2019-04-05 19:13:17 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
use MediaWiki\Block\BlockManager;
|
2019-06-17 16:59:02 +00:00
|
|
|
use MediaWiki\Block\CompositeBlock;
|
2020-01-10 00:00:51 +00:00
|
|
|
use MediaWiki\Block\DatabaseBlock;
|
2019-06-20 10:29:01 +00:00
|
|
|
use MediaWiki\Block\SystemBlock;
|
2019-06-26 14:06:01 +00:00
|
|
|
use MediaWiki\MediaWikiServices;
|
2019-08-20 17:29:59 +00:00
|
|
|
use Psr\Log\LoggerInterface;
|
2020-01-10 00:00:51 +00:00
|
|
|
use Wikimedia\TestingAccessWrapper;
|
2019-04-05 19:13:17 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @group Blocking
|
|
|
|
|
* @group Database
|
|
|
|
|
* @coversDefaultClass \MediaWiki\Block\BlockManager
|
|
|
|
|
*/
|
|
|
|
|
class BlockManagerTest extends MediaWikiTestCase {
|
2019-08-14 12:58:53 +00:00
|
|
|
use TestAllServiceOptionsUsed;
|
2019-04-05 19:13:17 +00:00
|
|
|
|
|
|
|
|
/** @var User */
|
|
|
|
|
protected $user;
|
|
|
|
|
|
|
|
|
|
/** @var int */
|
|
|
|
|
protected $sysopId;
|
|
|
|
|
|
2019-10-20 18:11:08 +00:00
|
|
|
protected function setUp() : void {
|
2019-04-05 19:13:17 +00:00
|
|
|
parent::setUp();
|
|
|
|
|
|
|
|
|
|
$this->user = $this->getTestUser()->getUser();
|
|
|
|
|
$this->sysopId = $this->getTestSysop()->getUser()->getId();
|
2019-05-27 21:53:23 +00:00
|
|
|
$this->blockManagerConfig = [
|
2019-04-05 19:13:17 +00:00
|
|
|
'wgApplyIpBlocksToXff' => true,
|
|
|
|
|
'wgCookieSetOnAutoblock' => true,
|
|
|
|
|
'wgCookieSetOnIpBlock' => true,
|
|
|
|
|
'wgDnsBlacklistUrls' => [],
|
|
|
|
|
'wgEnableDnsBlacklist' => true,
|
|
|
|
|
'wgProxyList' => [],
|
|
|
|
|
'wgProxyWhitelist' => [],
|
2019-06-06 18:00:20 +00:00
|
|
|
'wgSecretKey' => false,
|
2019-04-05 19:13:17 +00:00
|
|
|
'wgSoftBlockRanges' => [],
|
2019-05-27 21:53:23 +00:00
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function getBlockManager( $overrideConfig ) {
|
2019-04-05 19:13:17 +00:00
|
|
|
return new BlockManager(
|
2019-06-26 14:06:01 +00:00
|
|
|
...$this->getBlockManagerConstructorArgs( $overrideConfig )
|
2019-04-05 19:13:17 +00:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-26 14:06:01 +00:00
|
|
|
private function getBlockManagerConstructorArgs( $overrideConfig ) {
|
|
|
|
|
$blockManagerConfig = array_merge( $this->blockManagerConfig, $overrideConfig );
|
|
|
|
|
$this->setMwGlobals( $blockManagerConfig );
|
2019-08-20 17:29:59 +00:00
|
|
|
$logger = $this->getMockBuilder( LoggerInterface::class )->getMock();
|
2019-06-26 14:06:01 +00:00
|
|
|
return [
|
2019-08-14 12:58:53 +00:00
|
|
|
new LoggedServiceOptions(
|
|
|
|
|
self::$serviceOptionsAccessLog,
|
2019-10-08 18:24:22 +00:00
|
|
|
BlockManager::CONSTRUCTOR_OPTIONS,
|
2019-06-26 14:06:01 +00:00
|
|
|
MediaWikiServices::getInstance()->getMainConfig()
|
|
|
|
|
),
|
2019-08-20 17:29:59 +00:00
|
|
|
MediaWikiServices::getInstance()->getPermissionManager(),
|
Hooks::run() call site migration
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
2020-03-19 02:42:09 +00:00
|
|
|
$logger,
|
|
|
|
|
MediaWikiServices::getInstance()->getHookContainer()
|
2019-06-26 14:06:01 +00:00
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-05 19:13:17 +00:00
|
|
|
/**
|
2019-10-15 13:33:19 +00:00
|
|
|
* @dataProvider provideBlocksForShouldApplyCookieBlock
|
2019-04-05 19:13:17 +00:00
|
|
|
* @covers ::getBlockFromCookieValue
|
2019-06-26 10:04:50 +00:00
|
|
|
* @covers ::shouldApplyCookieBlock
|
2019-04-05 19:13:17 +00:00
|
|
|
*/
|
|
|
|
|
public function testGetBlockFromCookieValue( $options, $expected ) {
