tests/phpunit/includes/api/ApiBlockTest.php

   1 <?php
   2
   3 /**
   4  * @group API
   5  * @group Database
   6  * @group medium
   7  *
   8  * @covers ApiBlock
   9  */
  10 class ApiBlockTest extends ApiTestCase {
  11         protected $mUser = null;
  12
  13         protected function setUp() {
  14                 parent::setUp();
  15                 $this->doLogin();
  16
  17                 $this->mUser = $this->getMutableTestUser()->getUser();
  18         }
  19
  20         protected function tearDown() {
  21                 $block = Block::newFromTarget( $this->mUser->getName() );
  22                 if ( !is_null( $block ) ) {
  23                         $block->delete();
  24                 }
  25                 parent::tearDown();
  26         }
  27
  28         protected function getTokens() {
  29                 return $this->getTokenList( self::$users['sysop'] );
  30         }
  31
  32         /**
  33          * @param array $extraParams Extra API parameters to pass to doApiRequest
  34          * @param User  $blocker     User to do the blocking, null to pick
  35          *                           arbitrarily
  36          */
  37         private function doBlock( array $extraParams = [], User $blocker = null ) {
  38                 if ( $blocker === null ) {
  39                         $blocker = self::$users['sysop']->getUser();
  40                 }
  41
  42                 $tokens = $this->getTokens();
  43
  44                 $this->assertNotNull( $this->mUser, 'Sanity check' );
  45                 $this->assertNotSame( 0, $this->mUser->getId(), 'Sanity check' );
  46
  47                 $this->assertArrayHasKey( 'blocktoken', $tokens, 'Sanity check' );
  48
  49                 $params = [
  50                         'action' => 'block',
  51                         'user' => $this->mUser->getName(),
  52                         'reason' => 'Some reason',
  53                         'token' => $tokens['blocktoken'],
  54                 ];
  55                 if ( array_key_exists( 'userid', $extraParams ) ) {
  56                         // Make sure we don't have both user and userid
  57                         unset( $params['user'] );
  58                 }
  59                 $ret = $this->doApiRequest( array_merge( $params, $extraParams ), null,
  60                         false, $blocker );
  61
  62                 $block = Block::newFromTarget( $this->mUser->getName() );
  63
  64                 $this->assertTrue( !is_null( $block ), 'Block is valid' );
  65
  66                 $this->assertSame( $this->mUser->getName(), (string)$block->getTarget() );
  67                 $this->assertSame( 'Some reason', $block->mReason );
  68
  69                 return $ret;
  70         }
  71
  72         /**
  73          * Block by username
  74          */
  75         public function testNormalBlock() {
  76                 $this->doBlock();
  77         }
  78
  79         /**
  80          * Block by user ID
  81          */
  82         public function testBlockById() {
  83                 $this->doBlock( [ 'userid' => $this->mUser->getId() ] );
  84         }
  85
  86         /**
  87          * A blocked user can't block
  88          */
  89         public function testBlockByBlockedUser() {
  90                 $this->setExpectedException( ApiUsageException::class,
  91                         'You cannot block or unblock other users because you are yourself blocked.' );
  92
  93                 $blocked = $this->getMutableTestUser( [ 'sysop' ] )->getUser();
  94                 $block = new Block( [
  95                         'address' => $blocked->getName(),
  96                         'by' => self::$users['sysop']->getUser()->getId(),
  97                         'reason' => 'Capriciousness',
  98                         'timestamp' => '19370101000000',
  99                         'expiry' => 'infinity',
 100                 ] );
 101                 $block->insert();
 102
 103                 $this->doBlock( [], $blocked );
 104         }
 105
 106         public function testBlockOfNonexistentUser() {
 107                 $this->setExpectedException( ApiUsageException::class,
 108                         'There is no user by the name "Nonexistent". Check your spelling.' );
 109
 110                 $this->doBlock( [ 'user' => 'Nonexistent' ] );
 111         }
 112
 113         public function testBlockOfNonexistentUserId() {
 114                 $id = 948206325;
 115                 $this->setExpectedException( ApiUsageException::class,
 116                         "There is no user with ID $id." );
 117
 118                 $this->assertFalse( User::whoIs( $id ), 'Sanity check' );
 119
 120                 $this->doBlock( [ 'userid' => $id ] );
 121         }
 122
 123         public function testBlockWithTag() {
