* @dataProvider provideIsAllowed
*/
public function testIsAllowed( $passwordResetRoutes, $enableEmail,
- $allowsAuthenticationDataChange, $canEditPrivate, $canSeePassword,
- $userIsBlocked, $isAllowed
+ $allowsAuthenticationDataChange, $canEditPrivate, $block, $globalBlock, $isAllowed
) {
$config = new HashConfig( [
'PasswordResetRoutes' => $passwordResetRoutes,
$authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
->willReturn( $allowsAuthenticationDataChange ? Status::newGood() : Status::newFatal( 'foo' ) );
- $user = $this->getMock( User::class );
+ $user = $this->getMockBuilder( User::class )->getMock();
$user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
- $user->expects( $this->any() )->method( 'isBlocked' )->willReturn( $userIsBlocked );
+ $user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
+ $user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
$user->expects( $this->any() )->method( 'isAllowed' )
- ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate, $canSeePassword ) {
+ ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
if ( $perm === 'editmyprivateinfo' ) {
return $canEditPrivate;
- } elseif ( $perm === 'passwordreset' ) {
- return $canSeePassword;
} else {
$this->fail( 'Unexpected permission check' );
}
public function provideIsAllowed() {
return [
- [
+ 'no routes' => [
'passwordResetRoutes' => [],
'enableEmail' => true,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => true,
- 'canSeePassword' => true,
- 'userIsBlocked' => false,
+ 'block' => null,
+ 'globalBlock' => null,
'isAllowed' => false,
],
- [
+ 'email disabled' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => false,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => true,
- 'canSeePassword' => true,
- 'userIsBlocked' => false,
+ 'block' => null,
+ 'globalBlock' => null,
'isAllowed' => false,
],
- [
+ 'auth data change disabled' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
'allowsAuthenticationDataChange' => false,
'canEditPrivate' => true,
- 'canSeePassword' => true,
- 'userIsBlocked' => false,
+ 'block' => null,
+ 'globalBlock' => null,
'isAllowed' => false,
],
- [
+ 'cannot edit private data' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => false,
- 'canSeePassword' => true,
- 'userIsBlocked' => false,
+ 'block' => null,
+ 'globalBlock' => null,
'isAllowed' => false,
],
- [
+ 'blocked with account creation disabled' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => true,
- 'canSeePassword' => true,
- 'userIsBlocked' => true,
+ 'block' => new Block( [ 'createAccount' => true ] ),
+ 'globalBlock' => null,
'isAllowed' => false,
],
- [
+ 'blocked w/o account creation disabled' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => true,
- 'canSeePassword' => false,
- 'userIsBlocked' => false,
+ 'block' => new Block( [] ),
+ 'globalBlock' => null,
'isAllowed' => true,
],
- [
+ 'using blocked proxy' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
'allowsAuthenticationDataChange' => true,
'canEditPrivate' => true,
- 'canSeePassword' => true,
- 'userIsBlocked' => false,
+ 'block' => new Block( [ 'systemBlock' => 'proxy' ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => false,
+ ],
+ 'globally blocked with account creation disabled' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => null,
+ 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => true ] ),
+ 'isAllowed' => false,
+ ],
+ 'globally blocked with account creation not disabled' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => null,
+ 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => false ] ),
+ 'isAllowed' => true,
+ ],
+ 'blocked via wgSoftBlockRanges' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => new Block( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => true,
+ ],
+ 'all OK' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => null,
+ 'globalBlock' => null,
'isAllowed' => true,
],
];
$request = new FauxRequest();
$request->setIP( '1.2.3.4' );
- $performingUser = $this->getMock( User::class );
+ $performingUser = $this->getMockBuilder( User::class )->getMock();
$performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
$performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
- $targetUser1 = $this->getMock( User::class );
- $targetUser2 = $this->getMock( User::class );
+ $targetUser1 = $this->getMockBuilder( User::class )->getMock();
+ $targetUser2 = $this->getMockBuilder( User::class )->getMock();
$targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
$targetUser2->expects( $this->any() )->method( 'getName' )->willReturn( 'User2' );
$targetUser1->expects( $this->any() )->method( 'getId' )->willReturn( 1 );
dépôts / lhc / web / wiklou.git / blobdiff