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockManager = TestingAccessWrapper::newFromObject(
|
|
|
|
|
$this->getBlockManager( [
|
|
|
|
|
'wgCookieSetOnAutoblock' => true,
|
|
|
|
|
'wgCookieSetOnIpBlock' => true,
|
|
|
|
|
] )
|
|
|
|
|
);
|
2019-04-05 19:13:17 +00:00
|
|
|
|
2019-05-13 14:18:07 +00:00
|
|
|
$block = new DatabaseBlock( array_merge( [
|
2019-06-17 16:59:02 +00:00
|
|
|
'address' => $options['target'] ?: $this->user,
|
2019-04-05 19:13:17 +00:00
|
|
|
'by' => $this->sysopId,
|
2019-06-17 16:59:02 +00:00
|
|
|
], $options['blockOptions'] ) );
|
2019-04-05 19:13:17 +00:00
|
|
|
$block->insert();
|
|
|
|
|
|
2019-06-17 16:59:02 +00:00
|
|
|
$user = $options['loggedIn'] ? $this->user : new User();
|
2019-11-18 17:08:54 +00:00
|
|
|
$user->getRequest()->setCookie( 'BlockID', $blockManager->getCookieValue( $block ) );
|
2019-04-05 19:13:17 +00:00
|
|
|
|
2019-06-17 16:59:02 +00:00
|
|
|
$this->assertSame( $expected, (bool)$blockManager->getBlockFromCookieValue(
|
2019-04-05 19:13:17 +00:00
|
|
|
$user,
|
|
|
|
|
$user->getRequest()
|
|
|
|
|
) );
|
|
|
|
|
|
|
|
|
|
$block->delete();
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-15 13:33:19 +00:00
|
|
|
/**
|
|
|
|
|
* @dataProvider provideBlocksForShouldApplyCookieBlock
|
|
|
|
|
* @covers ::trackBlockWithCookie
|
|
|
|
|
* @covers ::shouldApplyCookieBlock
|
|
|
|
|
*/
|
|
|
|
|
public function testTrackBlockWithCookieRemovesBlocks( $options, $expectKeepCookie ) {
|
|
|
|
|
$blockManager = TestingAccessWrapper::newFromObject(
|
|
|
|
|
$this->getBlockManager( [
|
|
|
|
|
'wgCookieSetOnAutoblock' => true,
|
|
|
|
|
'wgCookieSetOnIpBlock' => true,
|
|
|
|
|
] )
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$block = new DatabaseBlock( array_merge( [
|
|
|
|
|
'address' => $options['target'] ?: $this->user,
|
|
|
|
|
'by' => $this->sysopId,
|
|
|
|
|
], $options['blockOptions'] ) );
|
|
|
|
|
$block->insert();
|
|
|
|
|
|
|
|
|
|
$user = $options['loggedIn'] ? $this->user : new User();
|
2019-11-18 17:08:54 +00:00
|
|
|
$user->getRequest()->setCookie( 'BlockID', $blockManager->getCookieValue( $block ) );
|
2019-10-15 13:33:19 +00:00
|
|
|
|
|
|
|
|
$blockManager->trackBlockWithCookie(
|
|
|
|
|
$user,
|
|
|
|
|
$user->getRequest()->response()
|
|
|
|
|
);
|
|
|
|
|
|
2020-02-28 15:45:22 +00:00
|
|
|
$this->assertCount(
|
2019-10-15 13:33:19 +00:00
|
|
|
$expectKeepCookie ? 0 : 1,
|
2020-02-28 15:45:22 +00:00
|
|
|
$user->getRequest()->response()->getCookies()
|
2019-10-15 13:33:19 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$block->delete();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideBlocksForShouldApplyCookieBlock() {
|
2019-04-05 19:13:17 +00:00
|
|
|
return [
|
|
|
|
|
'Autoblocking user block' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '',
|
|
|
|
|
'loggedIn' => true,
|
|
|
|
|
'blockOptions' => [
|
|
|
|
|
'enableAutoblock' => true
|
|
|
|
|
],
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
2019-10-15 13:33:19 +00:00
|
|
|
'Autoblocking user block for anonymous user' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '',
|
|
|
|
|
'loggedIn' => false,
|
|
|
|
|
'blockOptions' => [
|
|
|
|
|
'enableAutoblock' => true
|
|
|
|
|
],
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
2019-04-05 19:13:17 +00:00
|
|
|
'Non-autoblocking user block' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '',
|
|
|
|
|
'loggedIn' => true,
|
|
|
|
|
'blockOptions' => [],
|
|
|
|
|
],
|
|
|
|
|
false,
|
|
|
|
|
],
|
|
|
|
|
