tests/phpunit/includes/auth/CheckBlocksSecondaryAuthenticationProviderTest.php

   1 <?php
   2
   3 namespace MediaWiki\Auth;
   4
   5 use MediaWiki\Block\DatabaseBlock;
   6 use Wikimedia\TestingAccessWrapper;
   7
   8 /**
   9  * @group AuthManager
  10  * @group Database
  11  * @covers \MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider
  12  */
  13 class CheckBlocksSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
  14         public function testConstructor() {
  15                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  16                 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
  17                 $config = new \HashConfig( [
  18                         'BlockDisablesLogin' => false
  19                 ] );
  20                 $provider->setConfig( $config );
  21                 $this->assertSame( false, $providerPriv->blockDisablesLogin );
  22
  23                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  24                         [ 'blockDisablesLogin' => true ]
  25                 );
  26                 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
  27                 $config = new \HashConfig( [
  28                         'BlockDisablesLogin' => false
  29                 ] );
  30                 $provider->setConfig( $config );
  31                 $this->assertSame( true, $providerPriv->blockDisablesLogin );
  32         }
  33
  34         public function testBasics() {
  35                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  36                 $user = \User::newFromName( 'UTSysop' );
  37
  38                 $this->assertEquals(
  39                         AuthenticationResponse::newAbstain(),
  40                         $provider->beginSecondaryAccountCreation( $user, $user, [] )
  41                 );
  42         }
  43
  44         /**
  45          * @dataProvider provideGetAuthenticationRequests
  46          * @param string $action
  47          * @param array $response
  48          */
  49         public function testGetAuthenticationRequests( $action, $response ) {
  50                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  51
  52                 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
  53         }
  54
  55         public static function provideGetAuthenticationRequests() {
  56                 return [
  57                         [ AuthManager::ACTION_LOGIN, [] ],
  58                         [ AuthManager::ACTION_CREATE, [] ],
  59                         [ AuthManager::ACTION_LINK, [] ],
  60                         [ AuthManager::ACTION_CHANGE, [] ],
  61                         [ AuthManager::ACTION_REMOVE, [] ],
  62                 ];
  63         }
  64
  65         private function getBlockedUser() {
  66                 $user = \User::newFromName( 'UTBlockee' );
  67                 if ( $user->getID() == 0 ) {
  68                         $user->addToDatabase();
  69                         \TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
  70                         $user->saveSettings();
  71                 }
  72                 $oldBlock = DatabaseBlock::newFromTarget( 'UTBlockee' );
  73                 if ( $oldBlock ) {
  74                         // An old block will prevent our new one from saving.
  75                         $oldBlock->delete();
  76                 }
  77                 $blockOptions = [
  78                         'address' => 'UTBlockee',
  79                         'user' => $user->getID(),
  80                         'by' => $this->getTestSysop()->getUser()->getId(),
  81                         'reason' => __METHOD__,
  82                         'expiry' => time() + 100500,
  83                         'createAccount' => true,
  84                 ];
  85                 $block = new DatabaseBlock( $blockOptions );
  86                 $block->insert();
  87                 return $user;
  88         }
  89
  90         public function testBeginSecondaryAuthentication() {
  91                 $unblockedUser = \User::newFromName( 'UTSysop' );
  92                 $blockedUser = $this->getBlockedUser();
  93
  94                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  95                         [ 'blockDisablesLogin' => false ]
  96                 );
  97                 $this->assertEquals(
  98                         AuthenticationResponse::newAbstain(),
  99                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 100                 );
 101                 $this->assertEquals(
 102                         AuthenticationResponse::newAbstain(),
 103                         $provider->beginSecondaryAuthentication( $blockedUser, [] )
 104                 );
 105
 106                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 107                         [ 'blockDisablesLogin' => true ]
 108                 );
 109                 $this->assertEquals(
 110                         AuthenticationResponse::newPass(),
 111                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 112                 );
 113                 $ret = $provider->beginSecondaryAuthentication( $blockedUser, [] );
 114                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 115         }
 116
 117         public function testTestUserForCreation() {
 118                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 119                         [ 'blockDisablesLogin' => false ]
 120                 );
 121                 $provider->setLogger( new \Psr\Log\NullLogger() );
 122                 $provider->setConfig( new \HashConfig() );
 123                 $provider->setManager( AuthManager::singleton() );
 124
 125                 $unblockedUser = \User::newFromName( 'UTSysop' );
 126                 $blockedUser = $this->getBlockedUser();
 127
 128                 $user = \User::newFromName( 'RandomUser' );
 129
 130                 $this->assertEquals(
 131                         \StatusValue::newGood(),
 132                         $provider->testUserForCreation( $unblockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION )
 133                 );
 134                 $this->assertEquals(
 135                         \StatusValue::newGood(),
 136                         $provider->testUserForCreation( $unblockedUser, false )
 137                 );
 138
 139                 $status = $provider->testUserForCreation( $blockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 140                 $this->assertInstanceOf( \StatusValue::class, $status );
 141                 $this->assertFalse( $status->isOK() );
 142                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 143
 144                 $status = $provider->testUserForCreation( $blockedUser, false );
 145                 $this->assertInstanceOf( \StatusValue::class, $status );
 146                 $this->assertFalse( $status->isOK() );
 147                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 148         }
 149
 150         public function testRangeBlock() {
 151                 $blockOptions = [
 152                         'address' => '127.0.0.0/24',
 153                         'reason' => __METHOD__,
 154                         'by' => $this->getTestSysop()->getUser()->getId(),
 155                         'expiry' => time() + 100500,
 156                         'createAccount' => true,
 157                 ];
 158                 $block = new DatabaseBlock( $blockOptions );
 159                 $block->insert();
 160                 $scopeVariable = new \Wikimedia\ScopedCallback( [ $block, 'delete' ] );
 161
 162                 $user = \User::newFromName( 'UTNormalUser' );
 163                 if ( $user->getID() == 0 ) {
 164                         $user->addToDatabase();
 165                         \TestUser::setPasswordForUser( $user, 'UTNormalUserPassword' );
 166                         $user->saveSettings();
 167                 }
 168                 $this->setMwGlobals( [ 'wgUser' => $user ] );
 169                 \RequestContext::getMain()->setUser( $user );
 170                 $newuser = \User::newFromName( 'RandomUser' );
 171
 172                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 173                         [ 'blockDisablesLogin' => true ]
 174                 );
 175                 $provider->setLogger( new \Psr\Log\NullLogger() );
 176                 $provider->setConfig( new \HashConfig() );
 177                 $provider->setManager( AuthManager::singleton() );
 178
 179                 $ret = $provider->beginSecondaryAuthentication( $user, [] );
 180                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 181
 182                 $status = $provider->testUserForCreation( $newuser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 183                 $this->assertInstanceOf( \StatusValue::class, $status );
 184                 $this->assertFalse( $status->isOK() );
 185                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 186
 187                 $status = $provider->testUserForCreation( $newuser, false );
 188                 $this->assertInstanceOf( \StatusValue::class, $status );
 189                 $this->assertFalse( $status->isOK() );
 190                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 191         }
 192 }