dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "SECURITY: Do not allow users to undelete a page they can't edit or create"
[lhc/web/wiklou.git] / tests / phpunit / includes / auth / AbstractSecondaryAuthenticationProviderTest.php
1 <?php
2
3 namespace MediaWiki\Auth;
4
5 /**
6 * @group AuthManager
7 * @covers MediaWiki\Auth\AbstractSecondaryAuthenticationProvider
8 */
9 class AbstractSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
10 public function testAbstractSecondaryAuthenticationProvider() {
11 $user = \User::newFromName( 'UTSysop' );
12
13 $provider = $this->getMockForAbstractClass( AbstractSecondaryAuthenticationProvider::class );
14
15 try {
16 $provider->continueSecondaryAuthentication( $user, [] );
17 $this->fail( 'Expected exception not thrown' );
18 } catch ( \BadMethodCallException $ex ) {
19 }
20
21 try {
22 $provider->continueSecondaryAccountCreation( $user, $user, [] );
23 $this->fail( 'Expected exception not thrown' );
24 } catch ( \BadMethodCallException $ex ) {
25 }
26
27 $req = $this->getMockForAbstractClass( AuthenticationRequest::class );
28
29 $this->assertTrue( $provider->providerAllowsPropertyChange( 'foo' ) );
30 $this->assertEquals(
31 \StatusValue::newGood( 'ignored' ),
32 $provider->providerAllowsAuthenticationDataChange( $req )
33 );
34 $this->assertEquals(
35 \StatusValue::newGood(),
36 $provider->testForAccountCreation( $user, $user, [] )
37 );
38 $this->assertEquals(
39 \StatusValue::newGood(),
40 $provider->testUserForCreation( $user, AuthManager::AUTOCREATE_SOURCE_SESSION )
41 );
42 $this->assertEquals(
43 \StatusValue::newGood(),
44 $provider->testUserForCreation( $user, false )
45 );
46
47 $provider->providerChangeAuthenticationData( $req );
48 $provider->autoCreatedAccount( $user, AuthManager::AUTOCREATE_SOURCE_SESSION );
49
50 $res = AuthenticationResponse::newPass();
51 $provider->postAuthentication( $user, $res );
52 $provider->postAccountCreation( $user, $user, $res );
53 }
54
55 public function testProviderRevokeAccessForUser() {
56 $reqs = [];
57 for ( $i = 0; $i < 3; $i++ ) {
58 $reqs[$i] = $this->getMock( AuthenticationRequest::class );
59 $reqs[$i]->done = false;
60 }
61
62 $provider = $this->getMockBuilder( AbstractSecondaryAuthenticationProvider::class )
63 ->setMethods( [ 'providerChangeAuthenticationData' ] )
64 ->getMockForAbstractClass();
65 $provider->expects( $this->once() )->method( 'getAuthenticationRequests' )
66 ->with(
67 $this->identicalTo( AuthManager::ACTION_REMOVE ),
68 $this->identicalTo( [ 'username' => 'UTSysop' ] )
69 )
70 ->will( $this->returnValue( $reqs ) );
71 $provider->expects( $this->exactly( 3 ) )->method( 'providerChangeAuthenticationData' )
72 ->will( $this->returnCallback( function ( $req ) {
73 $this->assertSame( 'UTSysop', $req->username );
74 $this->assertFalse( $req->done );
75 $req->done = true;
76 } ) );
77
78 $provider->providerRevokeAccessForUser( 'UTSysop' );
79
80 foreach ( $reqs as $i => $req ) {
81 $this->assertTrue( $req->done, "#$i" );
82 }
83 }
84 }
Wiklou, le Wiki du Wiklou