'IP block for anonymous user' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '127.0.0.1',
|
|
|
|
|
'loggedIn' => false,
|
|
|
|
|
'blockOptions' => [],
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
'IP block for logged in user' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '127.0.0.1',
|
|
|
|
|
'loggedIn' => true,
|
|
|
|
|
'blockOptions' => [],
|
|
|
|
|
],
|
|
|
|
|
false,
|
|
|
|
|
],
|
|
|
|
|
'IP range block for anonymous user' => [
|
|
|
|
|
[
|
|
|
|
|
'target' => '127.0.0.0/8',
|
|
|
|
|
'loggedIn' => false,
|
|
|
|
|
'blockOptions' => [],
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideIsLocallyBlockedProxy
|
|
|
|
|
* @covers ::isLocallyBlockedProxy
|
|
|
|
|
*/
|
|
|
|
|
public function testIsLocallyBlockedProxy( $proxyList, $expected ) {
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockManager = TestingAccessWrapper::newFromObject(
|
|
|
|
|
$this->getBlockManager( [
|
|
|
|
|
'wgProxyList' => $proxyList
|
|
|
|
|
] )
|
|
|
|
|
);
|
2019-04-05 19:13:17 +00:00
|
|
|
|
|
|
|
|
$ip = '1.2.3.4';
|
2019-06-17 16:59:02 +00:00
|
|
|
$this->assertSame( $expected, $blockManager->isLocallyBlockedProxy( $ip ) );
|
2019-04-05 19:13:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideIsLocallyBlockedProxy() {
|
|
|
|
|
return [
|
|
|
|
|
'Proxy list is empty' => [ [], false ],
|
|
|
|
|
'Proxy list contains IP' => [ [ '1.2.3.4' ], true ],
|
|
|
|
|
'Proxy list contains IP as value' => [ [ 'test' => '1.2.3.4' ], true ],
|
|
|
|
|
'Proxy list contains range that covers IP' => [ [ '1.2.3.0/16' ], true ],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideIsDnsBlacklisted
|
|
|
|
|
* @covers ::isDnsBlacklisted
|
|
|
|
|
* @covers ::inDnsBlacklist
|
|
|
|
|
*/
|
|
|
|
|
public function testIsDnsBlacklisted( $options, $expected ) {
|
2019-06-26 14:06:01 +00:00
|
|
|
$blockManagerConfig = [
|
2019-04-05 19:13:17 +00:00
|
|
|
'wgEnableDnsBlacklist' => true,
|
2019-05-27 21:53:23 +00:00
|
|
|
'wgDnsBlacklistUrls' => $options['blacklist'],
|
|
|
|
|
'wgProxyWhitelist' => $options['whitelist'],
|
2019-06-26 14:06:01 +00:00
|
|
|
];
|
2019-04-05 19:13:17 +00:00
|
|
|
|
2019-05-27 21:53:23 +00:00
|
|
|
$blockManager = $this->getMockBuilder( BlockManager::class )
|
2019-06-26 14:06:01 +00:00
|
|
|
->setConstructorArgs( $this->getBlockManagerConstructorArgs( $blockManagerConfig ) )
|
2019-05-27 21:53:23 +00:00
|
|
|
->setMethods( [ 'checkHost' ] )
|
|
|
|
|
->getMock();
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockManager->method( 'checkHost' )
|
2019-05-27 21:53:23 +00:00
|
|
|
->will( $this->returnValueMap( [ [
|
|
|
|
|
$options['dnsblQuery'],
|
|
|
|
|
$options['dnsblResponse'],
|
|
|
|
|
] ] ) );
|
|
|
|
|
|
2019-04-05 19:13:17 +00:00
|
|
|
$this->assertSame(
|
|
|
|
|
$expected,
|
2019-05-27 21:53:23 +00:00
|
|
|
$blockManager->isDnsBlacklisted( $options['ip'], $options['checkWhitelist'] )
|
2019-04-05 19:13:17 +00:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideIsDnsBlacklisted() {
|
2019-05-27 21:53:23 +00:00
|
|
|
$dnsblFound = [ '127.0.0.2' ];
|
|
|
|
|
$dnsblNotFound = false;
|
2019-04-05 19:13:17 +00:00
|
|
|
return [
|
|
|
|
|
'IP is blacklisted' => [
|
|
|
|
|
[
|
2019-05-27 21:53:23 +00:00
|
|
|
'blacklist' => [ 'dnsbl.test' ],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => '1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [],
|
|
|
|
|
'checkWhitelist' => false,
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
'IP is blacklisted; blacklist has key' => [
|
|
|
|
|
[
|
|
|
|
|
