Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/includes/api/ApiCreateAccountTest.php

162 lines
3.8 KiB
PHP
Raw Normal View History

Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
<?php
/**
* @group Database
* @group API
(bug 43762) Mark slow unit test as @group medium All tests based on APITestCase can be slow. I've also seen more than one Jenkins failure due to GlobalTest::testMerge timing out. Also, added a meta-test on APITestCase to make sure that all its subclasses are marked with @group medium or @group large, to prevent new tests from re-causing the bug. Change-Id: I48630736a3d06574876fd1fa3d90899cfbc48012
2013-01-18 19:02:28 +00:00
* @group medium
Cleanup Api phpunit Tests - Splits multiple classes into individual files - Adds @covers tags - Fixes scope Change-Id: I7d2816d3574fa53a2aaa8e2a84b7a7ecdd245252
2013-10-23 16:01:33 +00:00
*
* @covers ApiCreateAccount
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
*/
class ApiCreateAccountTest extends ApiTestCase {
Cleanup Api phpunit Tests - Splits multiple classes into individual files - Adds @covers tags - Fixes scope Change-Id: I7d2816d3574fa53a2aaa8e2a84b7a7ecdd245252
2013-10-23 16:01:33 +00:00
protected function setUp() {
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
parent::setUp();
Remove SessionManager, temporarily The plan here is to take it out of 1.27.0-wmf.12 and put it back in 1.27.0-wmf.13. Since BotPasswords depends on SessionManager, that's getting temporarily removed too. This reverts the following commits: * 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks * 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider * fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage * 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php * b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally * 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser * 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens * 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs * 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata * 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session * 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null * c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php" * 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure' * 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session * 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting * 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted' * 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId() * 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata() * f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts * 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places * bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails * 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session * 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById() * 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]] * f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords" * d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog * a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 17:28:29 +00:00
LoginForm::setCreateaccountToken();
testInvalidEmail() passes now without local config ApiAccountCreationTest::testInvalidEmail() no longer needs LocalSettings to have $wgEnableEmail = true; Change-Id: I97803be116fda8194e46fe0021c7b32d7b703b1d
2013-02-09 18:57:03 +00:00
$this->setMwGlobals( array( 'wgEnableEmail' => true ) );
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
}
/**
* Test the account creation API with a valid request. Also
* make sure the new account can log in and is valid.
raise timeout for ApiCreateAccountTest::testValid The ApiCreateAccountTest::testValid() test does multiple API request which might end up being a bit slow. That randomly cause random failures when running the test suite which tends to confuse people. Change-Id: I35a6670c61c7917522b2472a3a8e782e97e837f4
2013-01-11 09:46:18 +00:00
*
* This test does multiple API requests so it might end up being
* a bit slow. Raise the default timeout.
* @group medium
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
*/
Fix scope on all /phpunit test methods Change-Id: I3ce92463d485a0fb23e464e9a8059330f32d79af
2013-10-23 22:51:31 +00:00
public function testValid() {
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
global $wgServer;
if ( !isset( $wgServer ) ) {
$this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' );
}
User: Mostly remove password handling AuthManager is coming, which will make it easier to add alternative methods of authentication. But in order to do that, we need to finally get around to ripping the password-related bits out of the User class. The password expiration handling isn't used anywhere in core or extensions in Gerrit beyond testing for expired passwords on login and resetting the expiry date on password change. Those bits have been inlined and the functions removed; AuthManager will allow each "authentication provider" to handle its own password expiration. The methods for fetching passwords, including the fact that mPassword and other fields are public, has also been removed. This is already broken in combination with basically any extension that messes with authentication, and the major use outside of that was in creating system users like MassMessage's "MediaWiki message delivery" user. Password setting methods are silently deprecated, since most of the replacements won't be available until AuthManager. But uses in unit testing can be replaced with TestUser::setPasswordForUser() immediately. User::randomPassword() and User::getPasswordFactory() don't really belong in User either. For the former a new PasswordFactory method has been created, while the latter should just be replaced by the two lines to create a PasswordFactory via its constructor. Bug: T47716 Change-Id: I2c736ad72d946fa9b859e6cd335fa58aececc0d5
2015-09-04 16:17:42 +00:00
$password = PasswordFactory::generateRandomPasswordString();
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
$ret = $this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Apitestnew',
'password' => $password,
Fix ApiCreateAccountTest for $wgEnableEmail = false; 1) ApiCreateAccountTest::testInvalidEmail Failed asserting that exception of type "UsageException" is thrown. Also explicit log out the user Change-Id: I1d90c2b78bbcef494dc91822feeba37eebb8ca20
2013-01-13 10:10:55 +00:00
'email' => 'test@domain.test',
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'realname' => 'Test Name'
) );
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$this->assertNotInternalType( 'null', $result['createaccount'] );
// Should first ask for token.
