Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/integration/includes/user/TempUser/TempUserCreatorTest.php

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

288 lines
9.6 KiB
PHP
Raw Normal View History

TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
<?php
Support multiple matchPatterns in temp user autocreate config Why: * There is a need to update the generation and match pattern on WMF wikis to a new format that includes the year and starts with `~`. As such, the 'matchPattern' key needs to be updated. * Removing the old 'matchPattern' from the wgAutoCreateTempUser config currently leaves existing temporary accounts as no longer recongnised as temporary accounts. * Instead, the 'matchPattern' needs to be able to take an array of string patterns so that old patterns can still be used for matching. What: * Update the MainConfigSchama to indicate that 'matchPattern' in the wgAutoCreateTempUser config can be an array of strings. * Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig:: getMatchPattern. This is needed because ::getMatchPattern was typed to only ever return one Pattern, which is no longer the case with this config change. * Update the RealTempUserConfig to support multiple patterns defined in the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method returns the pattern or first pattern if multiple are defined to allow time for existing usages of this deprecated method to be updated. * Update the RealTempUserConfig to rely on other methods instead of checking object property values where possible (e.g. use ::isEnabled instead of checking $this->enabled) to allow easier unit testing. * Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig ::getMatchPatterns instead of ::getMatchPattern. * Update mediawiki.util/util.js to be able to parse the 'matchPattern' value when it is an array of strings. * Update maintenance/userOptions.php to use ::getMatchPatterns instead of ::getMatchPattern. * Add and update unit and integration tests for the new code, as well as expanding coverage over existing code that was indirectly affected. Bug: T354619 Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
2024-01-10 23:40:27 +00:00
namespace MediaWiki\Tests\Integration\User\TempUser;
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
use ExtensionRegistry;
use MediaWiki\Auth\AuthManager;
TempAccounts: Make Throttler and WebRequest required Why: - In real world usages, both the Throttler and request objects are required. We can override these objects in tests easily enough and simplify the application code in the process. What: - Make Throttler and WebRequest objects required in `TempUserCreator::create()` Depends-On: I13cb0dbeaa78e3ad5c7250c7565ee97099d97867 Change-Id: I5eaa68b8212570b3324a0fdec452189c6b56f810
2024-03-28 10:02:51 +00:00
use MediaWiki\Auth\Throttler;
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
use MediaWiki\MainConfigNames;
TempUserCreator: Use separate rate limit for temp account creations Why: - The pathway to creating a regular account is different from that of a temporary account. It makes sense to rate limiting creation of these two types of accounts at different rates. What: - Add a TempAccountCreationThrottle config with a restrictive default that matches the existing production configuration of AccountCreationThrottle (6 creations per day) - Update resetAuthenticationThrottle.php to support resetting the temp account creation throttle - For now, not adding an equivalent hook for account creation throttle's ExemptFromAccountCreationThrottle Bug: T357777 Change-Id: Ibf36ac96f717107bace6f0a3326f79ed129a1dfe
2024-03-03 19:16:41 +00:00
use MediaWiki\Request\FauxRequest;
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
use MediaWiki\Session\Session;
Support multiple matchPatterns in temp user autocreate config Why: * There is a need to update the generation and match pattern on WMF wikis to a new format that includes the year and starts with `~`. As such, the 'matchPattern' key needs to be updated. * Removing the old 'matchPattern' from the wgAutoCreateTempUser config currently leaves existing temporary accounts as no longer recongnised as temporary accounts. * Instead, the 'matchPattern' needs to be able to take an array of string patterns so that old patterns can still be used for matching. What: * Update the MainConfigSchama to indicate that 'matchPattern' in the wgAutoCreateTempUser config can be an array of strings. * Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig:: getMatchPattern. This is needed because ::getMatchPattern was typed to only ever return one Pattern, which is no longer the case with this config change. * Update the RealTempUserConfig to support multiple patterns defined in the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method returns the pattern or first pattern if multiple are defined to allow time for existing usages of this deprecated method to be updated. * Update the RealTempUserConfig to rely on other methods instead of checking object property values where possible (e.g. use ::isEnabled instead of checking $this->enabled) to allow easier unit testing. * Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig ::getMatchPatterns instead of ::getMatchPattern. * Update mediawiki.util/util.js to be able to parse the 'matchPattern' value when it is an array of strings. * Update maintenance/userOptions.php to use ::getMatchPatterns instead of ::getMatchPattern. * Add and update unit and integration tests for the new code, as well as expanding coverage over existing code that was indirectly affected. Bug: T354619 Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
