tests/phpunit/includes/auth/CheckBlocksSecondaryAuthenticationProviderTest.php

   1 <?php
   2
   3 namespace MediaWiki\Auth;
   4
   5 use Wikimedia\TestingAccessWrapper;
   6
   7 /**
   8  * @group AuthManager
   9  * @group Database
  10  * @covers MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider
  11  */
  12 class CheckBlocksSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
  13         public function testConstructor() {
  14                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  15                 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
  16                 $config = new \HashConfig( [
  17                         'BlockDisablesLogin' => false
  18                 ] );
  19                 $provider->setConfig( $config );
  20                 $this->assertSame( false, $providerPriv->blockDisablesLogin );
  21
  22                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  23                         [ 'blockDisablesLogin' => true ]
  24                 );
  25                 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
  26                 $config = new \HashConfig( [
  27                         'BlockDisablesLogin' => false
  28                 ] );
  29                 $provider->setConfig( $config );
  30                 $this->assertSame( true, $providerPriv->blockDisablesLogin );
  31         }
  32
  33         public function testBasics() {
  34                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  35                 $user = \User::newFromName( 'UTSysop' );
  36
  37                 $this->assertEquals(
  38                         AuthenticationResponse::newAbstain(),
  39                         $provider->beginSecondaryAccountCreation( $user, $user, [] )
  40                 );
  41         }
  42
  43         /**
  44          * @dataProvider provideGetAuthenticationRequests
  45          * @param string $action
  46          * @param array $response
  47          */
  48         public function testGetAuthenticationRequests( $action, $response ) {
  49                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  50
  51                 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
  52         }
  53
  54         public static function provideGetAuthenticationRequests() {
  55                 return [
  56                         [ AuthManager::ACTION_LOGIN, [] ],
  57                         [ AuthManager::ACTION_CREATE, [] ],
  58                         [ AuthManager::ACTION_LINK, [] ],
  59                         [ AuthManager::ACTION_CHANGE, [] ],
  60                         [ AuthManager::ACTION_REMOVE, [] ],
  61                 ];
  62         }
  63
  64         private function getBlockedUser() {
  65                 $user = \User::newFromName( 'UTBlockee' );
  66                 if ( $user->getID() == 0 ) {
  67                         $user->addToDatabase();
  68                         \TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
  69                         $user->saveSettings();
  70                 }
  71                 $oldBlock = \Block::newFromTarget( 'UTBlockee' );
  72                 if ( $oldBlock ) {
  73                         // An old block will prevent our new one from saving.
  74                         $oldBlock->delete();
  75                 }
  76                 $blockOptions = [
  77                         'address' => 'UTBlockee',
  78                         'user' => $user->getID(),
  79                         'reason' => __METHOD__,
  80                         'expiry' => time() + 100500,
  81                         'createAccount' => true,
  82                 ];
  83                 $block = new \Block( $blockOptions );
  84                 $block->insert();
  85                 return $user;
  86         }
  87
  88         public function testBeginSecondaryAuthentication() {
  89                 $unblockedUser = \User::newFromName( 'UTSysop' );
  90                 $blockedUser = $this->getBlockedUser();
  91
  92                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  93                         [ 'blockDisablesLogin' => false ]
  94                 );
  95                 $this->assertEquals(
  96                         AuthenticationResponse::newAbstain(),
  97                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
  98                 );
  99                 $this->assertEquals(
 100                         AuthenticationResponse::newAbstain(),
 101                         $provider->beginSecondaryAuthentication( $blockedUser, [] )
 102                 );
 103
 104                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 105                         [ 'blockDisablesLogin' => true ]
 106                 );
 107                 $this->assertEquals(
 108                         AuthenticationResponse::newPass(),
 109                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 110                 );
 111                 $ret = $provider->beginSecondaryAuthentication( $blockedUser, [] );
 112                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 113         }
 114
 115         public function testTestUserForCreation() {
 116                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 117                         [ 'blockDisablesLogin' => false ]
 118                 );
 119                 $provider->setLogger( new \Psr\Log\NullLogger() );
 120                 $provider->setConfig( new \HashConfig() );
 121                 $provider->setManager( AuthManager::singleton() );
 122
 123                 $unblockedUser = \User::newFromName( 'UTSysop' );
 124                 $blockedUser = $this->getBlockedUser();
 125
 126                 $user = \User::newFromName( 'RandomUser' );
 127
 128                 $this->assertEquals(
 129                         \StatusValue::newGood(),
 130                         $provider->testUserForCreation( $unblockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION )
 131                 );
 132                 $this->assertEquals(
 133                         \StatusValue::newGood(),
 134                         $provider->testUserForCreation( $unblockedUser, false )
 135                 );
 136
 137                 $status = $provider->testUserForCreation( $blockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 138                 $this->assertInstanceOf( \StatusValue::class, $status );
 139                 $this->assertFalse( $status->isOK() );
 140                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 141
 142                 $status = $provider->testUserForCreation( $blockedUser, false );
 143                 $this->assertInstanceOf( \StatusValue::class, $status );
 144                 $this->assertFalse( $status->isOK() );
 145                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 146         }
 147
 148         public function testRangeBlock() {
 149                 $blockOptions = [
 150                         'address' => '127.0.0.0/24',
 151                         'reason' => __METHOD__,
 152                         'expiry' => time() + 100500,
 153                         'createAccount' => true,
 154                 ];
 155                 $block = new \Block( $blockOptions );
 156                 $block->insert();
 157                 $scopeVariable = new \Wikimedia\ScopedCallback( [ $block, 'delete' ] );
 158
 159                 $user = \User::newFromName( 'UTNormalUser' );
 160                 if ( $user->getID() == 0 ) {
 161                         $user->addToDatabase();
 162                         \TestUser::setPasswordForUser( $user, 'UTNormalUserPassword' );
 163                         $user->saveSettings();
 164                 }
 165                 $this->setMwGlobals( [ 'wgUser' => $user ] );
 166                 $newuser = \User::newFromName( 'RandomUser' );
 167
 168                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 169                         [ 'blockDisablesLogin' => true ]
 170                 );
 171                 $provider->setLogger( new \Psr\Log\NullLogger() );
 172                 $provider->setConfig( new \HashConfig() );
 173                 $provider->setManager( AuthManager::singleton() );
 174
 175                 $ret = $provider->beginSecondaryAuthentication( $user, [] );
 176                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 177
 178                 $status = $provider->testUserForCreation( $newuser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 179                 $this->assertInstanceOf( \StatusValue::class, $status );
 180                 $this->assertFalse( $status->isOK() );
 181                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 182
 183                 $status = $provider->testUserForCreation( $newuser, false );
 184                 $this->assertInstanceOf( \StatusValue::class, $status );
 185                 $this->assertFalse( $status->isOK() );
 186                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 187         }
 188 }