$a = $result['createaccount'];
Make ApiCreateAccount return camelcase statuses Bug: 61663 Change-Id: I214d8eb7c9d49f55f49c5228c92806601c5499f6
2014-02-20 15:06:59 +00:00
$this->assertEquals( 'NeedToken', $a['result'] );
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
$token = $a['token'];
// Finally create the account
Update code formatting Change-Id: I16a9b42651f1cfb1a70dffbb67b7b83dfeb90d03
2013-04-26 12:00:22 +00:00
$ret = $this->doApiRequest(
array(
'action' => 'createaccount',
'name' => 'Apitestnew',
'password' => $password,
'token' => $token,
'email' => 'test@domain.test',
'realname' => 'Test Name'
),
$ret[2]
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
);
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
Make ApiCreateAccount return camelcase statuses Bug: 61663 Change-Id: I214d8eb7c9d49f55f49c5228c92806601c5499f6
2014-02-20 15:06:59 +00:00
$this->assertEquals( 'Success', $result['createaccount']['result'] );
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
// Try logging in with the new user.
$ret = $this->doApiRequest( array(
'action' => 'login',
'lgname' => 'Apitestnew',
'lgpassword' => $password,
Update code formatting Also update some previous inconsistencies pointed out by Krinkle in change IDs: * Ide20743a2e84ff68549286120e6cff9d9f396f54 * I811ca957b6588085d67606ebc0cd4033a1e53839 Change-Id: Ife33b931870d0d7e04fcb40974997436d27f528f
2013-03-25 23:27:14 +00:00
) );
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$this->assertNotInternalType( 'null', $result['login'] );
$a = $result['login']['result'];
$this->assertEquals( 'NeedToken', $a );
$token = $result['login']['token'];
Update code formatting Also update some previous inconsistencies pointed out by Krinkle in change IDs: * Ide20743a2e84ff68549286120e6cff9d9f396f54 * I811ca957b6588085d67606ebc0cd4033a1e53839 Change-Id: Ife33b931870d0d7e04fcb40974997436d27f528f
2013-03-25 23:27:14 +00:00
$ret = $this->doApiRequest(
array(
'action' => 'login',
'lgtoken' => $token,
'lgname' => 'Apitestnew',
'lgpassword' => $password,
),
$ret[2]
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
);
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$a = $result['login']['result'];
$this->assertEquals( 'Success', $a );
Fix ApiCreateAccountTest for $wgEnableEmail = false; 1) ApiCreateAccountTest::testInvalidEmail Failed asserting that exception of type "UsageException" is thrown. Also explicit log out the user Change-Id: I1d90c2b78bbcef494dc91822feeba37eebb8ca20
2013-01-13 10:10:55 +00:00
// log out to destroy the session
Update code formatting Also update some previous inconsistencies pointed out by Krinkle in change IDs: * Ide20743a2e84ff68549286120e6cff9d9f396f54 * I811ca957b6588085d67606ebc0cd4033a1e53839 Change-Id: Ife33b931870d0d7e04fcb40974997436d27f528f
2013-03-25 23:27:14 +00:00
$ret = $this->doApiRequest(
array(
'action' => 'logout',
),
$ret[2]
Fix ApiCreateAccountTest for $wgEnableEmail = false; 1) ApiCreateAccountTest::testInvalidEmail Failed asserting that exception of type "UsageException" is thrown. Also explicit log out the user Change-Id: I1d90c2b78bbcef494dc91822feeba37eebb8ca20
2013-01-13 10:10:55 +00:00
);
$this->assertEquals( array(), $ret[0] );
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
}
/**
* Make sure requests with no names are invalid.
* @expectedException UsageException
*/
Fix scope on all /phpunit test methods Change-Id: I3ce92463d485a0fb23e464e9a8059330f32d79af
2013-10-23 22:51:31 +00:00
public function testNoName() {
Remove unused local variables in tests Change-Id: I71318eb7d8c00bfc1ce6d2fc636b498f7a695f42
2013-04-26 07:48:46 +00:00
$this->doApiRequest( array(
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'action' => 'createaccount',
Remove SessionManager, temporarily The plan here is to take it out of 1.27.0-wmf.12 and put it back in 1.27.0-wmf.13. Since BotPasswords depends on SessionManager, that's getting temporarily removed too. This reverts the following commits: * 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks * 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider * fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage * 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php * b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally * 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser * 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens * 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs * 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata * 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session * 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null * c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php" * 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure' * 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session * 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting * 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted' * 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId() * 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata() * f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts * 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places * bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails * 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session * 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById() * 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]] * f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords" * d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog * a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 17:28:29 +00:00
'token' => LoginForm::getCreateaccountToken(),
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'password' => 'password',
) );
}
/**
* Make sure requests with no password are invalid.