2024-01-10 23:40:27 +00:00
use MediaWiki\Tests\User\TempUser\TempUserTestTrait;
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
use MediaWiki\User\CentralId\CentralIdLookup;
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
use MediaWiki\User\TempUser\RealTempUserConfig;
use MediaWiki\User\TempUser\SerialMapping;
use MediaWiki\User\TempUser\SerialProvider;
use MediaWiki\User\TempUser\TempUserCreator;
use MediaWiki\User\UserFactory;
use Wikimedia\TestingAccessWrapper;
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
use Wikimedia\Timestamp\ConvertibleTimestamp;
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
/**
* @group Database
* @covers \MediaWiki\User\TempUser\DBSerialProvider
* @covers \MediaWiki\User\TempUser\LocalSerialProvider
* @covers \MediaWiki\User\TempUser\TempUserCreator
* @covers \MediaWiki\User\TempUser\CreateStatus
*/
class TempUserCreatorTest extends \MediaWikiIntegrationTestCase {
Support multiple matchPatterns in temp user autocreate config Why: * There is a need to update the generation and match pattern on WMF wikis to a new format that includes the year and starts with `~`. As such, the 'matchPattern' key needs to be updated. * Removing the old 'matchPattern' from the wgAutoCreateTempUser config currently leaves existing temporary accounts as no longer recongnised as temporary accounts. * Instead, the 'matchPattern' needs to be able to take an array of string patterns so that old patterns can still be used for matching. What: * Update the MainConfigSchama to indicate that 'matchPattern' in the wgAutoCreateTempUser config can be an array of strings. * Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig:: getMatchPattern. This is needed because ::getMatchPattern was typed to only ever return one Pattern, which is no longer the case with this config change. * Update the RealTempUserConfig to support multiple patterns defined in the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method returns the pattern or first pattern if multiple are defined to allow time for existing usages of this deprecated method to be updated. * Update the RealTempUserConfig to rely on other methods instead of checking object property values where possible (e.g. use ::isEnabled instead of checking $this->enabled) to allow easier unit testing. * Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig ::getMatchPatterns instead of ::getMatchPattern. * Update mediawiki.util/util.js to be able to parse the 'matchPattern' value when it is an array of strings. * Update maintenance/userOptions.php to use ::getMatchPatterns instead of ::getMatchPattern. * Add and update unit and integration tests for the new code, as well as expanding coverage over existing code that was indirectly affected. Bug: T354619 Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
2024-01-10 23:40:27 +00:00
use TempUserTestTrait;
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
public function testCreate() {
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->enableAutoCreateTempUser( [
'serialProvider' => [ 'type' => 'local', 'useYear' => false ],
'matchPattern' => '~$1',
] );
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
$tuc = $this->getServiceContainer()->getTempUserCreator();
$this->assertTrue( $tuc->isAutoCreateAction( 'edit' ) );
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->assertTrue( $tuc->isTempName( '~1' ) );
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
// Create a temporary account
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$status = $tuc->create( null, new FauxRequest() );
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->assertSame( '~1', $status->getUser()->getName() );
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
$this->assertSame(
1,
$this->getDb()->newSelectQueryBuilder()
->from( 'logging' )
->join( 'actor', null, 'log_actor=actor_id' )
->where( [ 'actor_name' => '~1', 'log_action' => 'autocreate' ] )
->fetchRowCount(),
'A logging entry indicating the autocreation of ~1 was expected.'
);
// Repeat the test to verify that the serial number increments
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$status = $tuc->create( null, new FauxRequest() );
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->assertSame( '~2', $status->getUser()->getName() );
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
$this->assertSame(
1,
$this->getDb()->newSelectQueryBuilder()
->from( 'logging' )
->join( 'actor', null, 'log_actor=actor_id' )
->where( [ 'actor_name' => '~2', 'log_action' => 'autocreate' ] )
->fetchRowCount(),
'A logging entry indicating the autocreation of ~2 was expected.'