'blacklist' => [ [ 'dnsbl.test', 'key' ] ],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => 'key.1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [],
|
|
|
|
|
'checkWhitelist' => false,
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
'IP is blacklisted; blacklist is array' => [
|
|
|
|
|
[
|
|
|
|
|
'blacklist' => [ [ 'dnsbl.test' ] ],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => '1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [],
|
|
|
|
|
'checkWhitelist' => false,
|
2019-04-05 19:13:17 +00:00
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
'IP is not blacklisted' => [
|
|
|
|
|
[
|
2019-05-27 21:53:23 +00:00
|
|
|
'blacklist' => [ 'dnsbl.test' ],
|
|
|
|
|
'ip' => '1.2.3.4',
|
|
|
|
|
'dnsblQuery' => '4.3.2.1.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblNotFound,
|
|
|
|
|
'whitelist' => [],
|
|
|
|
|
'checkWhitelist' => false,
|
2019-04-05 19:13:17 +00:00
|
|
|
],
|
|
|
|
|
false,
|
|
|
|
|
],
|
2019-05-27 21:53:23 +00:00
|
|
|
'Blacklist is empty' => [
|
2019-04-05 19:13:17 +00:00
|
|
|
[
|
2019-05-27 21:53:23 +00:00
|
|
|
'blacklist' => [],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => '1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [],
|
|
|
|
|
'checkWhitelist' => false,
|
2019-04-05 19:13:17 +00:00
|
|
|
],
|
2019-05-27 21:53:23 +00:00
|
|
|
false,
|
2019-04-05 19:13:17 +00:00
|
|
|
],
|
|
|
|
|
'IP is blacklisted and whitelisted; whitelist is not checked' => [
|
|
|
|
|
[
|
2019-05-27 21:53:23 +00:00
|
|
|
'blacklist' => [ 'dnsbl.test' ],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => '1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [ '127.0.0.1' ],
|
|
|
|
|
'checkWhitelist' => false,
|
|
|
|
|
],
|
|
|
|
|
true,
|
|
|
|
|
],
|
|
|
|
|
'IP is blacklisted and whitelisted; whitelist is checked' => [
|
|
|
|
|
[
|
|
|
|
|
'blacklist' => [ 'dnsbl.test' ],
|
|
|
|
|
'ip' => '127.0.0.1',
|
|
|
|
|
'dnsblQuery' => '1.0.0.127.dnsbl.test',
|
|
|
|
|
'dnsblResponse' => $dnsblFound,
|
|
|
|
|
'whitelist' => [ '127.0.0.1' ],
|
|
|
|
|
'checkWhitelist' => true,
|
2019-04-05 19:13:17 +00:00
|
|
|
],
|
|
|
|
|
false,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
2019-06-20 10:29:01 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @covers ::getUniqueBlocks
|
|
|
|
|
*/
|
|
|
|
|
public function testGetUniqueBlocks() {
|
|
|
|
|
$blockId = 100;
|
|
|
|
|
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockManager = TestingAccessWrapper::newFromObject( $this->getBlockManager( [] ) );
|
2019-06-20 10:29:01 +00:00
|
|
|
|
|
|
|
|
$block = $this->getMockBuilder( DatabaseBlock::class )
|
|
|
|
|
->setMethods( [ 'getId' ] )
|
|
|
|
|
->getMock();
|
2019-06-17 16:59:02 +00:00
|
|
|
$block->method( 'getId' )
|
2019-06-20 10:29:01 +00:00
|
|
|
->willReturn( $blockId );
|
|
|
|
|
|
|
|
|
|
$autoblock = $this->getMockBuilder( DatabaseBlock::class )
|
|
|
|
|
->setMethods( [ 'getParentBlockId', 'getType' ] )
|
|
|
|
|
->getMock();
|
2019-06-17 16:59:02 +00:00
|
|
|
$autoblock->method( 'getParentBlockId' )
|
2019-06-20 10:29:01 +00:00
|
|
|
->willReturn( $blockId );
|
2019-06-17 16:59:02 +00:00
|
|
|
$autoblock->method( 'getType' )
|
2019-06-20 10:29:01 +00:00
|
|
|
->willReturn( DatabaseBlock::TYPE_AUTO );
|
|
|
|
|
|
|
|
|
|
$blocks = [ $block, $block, $autoblock, new SystemBlock() ];
|
|
|
|
|
|
2020-02-28 15:45:22 +00:00
|
|
|
$this->assertCount( 2, $blockManager->getUniqueBlocks( $blocks ) );
|
2019-06-20 10:29:01 +00:00
|
|
|
}
|
2019-06-26 06:00:07 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideTrackBlockWithCookie
