dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9a66cb8)
User::isPingLimitable(): handle CIDR notation in $wgRateLimitsExcludedIPs
authorGergő Tisza <gtisza@wikimedia.org>
Thu, 2 Feb 2017 01:23:01 +0000 (01:23 +0000)
committerGergő Tisza <gtisza@wikimedia.org>
Fri, 17 Feb 2017 07:25:11 +0000 (07:25 +0000)
Bug: T156983
Change-Id: I727c19214cb3f9fad558d433bb38fbcf25d8497a

includes/DefaultSettings.php patch | blob | history
includes/user/User.php patch | blob | history
tests/phpunit/includes/user/UserTest.php patch | blob | history

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index c483366..5ecf17c 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5681,7 +5681,7 @@ $wgRateLimits = [
 ];
 
 /**
- * Array of IPs which should be excluded from rate limits.
+ * Array of IPs / CIDR ranges which should be excluded from rate limits.
  * This may be useful for whitelisting NAT gateways for conferences, etc.
  */
 $wgRateLimitsExcludedIPs = [];
diff --git a/includes/user/User.php b/includes/user/User.php
index d0a2f92..1b32503 100644 (file)
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -1862,7 +1862,7 @@ class User implements IDBAccessObject {
         */
        public function isPingLimitable() {
                global $wgRateLimitsExcludedIPs;
-               if ( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
+               if ( IP::isInRanges( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
                        // No other good way currently to disable rate limits
                        // for specific IPs. :P
                        // But this is a crappy hack and should die.
diff --git a/tests/phpunit/includes/user/UserTest.php b/tests/phpunit/includes/user/UserTest.php
index deb9708..615da2e 100644 (file)
--- a/tests/phpunit/includes/user/UserTest.php
+++ b/tests/phpunit/includes/user/UserTest.php
@@ -862,4 +862,26 @@ class UserTest extends MediaWikiTestCase {
                // Clean up.
                $block->delete();
        }
+
+       public function testIsPingLimitable() {
+               $request = new FauxRequest();
+               $request->setIP( '1.2.3.4' );
+               $user = User::newFromSession( $request );
+
+               $this->setMwGlobals( 'wgRateLimitsExcludedIPs', [] );
+               $this->assertTrue( $user->isPingLimitable() );
+
+               $this->setMwGlobals( 'wgRateLimitsExcludedIPs', [ '1.2.3.4' ] );
+               $this->assertFalse( $user->isPingLimitable() );
+
+               $this->setMwGlobals( 'wgRateLimitsExcludedIPs', [ '1.2.3.0/8' ] );
+               $this->assertFalse( $user->isPingLimitable() );
+
+               $this->setMwGlobals( 'wgRateLimitsExcludedIPs', [] );
+               $noRateLimitUser = $this->getMockBuilder( User::class )->disableOriginalConstructor()
+                       ->setMethods( [ 'getIP', 'getRights' ] )->getMock();
+               $noRateLimitUser->expects( $this->any() )->method( 'getIP' )->willReturn( '1.2.3.4' );
+               $noRateLimitUser->expects( $this->any() )->method( 'getRights' )->willReturn( [ 'noratelimit' ] );
+               $this->assertFalse( $noRateLimitUser->isPingLimitable() );
+       }
 }
Wiklou, le Wiki du Wiklou