);
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
}
private function getTempUserCreatorUnit() {
$scope1 = ExtensionRegistry::getInstance()->setAttributeForTest(
'TempUserSerialProviders',
[
'test' => [
'factory' => static function () {
return new class implements SerialProvider {
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
public function acquireIndex( int $year = 0 ): int {
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
return 1;
}
};
}
],
]
);
$scope2 = ExtensionRegistry::getInstance()->setAttributeForTest(
'TempUserSerialMappings',
[
'test' => [
'factory' => static function () {
return new class implements SerialMapping {
public function getSerialIdForIndex( int $index ): string {
$index--;
$adjective = (int)( $index / 2 );
$animal = $index % 2;
return [ 'active' ][$adjective] . ' ' . [ 'aardvark' ][$animal];
}
};
}
]
]
);
Support multiple matchPatterns in temp user autocreate config Why: * There is a need to update the generation and match pattern on WMF wikis to a new format that includes the year and starts with `~`. As such, the 'matchPattern' key needs to be updated. * Removing the old 'matchPattern' from the wgAutoCreateTempUser config currently leaves existing temporary accounts as no longer recongnised as temporary accounts. * Instead, the 'matchPattern' needs to be able to take an array of string patterns so that old patterns can still be used for matching. What: * Update the MainConfigSchama to indicate that 'matchPattern' in the wgAutoCreateTempUser config can be an array of strings. * Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig:: getMatchPattern. This is needed because ::getMatchPattern was typed to only ever return one Pattern, which is no longer the case with this config change. * Update the RealTempUserConfig to support multiple patterns defined in the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method returns the pattern or first pattern if multiple are defined to allow time for existing usages of this deprecated method to be updated. * Update the RealTempUserConfig to rely on other methods instead of checking object property values where possible (e.g. use ::isEnabled instead of checking $this->enabled) to allow easier unit testing. * Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig ::getMatchPatterns instead of ::getMatchPattern. * Update mediawiki.util/util.js to be able to parse the 'matchPattern' value when it is an array of strings. * Update maintenance/userOptions.php to use ::getMatchPatterns instead of ::getMatchPattern. * Add and update unit and integration tests for the new code, as well as expanding coverage over existing code that was indirectly affected. Bug: T354619 Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
2024-01-10 23:40:27 +00:00
$config = new RealTempUserConfig( [
'enabled' => true,
'expireAfterDays' => null,
'actions' => [ 'edit' ],
'genPattern' => '*Unregistered $1',
'matchPattern' => '*$1',
'serialProvider' => [ 'type' => 'test' ],
'serialMapping' => [ 'type' => 'test' ],
] );
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
$creator = new TempUserCreator(
$config,
$this->createSimpleObjectFactory(),
$this->createMock( UserFactory::class ),
$this->createMock( AuthManager::class ),
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
$this->createMock( CentralIdLookup::class ),
TempAccounts: Make Throttler and WebRequest required Why: - In real world usages, both the Throttler and request objects are required. We can override these objects in tests easily enough and simplify the application code in the process. What: - Make Throttler and WebRequest objects required in `TempUserCreator::create()` Depends-On: I13cb0dbeaa78e3ad5c7250c7565ee97099d97867 Change-Id: I5eaa68b8212570b3324a0fdec452189c6b56f810
2024-03-28 10:02:51 +00:00
$this->createMock( Throttler::class ),
$this->createMock( Throttler::class )
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
);
return [ $creator, [ $scope1, $scope2 ] ];
}
public function testAcquireName_unit() {
[ $creator, $scope ] = $this->getTempUserCreatorUnit();
/** @var TempUserCreator $creator */
$creator = TestingAccessWrapper::newFromObject( $creator );
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame(
'*Unregistered active aardvark',
$creator->acquireName( '127.0.0.1' )
);
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
}
public function testAcquireName_db() {
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->enableAutoCreateTempUser( [
'serialProvider' => [ 'type' => 'local', 'useYear' => false ],
'matchPattern' => '~$1',
] );
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
$tuc = TestingAccessWrapper::newFromObject(
$this->getServiceContainer()->getTempUserCreator()
);
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame( '~1', $tuc->acquireName( '127.0.0.1' ) );
$this->assertSame( '~2', $tuc->acquireName( '127.0.0.1' ) );
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
}
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
public function testAcquireName_dbWithYear() {