|
2019-06-17 16:59:02 +00:00
|
|
|
* @covers ::trackBlockWithCookie
|
2019-06-26 06:00:07 +00:00
|
|
|
*/
|
2019-09-16 12:18:56 +00:00
|
|
|
public function testTrackBlockWithCookie( $options, $expected ) {
|
2019-06-26 06:00:07 +00:00
|
|
|
$this->setMwGlobals( 'wgCookiePrefix', '' );
|
|
|
|
|
|
|
|
|
|
$request = new FauxRequest();
|
2019-06-17 16:59:02 +00:00
|
|
|
if ( $options['cookieSet'] ) {
|
2019-06-26 06:00:07 +00:00
|
|
|
$request->setCookie( 'BlockID', 'the value does not matter' );
|
|
|
|
|
}
|
2019-09-07 23:44:46 +00:00
|
|
|
/** @var FauxResponse $response */
|
|
|
|
|
$response = $request->response();
|
2019-06-26 06:00:07 +00:00
|
|
|
|
|
|
|
|
$user = $this->getMockBuilder( User::class )
|
|
|
|
|
->setMethods( [ 'getBlock', 'getRequest' ] )
|
|
|
|
|
->getMock();
|
|
|
|
|
$user->method( 'getBlock' )
|
2019-06-17 16:59:02 +00:00
|
|
|
->willReturn( $options['block'] );
|
2019-06-26 06:00:07 +00:00
|
|
|
$user->method( 'getRequest' )
|
|
|
|
|
->willReturn( $request );
|
|
|
|
|
|
|
|
|
|
// Although the block cookie is set via DeferredUpdates, in command line mode updates are
|
|
|
|
|
// processed immediately
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockManager = $this->getBlockManager( [
|
|
|
|
|
'wgSecretKey' => '',
|
|
|
|
|
'wgCookieSetOnIpBlock' => true,
|
|
|
|
|
] );
|
2019-09-07 23:44:46 +00:00
|
|
|
$blockManager->trackBlockWithCookie( $user, $response );
|
2019-06-26 06:00:07 +00:00
|
|
|
|
2019-09-16 12:18:56 +00:00
|
|
|
$this->assertCount( $expected['count'], $response->getCookies() );
|
|
|
|
|
$this->assertEquals( $expected['value'], $response->getCookie( 'BlockID' ) );
|
2019-06-26 06:00:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function provideTrackBlockWithCookie() {
|
2019-06-17 16:59:02 +00:00
|
|
|
$blockId = 123;
|
|
|
|
|
return [
|
|
|
|
|
'Block cookie is already set; there is a trackable block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => true,
|
|
|
|
|
'block' => $this->getTrackableBlock( $blockId ),
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
'count' => 1,
|
|
|
|
|
'value' => $blockId,
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
'Block cookie is already set; there is no block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => true,
|
|
|
|
|
'block' => null,
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
// Cookie is cleared by setting it to empty value
|
|
|
|
|
'count' => 1,
|
|
|
|
|
'value' => '',
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
'Block cookie is not yet set; there is no block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => false,
|
|
|
|
|
'block' => null,
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
'count' => 0,
|
|
|
|
|
'value' => null,
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
'Block cookie is not yet set; there is a trackable block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => false,
|
|
|
|
|
'block' => $this->getTrackableBlock( $blockId ),
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
'count' => 1,
|
|
|
|
|
'value' => $blockId,
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
'Block cookie is not yet set; there is a composite block with a trackable block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => false,
|
|
|
|
|
'block' => new CompositeBlock( [
|
|
|
|
|
'originalBlocks' => [
|
|
|
|
|
new SystemBlock(),
|
|
|
|
|
$this->getTrackableBlock( $blockId ),
|
|
|
|
|
]
|
|
|
|
|
] ),
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