 124                 ChangeTags::defineTag( 'custom tag' );
 125
 126                 $this->doBlock( [ 'tags' => 'custom tag' ] );
 127
 128                 $dbw = wfGetDB( DB_MASTER );
 129                 $this->assertSame( 'custom tag', $dbw->selectField(
 130                         [ 'change_tag', 'logging' ],
 131                         'ct_tag',
 132                         [ 'log_type' => 'block' ],
 133                         __METHOD__,
 134                         [],
 135                         [ 'change_tag' => [ 'INNER JOIN', 'ct_log_id = log_id' ] ]
 136                 ) );
 137         }
 138
 139         public function testBlockWithProhibitedTag() {
 140                 $this->setExpectedException( ApiUsageException::class,
 141                         'You do not have permission to apply change tags along with your changes.' );
 142
 143                 ChangeTags::defineTag( 'custom tag' );
 144
 145                 $this->setMwGlobals( 'wgRevokePermissions',
 146                         [ 'user' => [ 'applychangetags' => true ] ] );
 147
 148                 $this->doBlock( [ 'tags' => 'custom tag' ] );
 149         }
 150
 151         public function testBlockWithHide() {
 152                 global $wgGroupPermissions;
 153                 $newPermissions = $wgGroupPermissions['sysop'];
 154                 $newPermissions['hideuser'] = true;
 155                 $this->mergeMwGlobalArrayValue( 'wgGroupPermissions',
 156                         [ 'sysop' => $newPermissions ] );
 157
 158                 $res = $this->doBlock( [ 'hidename' => '' ] );
 159
 160                 $dbw = wfGetDB( DB_MASTER );
 161                 $this->assertSame( '1', $dbw->selectField(
 162                         'ipblocks',
 163                         'ipb_deleted',
 164                         [ 'ipb_id' => $res[0]['block']['id'] ],
 165                         __METHOD__
 166                 ) );
 167         }
 168
 169         public function testBlockWithProhibitedHide() {
 170                 $this->setExpectedException( ApiUsageException::class,
 171                         "You don't have permission to hide user names from the block log." );
 172
 173                 $this->doBlock( [ 'hidename' => '' ] );
 174         }
 175
 176         public function testBlockWithEmailBlock() {
 177                 $res = $this->doBlock( [ 'noemail' => '' ] );
 178
 179                 $dbw = wfGetDB( DB_MASTER );
 180                 $this->assertSame( '1', $dbw->selectField(
 181                         'ipblocks',
 182                         'ipb_block_email',
 183                         [ 'ipb_id' => $res[0]['block']['id'] ],
 184                         __METHOD__
 185                 ) );
 186         }
 187
 188         public function testBlockWithProhibitedEmailBlock() {
 189                 $this->setExpectedException( ApiUsageException::class,
 190                         "You don't have permission to block users from sending email through the wiki." );
 191
 192                 $this->setMwGlobals( 'wgRevokePermissions',
 193                         [ 'sysop' => [ 'blockemail' => true ] ] );
 194
 195                 $this->doBlock( [ 'noemail' => '' ] );
 196         }
 197
 198         public function testBlockWithExpiry() {
 199                 $res = $this->doBlock( [ 'expiry' => '1 day' ] );
 200
 201                 $dbw = wfGetDB( DB_MASTER );
 202                 $expiry = $dbw->selectField(
 203                         'ipblocks',
 204                         'ipb_expiry',
 205                         [ 'ipb_id' => $res[0]['block']['id'] ],
 206                         __METHOD__
 207                 );
 208
 209                 // Allow flakiness up to one second
 210                 $this->assertLessThanOrEqual( 1,
 211                         abs( wfTimestamp( TS_UNIX, $expiry ) - ( time() + 86400 ) ) );
 212         }
 213
 214         public function testBlockWithInvalidExpiry() {
 215                 $this->setExpectedException( ApiUsageException::class, "Expiry time invalid." );
 216
 217                 $this->doBlock( [ 'expiry' => '' ] );
 218         }
 219
 220         /**
 221          * @expectedException ApiUsageException
 222          * @expectedExceptionMessage The "token" parameter must be set
 223          */
 224         public function testBlockingActionWithNoToken() {
 225                 $this->doApiRequest(
 226                         [
 227                                 'action' => 'block',
 228                                 'user' => $this->mUser->getName(),
 229                                 'reason' => 'Some reason',
 230                         ],
 231                         null,
 232                         false,
 233                         self::$users['sysop']->getUser()
 234                 );
 235         }
 236 }