Support multiple matchPatterns in temp user autocreate config Why: * There is a need to update the generation and match pattern on WMF wikis to a new format that includes the year and starts with `~`. As such, the 'matchPattern' key needs to be updated. * Removing the old 'matchPattern' from the wgAutoCreateTempUser config currently leaves existing temporary accounts as no longer recongnised as temporary accounts. * Instead, the 'matchPattern' needs to be able to take an array of string patterns so that old patterns can still be used for matching. What: * Update the MainConfigSchama to indicate that 'matchPattern' in the wgAutoCreateTempUser config can be an array of strings. * Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig:: getMatchPattern. This is needed because ::getMatchPattern was typed to only ever return one Pattern, which is no longer the case with this config change. * Update the RealTempUserConfig to support multiple patterns defined in the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method returns the pattern or first pattern if multiple are defined to allow time for existing usages of this deprecated method to be updated. * Update the RealTempUserConfig to rely on other methods instead of checking object property values where possible (e.g. use ::isEnabled instead of checking $this->enabled) to allow easier unit testing. * Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig ::getMatchPatterns instead of ::getMatchPattern. * Update mediawiki.util/util.js to be able to parse the 'matchPattern' value when it is an array of strings. * Update maintenance/userOptions.php to use ::getMatchPatterns instead of ::getMatchPattern. * Add and update unit and integration tests for the new code, as well as expanding coverage over existing code that was indirectly affected. Bug: T354619 Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
2024-01-10 23:40:27 +00:00
$this->enableAutoCreateTempUser( [ 'serialProvider' => [ 'type' => 'local', 'useYear' => true ] ] );
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
ConvertibleTimestamp::setFakeTime( '20000101000000' );
$tuc = TestingAccessWrapper::newFromObject(
$this->getServiceContainer()->getTempUserCreator()
);
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame( '~2000-1', $tuc->acquireName( '127.0.0.1' ) );
$this->assertSame( '~2000-2', $tuc->acquireName( '127.0.0.1' ) );
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
ConvertibleTimestamp::setFakeTime( '20010101000000' );
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame( '~2001-1', $tuc->acquireName( '127.0.0.1' ) );
Use year in temporary user names and restart index each year Why: * Part of a temporary user name is generated from an index that increments, which is stored in the database. * As specified in T345855, the index will be restarted each year. * Also specified in T345855, the year will be included in generated temporary user names. What: * Since the year must be included in the name in order to avoid naming conflicts if the index is restarted each year, both are implemented together and controlled by a single config. * Add a new config option that, when true, restarts the name generation index at the start of each year and add the year into the user name: $wgAutoCreateTempUser['serialProvider']['useYear'] * Add a uas_year column to the user_autocreate_serial table, which is unique in combination with uas_shard, so the index can be stored for each shard/year combination. * The year is added into the username just after the prefix, as specified in T345855. This is based on research that having the year near the start of the name aids understanding that the names are not IP addresses. The position of the year within the name is therefore not configurable (though whether to include it is). See T345855 for the research. Bug: T349494 Bug: T349501 Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665 Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
2023-12-20 11:22:13 +00:00
}
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
public function testAcquireNameOnDuplicate_db() {
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->enableAutoCreateTempUser();
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
$tuc = TestingAccessWrapper::newFromObject(
$this->getServiceContainer()->getTempUserCreator()
);
// Create a temporary account
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame( '~2024-1', $tuc->create( null, new FauxRequest() )->value->getName() );
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
// Reset the user_autocreate_serial table
$this->truncateTable( 'user_autocreate_serial' );
// Because user_autocreate_serial was truncated, the ::acquireName method should
// return null as the code attempts to return a temporary account that already exists.
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
$this->assertSame( null, $tuc->acquireName( '127.0.0.1' ) );
}
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
public function testCreateOnDuplicate_db() {
$this->enableAutoCreateTempUser();
$tuc = $this->getServiceContainer()->getTempUserCreator();
// Create a temporary account
$this->assertSame( '~2024-1', $tuc->create( null, new FauxRequest() )->value->getName() );
// Create a temporary account with an existing temporary account username.