'count' => 1,
|
|
|
|
|
'value' => $blockId,
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
'Block cookie is not yet set; there is a composite block but no trackable block' => [
|
|
|
|
|
[
|
|
|
|
|
'cookieSet' => false,
|
|
|
|
|
'block' => new CompositeBlock( [
|
|
|
|
|
'originalBlocks' => [
|
|
|
|
|
new SystemBlock(),
|
|
|
|
|
new SystemBlock(),
|
|
|
|
|
]
|
|
|
|
|
] ),
|
|
|
|
|
],
|
2019-09-16 12:18:56 +00:00
|
|
|
[
|
|
|
|
|
'count' => 0,
|
|
|
|
|
'value' => null,
|
|
|
|
|
]
|
2019-06-17 16:59:02 +00:00
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private function getTrackableBlock( $blockId ) {
|
|
|
|
|
$block = $this->getMockBuilder( DatabaseBlock::class )
|
|
|
|
|
->setMethods( [ 'getType', 'getId' ] )
|
|
|
|
|
->getMock();
|
|
|
|
|
$block->method( 'getType' )
|
|
|
|
|
->willReturn( DatabaseBlock::TYPE_IP );
|
|
|
|
|
$block->method( 'getId' )
|
|
|
|
|
->willReturn( $blockId );
|
|
|
|
|
return $block;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideSetBlockCookie
|
|
|
|
|
* @covers ::setBlockCookie
|
|
|
|
|
*/
|
|
|
|
|
public function testSetBlockCookie( $expiryDelta, $expectedExpiryDelta ) {
|
|
|
|
|
$this->setMwGlobals( [
|
|
|
|
|
'wgCookiePrefix' => '',
|
|
|
|
|
] );
|
|
|
|
|
|
|
|
|
|
$request = new FauxRequest();
|
|
|
|
|
$response = $request->response();
|
|
|
|
|
|
|
|
|
|
$blockManager = $this->getBlockManager( [
|
|
|
|
|
'wgSecretKey' => '',
|
|
|
|
|
'wgCookieSetOnIpBlock' => true,
|
|
|
|
|
] );
|
|
|
|
|
|
|
|
|
|
$now = wfTimestamp();
|
|
|
|
|
|
|
|
|
|
$block = new DatabaseBlock( [
|
|
|
|
|
'expiry' => $expiryDelta === '' ? '' : $now + $expiryDelta
|
|
|
|
|
] );
|
|
|
|
|
$blockManager->setBlockCookie( $block, $response );
|
|
|
|
|
$cookies = $response->getCookies();
|
|
|
|
|
|
2019-12-14 12:45:35 +00:00
|
|
|
$this->assertEqualsWithDelta(
|
2019-06-17 16:59:02 +00:00
|
|
|
$now + $expectedExpiryDelta,
|
|
|
|
|
$cookies['BlockID']['expire'],
|
|
|
|
|
60 // Allow actual to be up to 60 seconds later than expected
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideSetBlockCookie() {
|
|
|
|
|
// Maximum length of a block cookie, defined in BlockManager::setBlockCookie
|
|
|
|
|
$maxExpiryDelta = ( 24 * 60 * 60 );
|
|
|
|
|
|
|
|
|
|
$longExpiryDelta = ( 48 * 60 * 60 );
|
|
|
|
|
$shortExpiryDelta = ( 12 * 60 * 60 );
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
'Block has indefinite expiry' => [
|
|
|
|
|
'',
|
|
|
|
|
$maxExpiryDelta,
|
|
|
|
|
],
|
|
|
|
|
'Block expiry is later than maximum cookie block expiry' => [
|
|
|
|
|
$longExpiryDelta,
|
|
|
|
|
$maxExpiryDelta,
|
|
|
|
|
],
|
|
|
|
|
'Block expiry is sooner than maximum cookie block expiry' => [
|
|
|
|
|
$shortExpiryDelta,
|
|
|
|
|
$shortExpiryDelta,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @covers ::shouldTrackBlockWithCookie
|
|
|
|
|
*/
|
|
|
|
|
public function testShouldTrackBlockWithCookieSystemBlock() {
|
|
|
|
|
$blockManager = TestingAccessWrapper::newFromObject( $this->getBlockManager( [] ) );
|
|
|
|
|
$this->assertFalse( $blockManager->shouldTrackBlockWithCookie(
|
|
|
|
|
new SystemBlock(),
|
|
|
|
|
true
|
|
|
|
|
) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideShouldTrackBlockWithCookie
|
|
|
|
|
* @covers ::shouldTrackBlockWithCookie
|
|
|
|
|
*/
|
|
|
|
|
public function testShouldTrackBlockWithCookie( $options, $expected ) {
|
|
|
|
|
$block = $this->getMockBuilder( DatabaseBlock::class )
|
|
|
|
|
->setMethods( [ 'getType', 'isAutoblocking' ] )