* @expectedException UsageException
*/
Fix scope on all /phpunit test methods Change-Id: I3ce92463d485a0fb23e464e9a8059330f32d79af
2013-10-23 22:51:31 +00:00
public function testNoPassword() {
Remove unused local variables in tests Change-Id: I71318eb7d8c00bfc1ce6d2fc636b498f7a695f42
2013-04-26 07:48:46 +00:00
$this->doApiRequest( array(
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'action' => 'createaccount',
'name' => 'testName',
Remove SessionManager, temporarily The plan here is to take it out of 1.27.0-wmf.12 and put it back in 1.27.0-wmf.13. Since BotPasswords depends on SessionManager, that's getting temporarily removed too. This reverts the following commits: * 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks * 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider * fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage * 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php * b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally * 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser * 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens * 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs * 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata * 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session * 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null * c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php" * 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure' * 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session * 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting * 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted' * 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId() * 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata() * f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts * 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places * bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails * 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session * 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById() * 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]] * f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords" * d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog * a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 17:28:29 +00:00
'token' => LoginForm::getCreateaccountToken(),
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
) );
}
/**
* Make sure requests with existing users are invalid.
* @expectedException UsageException
*/
Fix scope on all /phpunit test methods Change-Id: I3ce92463d485a0fb23e464e9a8059330f32d79af
2013-10-23 22:51:31 +00:00
public function testExistingUser() {
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
$this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Apitestsysop',
Remove SessionManager, temporarily The plan here is to take it out of 1.27.0-wmf.12 and put it back in 1.27.0-wmf.13. Since BotPasswords depends on SessionManager, that's getting temporarily removed too. This reverts the following commits: * 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks * 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider * fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage * 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php * b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally * 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser * 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens * 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs * 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata * 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session * 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null * c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php" * 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure' * 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session * 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting * 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted' * 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId() * 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata() * f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts * 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places * bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails * 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session * 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById() * 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]] * f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords" * d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog * a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 17:28:29 +00:00
'token' => LoginForm::getCreateaccountToken(),
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'password' => 'password',
'email' => 'test@domain.test',
) );
}
/**
* Make sure requests with invalid emails are invalid.
* @expectedException UsageException
*/
Fix scope on all /phpunit test methods Change-Id: I3ce92463d485a0fb23e464e9a8059330f32d79af
2013-10-23 22:51:31 +00:00
public function testInvalidEmail() {
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
$this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Test User',
Remove SessionManager, temporarily The plan here is to take it out of 1.27.0-wmf.12 and put it back in 1.27.0-wmf.13. Since BotPasswords depends on SessionManager, that's getting temporarily removed too. This reverts the following commits: * 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks * 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider * fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage * 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php * b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally * 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser * 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens * 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs * 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata * 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session * 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null * c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php" * 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure' * 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session * 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting * 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted' * 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId() * 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata() * f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts * 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places * bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails * 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session * 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById() * 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]] * f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords" * d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog * a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 17:28:29 +00:00
'token' => LoginForm::getCreateaccountToken(),
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
'password' => 'password',
Fix ApiCreateAccountTest for $wgEnableEmail = false; 1) ApiCreateAccountTest::testInvalidEmail Failed asserting that exception of type "UsageException" is thrown. Also explicit log out the user Change-Id: I1d90c2b78bbcef494dc91822feeba37eebb8ca20
2013-01-13 10:10:55 +00:00
'email' => 'invalid',
Added account creation API. Created new API action "createaccount" that allows access to account creation. Takes username, password, email, realname, token, and optionally mailpassword and reason. Errors are given in an errors array. Note there is no way to natively handle CAPTCHAs as there is no uniform implementation of presenting CAPTCHA links to user. Right now the best an extension can do is return an error in AbortNewAccount, which will then be displayed as an error in the Api result. Change-Id: Ibdb1e50d434fb857683e1e4ff5a4a5a91c6b7c3a
2012-08-08 13:58:47 +00:00
) );
}
}
Reference in a new issue Copy permalink