$secondCreateStatus = $tuc->create( '~2024-1', new FauxRequest() );
$this->assertStatusError( 'temp-user-unable-to-acquire', $secondCreateStatus );
// Assert that only one log entry for autocreation exists for ~2024-1, as the second call should have not
// created a new log entry.
$this->assertSame(
1,
$this->getDb()->newSelectQueryBuilder()
->from( 'logging' )
->join( 'actor', null, 'log_actor=actor_id' )
->where( [ 'actor_name' => '~2024-1', 'log_action' => 'autocreate' ] )
->fetchRowCount(),
'Only one logging entry indicating the autocreation of ~2024-1 was expected.'
);
}
public function testCreateOnInvalidUsername() {
$this->enableAutoCreateTempUser();
$tuc = $this->getServiceContainer()->getTempUserCreator();
// Attempt to create the temporary account with an invalid username.
$secondCreateStatus = $tuc->create( 'Template:InvalidUsername#test', new FauxRequest() );
$this->assertStatusError( 'internalerror_info', $secondCreateStatus );
}
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
public function testAcquireNameThrottled() {
$this->enableAutoCreateTempUser();
$this->overrideConfigValue(
MainConfigNames::TempAccountNameAcquisitionThrottle,
[
'count' => 1,
'seconds' => 30 * 86400,
]
);
$tuc = TestingAccessWrapper::newFromObject(
$this->getServiceContainer()->getTempUserCreator()
);
// Create a temporary account
$this->assertSame( '~2024-1', $tuc->create( null, new FauxRequest() )->value->getName() );
// Attempt again; name acquisition should be limited
$this->assertStatusError( 'temp-user-unable-to-acquire', $tuc->create( null, new FauxRequest() ) );
Handle collisions from SerialProvider::acquireIndex Why: * When using the TempUserCreator::create or ::acquireAndStashName to get temporary account when the chosen username already existed, that temporary account is treated as if it doesn't exist. This causes confusing "userexists" errors and also causes the user to be logged into an already existing temporary account. * Furthermore, because the user existence check in AuthManager::auto CreateUser only checks the local wiki, if an existing temporary account exists globally but not on the local wiki then the code sign a new user into an existing temporary account. * This is very bad behaviour, though shouldn't happen unless the serialMapping configuration uses a SerialMapping class that could provide duplicates and/or the configuration has been changed to use a different SerialMapping class. * There is a need to change the SerialMapping class in use to a different class, which means that the code will attempt to use temporary account usernames which already exist. * As such, the code that is generating the temporary account usernames based on the SerialMapping and SerialProvider should be aware that it may produce an already existing temporary account username, even if the SerialMapping class being used is asserted to never provide duplicates. * Therefore, the code that generates temporary account usernames should always attempt to verify that a automatically generated temporary account name does not already exist on the wiki. What: * Update TempUserCreator::acquireName to check to see if the username it generates already exists centrally using the CentralIdLookup. If it does, then the method returns null. Otherwise, the username that hasn't been used yet is returned. * Create the private method TempUserCreator::attemptAutoCreate that attempts an autocreate for a temporary account name, and optionally logs the account in. * Update TempUserCreator::create to use ::attemptAutoCreate to first to check if the account can be created and then again once the account is created to actually login to that temporary account. This is done to prevent logins to existing temporary accounts on the local wiki. The second call to actually perform the login is necessary as there is no other way to login to a temporary account. * Update TempUserCreator::acquireAndStashName to respond to the changes to ::acquireName, such that it returns null if ::acquireName returns null and also does not modify the session. * Update EditPage::maybeActivateTempUserCreate to return a Status and return a good status in all cases except when a temporary account name could not be acquired. * Add IEditObject::AS_UNABLE_TO_ACQUIRE_TEMP_ACCOUNT, and use it as the value of the fatal status returned by EditPage ::internalAttemptSave if a temporary account name could not be acquired. This will cause the display of a useful error to the user on edit. * Update ApiEditPage and ApiAcquireTempUserName to die with an error if a temporary account username was unable to be acquired. * Provide tests for the untested ApiAcquireTempUserName.php file including testing the new behaviour. * Add and update tests for TempUserCreator.php Bug: T353390 Change-Id: Id3a316ea0eba544d51d4ffcdfb03e35f4b3c54cc
2023-12-13 22:56:29 +00:00
}
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
public function testAcquireAndStashName() {
/** @var TempUserCreator $creator */