|
|
|
|
|
->getMock();
|
|
|
|
|
$block->method( 'getType' )
|
|
|
|
|
->willReturn( $options['type'] );
|
|
|
|
|
if ( isset( $options['autoblocking'] ) ) {
|
|
|
|
|
$block->method( 'isAutoblocking' )
|
|
|
|
|
->willReturn( $options['autoblocking'] );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$blockManager = TestingAccessWrapper::newFromObject(
|
|
|
|
|
$this->getBlockManager( $options['blockManagerConfig'] )
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$this->assertSame(
|
|
|
|
|
$expected,
|
|
|
|
|
$blockManager->shouldTrackBlockWithCookie( $block, $options['isAnon'] )
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideShouldTrackBlockWithCookie() {
|
2019-06-26 06:00:07 +00:00
|
|
|
return [
|
2019-06-17 16:59:02 +00:00
|
|
|
'IP block, anonymous user, IP block cookies enabled' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_IP,
|
|
|
|
|
'isAnon' => true,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnIpBlock' => true ],
|
|
|
|
|
],
|
|
|
|
|
true
|
|
|
|
|
],
|
|
|
|
|
'IP range block, anonymous user, IP block cookies enabled' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_RANGE,
|
|
|
|
|
'isAnon' => true,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnIpBlock' => true ],
|
|
|
|
|
],
|
|
|
|
|
true
|
|
|
|
|
],
|
|
|
|
|
'IP block, anonymous user, IP block cookies disabled' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_IP,
|
|
|
|
|
'isAnon' => true,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnIpBlock' => false ],
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
],
|
|
|
|
|
'IP block, logged in user, IP block cookies enabled' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_IP,
|
|
|
|
|
'isAnon' => false,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnIpBlock' => true ],
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
],
|
|
|
|
|
'User block, anonymous, autoblock cookies enabled, block is autoblocking' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_USER,
|
|
|
|
|
'isAnon' => true,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnAutoblock' => true ],
|
|
|
|
|
'autoblocking' => true,
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
],
|
|
|
|
|
'User block, logged in, autoblock cookies enabled, block is autoblocking' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_USER,
|
|
|
|
|
'isAnon' => false,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnAutoblock' => true ],
|
|
|
|
|
'autoblocking' => true,
|
|
|
|
|
],
|
|
|
|
|
true
|
|
|
|
|
],
|
|
|
|
|
'User block, logged in, autoblock cookies disabled, block is autoblocking' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_USER,
|
|
|
|
|
'isAnon' => false,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnAutoblock' => false ],
|
|
|
|
|
'autoblocking' => true,
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
],
|
|
|
|
|
'User block, logged in, autoblock cookies enabled, block is not autoblocking' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_USER,
|
|
|
|
|
'isAnon' => false,
|
|
|
|
|
'blockManagerConfig' => [ 'wgCookieSetOnAutoblock' => true ],
|
|
|
|
|
'autoblocking' => false,
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
],
|
|
|
|
|
'Block type is autoblock' => [
|
|
|
|
|
[
|
|
|
|
|
'type' => DatabaseBlock::TYPE_AUTO,
|
|
|
|
|
'isAnon' => true,
|
|
|
|
|
'blockManagerConfig' => [],
|
|
|
|
|
],
|
|
|
|
|
false
|
|
|
|
|
]
|
2019-06-26 06:00:07 +00:00
|
|
|
];
|
|
|
|
|
}
|
2019-06-17 16:59:02 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @covers ::clearBlockCookie
