139 }
140
141 public function testBlockWithProhibitedTag() {
142 $this->setExpectedException( ApiUsageException::class,
143 'You do not have permission to apply change tags along with your changes.' );
144
145 ChangeTags::defineTag( 'custom tag' );
146
147 $this->setMwGlobals( 'wgRevokePermissions',
148 [ 'user' => [ 'applychangetags' => true ] ] );
149
150 $this->doBlock( [ 'tags' => 'custom tag' ] );
151 }
152
153 public function testBlockWithHide() {
154 global $wgGroupPermissions;
155 $newPermissions = $wgGroupPermissions['sysop'];
156 $newPermissions['hideuser'] = true;
157 $this->mergeMwGlobalArrayValue( 'wgGroupPermissions',
158 [ 'sysop' => $newPermissions ] );
159
160 $res = $this->doBlock( [ 'hidename' => '' ] );
161
162 $dbw = wfGetDB( DB_MASTER );
163 $this->assertSame( '1', $dbw->selectField(
164 'ipblocks',
165 'ipb_deleted',
166 [ 'ipb_id' => $res[0]['block']['id'] ],
167 __METHOD__
168 ) );
169 }
170
171 public function testBlockWithProhibitedHide() {
172 $this->setExpectedException( ApiUsageException::class,
173 "You don't have permission to hide user names from the block log." );
174
175 $this->doBlock( [ 'hidename' => '' ] );
176 }
177
178 public function testBlockWithEmailBlock() {
179 $this->setMwGlobals( [
180 'wgEnableEmail' => true,
181 'wgEnableUserEmail' => true,
182 'wgSysopEmailBans' => true,
183 ] );
184
185 $res = $this->doBlock( [ 'noemail' => '' ] );
186
187 $dbw = wfGetDB( DB_MASTER );
188 $this->assertSame( '1', $dbw->selectField(
189 'ipblocks',
190 'ipb_block_email',
191 [ 'ipb_id' => $res[0]['block']['id'] ],
192 __METHOD__
193 ) );
194 }
195
196 public function testBlockWithProhibitedEmailBlock() {
197 $this->setMwGlobals( [
198 'wgEnableEmail' => true,
199 'wgEnableUserEmail' => true,
200 'wgSysopEmailBans' => true,
201 ] );
202
203 $this->setExpectedException( ApiUsageException::class,
204 "You don't have permission to block users from sending email through the wiki." );
205
206 $this->setMwGlobals( 'wgRevokePermissions',
207 [ 'sysop' => [ 'blockemail' => true ] ] );
208
209 $this->doBlock( [ 'noemail' => '' ] );
210 }
211
212 public function testBlockWithExpiry() {
213 $res = $this->doBlock( [ 'expiry' => '1 day' ] );
214
215 $dbw = wfGetDB( DB_MASTER );
216 $expiry = $dbw->selectField(
217 'ipblocks',
218 'ipb_expiry',
219 [ 'ipb_id' => $res[0]['block']['id'] ],
220 __METHOD__
221 );
222
223 // Allow flakiness up to one second
224 $this->assertLessThanOrEqual( 1,
225 abs( wfTimestamp( TS_UNIX, $expiry ) - ( time() + 86400 ) ) );
226 }
227
228 public function testBlockWithInvalidExpiry() {
229 $this->setExpectedException( ApiUsageException::class, "Expiry time invalid." );
230
231 $this->doBlock( [ 'expiry' => '' ] );
232 }
233
234 public function testBlockWithoutRestrictions() {
235 $this->setMwGlobals( [
236 'wgEnablePartialBlocks' => true,
237 ] );
238
239 $this->doBlock();
240
241 $block = DatabaseBlock::newFromTarget( $this->mUser->getName() );
242
243 $this->assertTrue( $block->isSitewide() );
244 $this->assertCount( 0, $block->getRestrictions() );
245 }
246
247 public function testBlockWithRestrictions() {
248 $this->setMwGlobals( [
249 'wgEnablePartialBlocks' => true,
250 ] );
251
252 $title = 'Foo';
253 $page = $this->getExistingTestPage( $title );
254 $namespace = NS_TALK;
255
256 $this->doBlock( [
257 'partial' => true,
258 'pagerestrictions' => $title,
259 'namespacerestrictions' => $namespace,
260 ] );
261
262 $block = DatabaseBlock::newFromTarget( $this->mUser->getName() );
263
264 $this->assertFalse( $block->isSitewide() );
265 $this->assertCount( 2, $block->getRestrictions() );
266 $this->assertInstanceOf( PageRestriction::class, $block->getRestrictions()[0] );
267 $this->assertEquals( $title, $block->getRestrictions()[0]->getTitle()->getText() );
268 $this->assertInstanceOf( NamespaceRestriction::class, $block->getRestrictions()[1] );
269 $this->assertEquals( $namespace, $block->getRestrictions()[1]->getValue() );
270 }
271
272 /**
273 * @expectedException ApiUsageException
274 * @expectedExceptionMessage The "token" parameter must be set
275 */
276 public function testBlockingActionWithNoToken() {
277 $this->doApiRequest(
278 [
279 'action' => 'block',
280 'user' => $this->mUser->getName(),
281 'reason' => 'Some reason',
282 ],
283 null,
284 false,
285 self::$users['sysop']->getUser()
286 );
287 }
288
289 /**
290 * @expectedException ApiUsageException
291 * @expectedExceptionMessage Invalid value "127.0.0.1/64" for user parameter "user".
292 */
293 public function testBlockWithLargeRange() {
294 $tokens = $this->getTokens();
295
296 $this->doApiRequest(
297 [
298 'action' => 'block',
299 'user' => '127.0.0.1/64',
300 'reason' => 'Some reason',
301 'token' => $tokens['blocktoken'],
302 ],
303 null,
304 false,
305 self::$users['sysop']->getUser()
306 );
307 }
308
309 /**
310 * @expectedException ApiUsageException
311 * @expectedExceptionMessage Too many values supplied for parameter "pagerestrictions". The
312 * limit is 10.
313 */
314 public function testBlockingToManyPageRestrictions() {
315 $this->setMwGlobals( [
316 'wgEnablePartialBlocks' => true,
317 ] );
318
319 $tokens = $this->getTokens();
320
321 $this->doApiRequest(
322 [
323 'action' => 'block',
324 'user' => $this->mUser->getName(),
325 'reason' => 'Some reason',
326 'partial' => true,
327 'pagerestrictions' => 'One|Two|Three|Four|Five|Six|Seven|Eight|Nine|Ten|Eleven',
328 'token' => $tokens['blocktoken'],
329 ],
330 null,
331 false,
332 self::$users['sysop']->getUser()
333 );
334 }
335 }
Wiklou, le Wiki du Wiklou