[ $creator, $scope ] = $this->getTempUserCreatorUnit();
$session = new class extends Session {
private $data = [];
public function __construct() {
}
public function __destruct() {
}
public function get( $key, $default = null ) {
return array_key_exists( $key, $this->data ) ? $this->data[$key] : $default;
}
public function set( $key, $value ) {
$this->data[$key] = $value;
}
public function save() {
}
TempAccounts: Rate limit acquisition of temp account names Why: - We don't want to allow unlimited acquisition of temp account names. These should be rate limited in similar way to how we limit the creation of temp accounts What: - Provide a TempAccountNameAcquisitionThrottle, and use it in the acquireName() method - Set a default that is 10 times the limit of TempAccountNameCreationThrottle Depends-On: If660aad1d0f04f366414084aff3f88484a19d416 Bug: T343101 Change-Id: I99d5973498a89ac227847de5837c0a8e895c28fb
2024-04-08 09:56:01 +00:00
public function getRequest() {
return new FauxRequest();
}
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
};
$name = $creator->acquireAndStashName( $session );
$this->assertSame( '*Unregistered active aardvark', $name );
$name = $creator->acquireAndStashName( $session );
$this->assertSame( '*Unregistered active aardvark', $name );
}
TempUserCreator: Use separate rate limit for temp account creations Why: - The pathway to creating a regular account is different from that of a temporary account. It makes sense to rate limiting creation of these two types of accounts at different rates. What: - Add a TempAccountCreationThrottle config with a restrictive default that matches the existing production configuration of AccountCreationThrottle (6 creations per day) - Update resetAuthenticationThrottle.php to support resetting the temp account creation throttle - For now, not adding an equivalent hook for account creation throttle's ExemptFromAccountCreationThrottle Bug: T357777 Change-Id: Ibf36ac96f717107bace6f0a3326f79ed129a1dfe
2024-03-03 19:16:41 +00:00
public function testRateLimit() {
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->enableAutoCreateTempUser( [
'serialProvider' => [ 'type' => 'local', 'useYear' => false ],
'matchPattern' => '~$1',
] );
Use MainConfigNames constants in tests where possible I believe this makes the code less brittle, and also makes it a bit more obvious what these strings are meant to represent. Change-Id: Ia39b5c80af4b495931d0a68fd091b783645dd709
2024-07-09 15:36:08 +00:00
$this->overrideConfigValues( [
MainConfigNames::AccountCreationThrottle => [
'count' => 10,
'seconds' => 86400
],
MainConfigNames::TempAccountCreationThrottle => [
'count' => 1,
'seconds' => 86400
],
TempUserCreator: Use separate rate limit for temp account creations Why: - The pathway to creating a regular account is different from that of a temporary account. It makes sense to rate limiting creation of these two types of accounts at different rates. What: - Add a TempAccountCreationThrottle config with a restrictive default that matches the existing production configuration of AccountCreationThrottle (6 creations per day) - Update resetAuthenticationThrottle.php to support resetting the temp account creation throttle - For now, not adding an equivalent hook for account creation throttle's ExemptFromAccountCreationThrottle Bug: T357777 Change-Id: Ibf36ac96f717107bace6f0a3326f79ed129a1dfe
2024-03-03 19:16:41 +00:00
] );
$tuc = $this->getServiceContainer()->getTempUserCreator();
$status = $tuc->create( null, new FauxRequest() );
Update wgAutoCreateTempUser config defaults Why: * The default value of wgAutoCreateTempUser has not changed since the decision to use a different prefix for temporary accounts (T332805). * The default needs to be updated to reduce the number of overrides in operations/mediawiki-config and also to make the development experience more consistent with what is happening on WMF production. What: * Update the wgAutoCreateTempUser default in the following ways: ** Set expireAfterDays as 365 ** Set notifyBeforeExpirationDays as 10 ** Set genPattern and reservedPattern to '~$1' ** Set matchPattern to null, which will mean that the genPattern is used as the value. * Update RealTempUserConfig::getPlaceholderName to add the year to the placeholder name so that if the match pattern includes the first digit of the year, then the placeholder name still is considered a valid temporary account username. * Replace modifications of the wgAutoCreateTempUser config in integration tests with a use of the TempUserTestTrait to make the code cleaner and make it easier to find tests that relies on the values in wgAutoCreateTempUser. * Update multiple tests to handle the new defaults for the config. Bug: T359335 Change-Id: Ifa5a0123cd915bdb7c87e473c51fb93321622f12
2024-03-26 15:04:36 +00:00
$this->assertSame( '~1', $status->getUser()->getName() );
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
// Repeat creating a temporary account, and verify that this fails due to the rate limit.