|
|
|
|
|
*/
|
|
|
|
|
public function testClearBlockCookie() {
|
|
|
|
|
$this->setMwGlobals( [
|
|
|
|
|
'wgCookiePrefix' => '',
|
|
|
|
|
] );
|
|
|
|
|
|
|
|
|
|
$request = new FauxRequest();
|
|
|
|
|
$response = $request->response();
|
|
|
|
|
$response->setCookie( 'BlockID', '100' );
|
|
|
|
|
$this->assertSame( '100', $response->getCookie( 'BlockID' ) );
|
|
|
|
|
|
|
|
|
|
BlockManager::clearBlockCookie( $response );
|
|
|
|
|
$this->assertSame( '', $response->getCookie( 'BlockID' ) );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideGetIdFromCookieValue
|
|
|
|
|
* @covers ::getIdFromCookieValue
|
|
|
|
|
*/
|
|
|
|
|
public function testGetIdFromCookieValue( $options, $expected ) {
|
|
|
|
|
$blockManager = $this->getBlockManager( [
|
|
|
|
|
'wgSecretKey' => $options['secretKey']
|
|
|
|
|
] );
|
|
|
|
|
$this->assertEquals(
|
|
|
|
|
$expected,
|
|
|
|
|
$blockManager->getIdFromCookieValue( $options['cookieValue'] )
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideGetIdFromCookieValue() {
|
|
|
|
|
$blockId = 100;
|
|
|
|
|
$secretKey = '123';
|
|
|
|
|
$hmac = MWCryptHash::hmac( $blockId, $secretKey, false );
|
|
|
|
|
return [
|
|
|
|
|
'No secret key is set' => [
|
|
|
|
|
[
|
|
|
|
|
'secretKey' => '',
|
|
|
|
|
'cookieValue' => $blockId,
|
|
|
|
|
'calculatedHmac' => MWCryptHash::hmac( $blockId, '', false ),
|
|
|
|
|
],
|
|
|
|
|
$blockId,
|
|
|
|
|
],
|
|
|
|
|
'Secret key is set and stored hmac is correct' => [
|
|
|
|
|
[
|
|
|
|
|
'secretKey' => $secretKey,
|
|
|
|
|
'cookieValue' => $blockId . '!' . $hmac,
|
|
|
|
|
'calculatedHmac' => $hmac,
|
|
|
|
|
],
|
|
|
|
|
$blockId,
|
|
|
|
|
],
|
|
|
|
|
'Secret key is set and stored hmac is incorrect' => [
|
|
|
|
|
[
|
|
|
|
|
'secretKey' => $secretKey,
|
|
|
|
|
'cookieValue' => $blockId . '!xyz',
|
|
|
|
|
'calculatedHmac' => $hmac,
|
|
|
|
|
],
|
|
|
|
|
null,
|
|
|
|
|
],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @dataProvider provideGetCookieValue
|
|
|
|
|
* @covers ::getCookieValue
|
|
|
|
|
*/
|
|
|
|
|
public function testGetCookieValue( $options, $expected ) {
|
|
|
|
|
$blockManager = $this->getBlockManager( [
|
|
|
|
|
'wgSecretKey' => $options['secretKey']
|
|
|
|
|
] );
|
|
|
|
|
|
|
|
|
|
$block = $this->getMockBuilder( DatabaseBlock::class )
|
|
|
|
|
->setMethods( [ 'getId' ] )
|
|
|
|
|
->getMock();
|
|
|
|
|
$block->method( 'getId' )
|
|
|
|
|
->willReturn( $options['blockId'] );
|
|
|
|
|
|
|
|
|
|
$this->assertEquals(
|
|
|
|
|
$expected,
|
|
|
|
|
$blockManager->getCookieValue( $block )
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static function provideGetCookieValue() {
|
|
|
|
|
$blockId = 100;
|
|
|
|
|
return [
|
|
|
|
|
'Secret key not set' => [
|
|
|
|
|
[
|
|
|
|
|
'secretKey' => '',
|
|
|
|
|
'blockId' => $blockId,
|
|
|
|
|
'hmac' => MWCryptHash::hmac( $blockId, '', false ),
|
|
|
|
|
],
|
|
|
|
|
$blockId,
|
|
|
|
|
],
|
|
|
|
|
'Secret key set' => [
|
|
|
|
|
[
|
|
|
|
|
'secretKey' => '123',
|
|
|
|
|
'blockId' => $blockId,
|
|
|
|
|
'hmac' => MWCryptHash::hmac( $blockId, '123', false ),
|
|
|
|
|
],
|
|
|
|
|
$blockId . '!' . MWCryptHash::hmac( $blockId, '123', false ) ],
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-14 12:58:53 +00:00
|
|
|
/**
|
|
|
|
|
* @coversNothing
|
|
|
|
|
*/
|
|
|
|
|
public function testAllServiceOptionsUsed() {
|
|
|
|
|
$this->assertAllServiceOptionsUsed( [ 'ApplyIpBlocksToXff', 'SoftBlockRanges' ] );
|
|
|
|
|
}
|
2019-04-05 19:13:17 +00:00
|
|
|
}
|
