use MediaWiki\Auth\AuthManager;
use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\Block\CompositeBlock;
use MediaWiki\Block\SystemBlock;
+use MediaWiki\Permissions\PermissionManager;
/**
* @covers PasswordReset
$user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
$user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
$user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
- $user->expects( $this->any() )->method( 'isAllowed' )
- ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
- if ( $perm === 'editmyprivateinfo' ) {
- return $canEditPrivate;
- } else {
- $this->fail( 'Unexpected permission check' );
- }
- } ) );
- $passwordReset = new PasswordReset( $config, $authManager );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->method( 'userHasRight' )
+ ->with( $user, 'editmyprivateinfo' )
+ ->willReturn( $canEditPrivate );
+
+ $passwordReset = new PasswordReset(
+ $config,
+ $authManager,
+ $permissionManager
+ );
$this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
}
'globalBlock' => null,
'isAllowed' => false,
],
+ 'blocked with multiple blocks, all allowing password reset' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => new CompositeBlock( [
+ 'originalBlocks' => [
+ new SystemBlock( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
+ new Block( [] ),
+ ]
+ ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => true,
+ ],
+ 'blocked with multiple blocks, not all allowing password reset' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => new CompositeBlock( [
+ 'originalBlocks' => [
+ new SystemBlock( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
+ new SystemBlock( [ 'systemBlock' => 'proxy' ] ),
+ ]
+ ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => false,
+ ],
'all OK' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
$request->setIP( '1.2.3.4' );
$performingUser = $this->getMockBuilder( User::class )->getMock();
$performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
- $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
$performingUser->expects( $this->any() )->method( 'getName' )->willReturn( 'Performer' );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->expects( $this->once() )
+ ->method( 'userHasRight' )
+ ->with( $performingUser, 'editmyprivateinfo' )
+ ->willReturn( true );
+
$targetUser1 = $this->getMockBuilder( User::class )->getMock();
$targetUser2 = $this->getMockBuilder( User::class )->getMock();
$targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
$targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
$passwordReset = $this->getMockBuilder( PasswordReset::class )
- ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
+ ->setConstructorArgs( [ $config, $authManager, $permissionManager ] )
+ ->setMethods( [ 'getUsersByEmail' ] )
->getMock();
$passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
->willReturn( [ $targetUser1, $targetUser2 ] );