TempUserCreator: Use separate rate limit for temp account creations Why: - The pathway to creating a regular account is different from that of a temporary account. It makes sense to rate limiting creation of these two types of accounts at different rates. What: - Add a TempAccountCreationThrottle config with a restrictive default that matches the existing production configuration of AccountCreationThrottle (6 creations per day) - Update resetAuthenticationThrottle.php to support resetting the temp account creation throttle - For now, not adding an equivalent hook for account creation throttle's ExemptFromAccountCreationThrottle Bug: T357777 Change-Id: Ibf36ac96f717107bace6f0a3326f79ed129a1dfe
2024-03-03 19:16:41 +00:00
$status = $tuc->create( null, new FauxRequest() );
// TODO: Use new message key (T357777, T357802)
$this->assertStatusError( 'acct_creation_throttle_hit', $status );
Create an autocreate log when a temporary account is created on edit Why: * When a temporary account is created on edit, no log entry is visible on Special:Log to indicate that the temporary account exists. * No log is specifically set through the call to AuthManager ::autoCreateUser having the $log parameter set always to false. This was set in e8dbf5f80c029c4be52f1afd4ef91c59cfcd1185 which was the commit that created the code to create temporary accounts. * No specific reason was provided to not create a log and in T357498 there is a request to add this log. What: * Remove the `false` argument for $log to AuthManager ::autoCreateUser in TempUserCreator::attemptAutoCreate. * Update the integration tests to verify that an autocreate log is added when a temporary user is successfully created. Bug: T357498 Change-Id: Icf6be65a91437aa32684769c2858262a06ad0416
2024-06-26 12:46:45 +00:00
// If the temporary account creation failed due to the rate limit, then no log entry should have been created.
$this->assertSame(
0,
$this->getDb()->newSelectQueryBuilder()
->from( 'logging' )
->join( 'actor', null, 'log_actor=actor_id' )
->where( [ 'actor_name' => '~2', 'log_action' => 'autocreate' ] )
->fetchRowCount(),
'A logging entry indicating the autocreation of ~2 was not expected.'
);
TempUserCreator: Use separate rate limit for temp account creations Why: - The pathway to creating a regular account is different from that of a temporary account. It makes sense to rate limiting creation of these two types of accounts at different rates. What: - Add a TempAccountCreationThrottle config with a restrictive default that matches the existing production configuration of AccountCreationThrottle (6 creations per day) - Update resetAuthenticationThrottle.php to support resetting the temp account creation throttle - For now, not adding an equivalent hook for account creation throttle's ExemptFromAccountCreationThrottle Bug: T357777 Change-Id: Ibf36ac96f717107bace6f0a3326f79ed129a1dfe
2024-03-03 19:16:41 +00:00
}
TempUser infrastructure and services Add services and utilities for automatic creation of temporary user accounts on page save, in order to avoid exposing the user's IP address. * Add $wgAutoCreateTempUser, for configuring the system * Add TempUserConfig service, which interprets the config. * Add TempUserCreator service, which creates users during page save as requested by EditPage. With proxy methods to TempUserConfig for convenience. * Add table user_autocreate_serial. Table creation is necessary before the feature is enabled but is not necessary before deployment of this commit. Bug: T300263 Change-Id: Ib14a352490fc42039106523118e8d021844e3dfb
2022-02-28 03:05:58 +00:00
}
Reference in a new issue Copy permalink