Move AuthManager::checkAccountCreatePermissions to Authority.
Change-Id: I8d223508ccec7122eef5e0bf136964ad65d64ab7
This commit is contained in:
Petr Pchelko
parent
c32e539bcd
commit
1f9c3a4566
6 changed files with 183 additions and 84 deletions
|
|
@ -23,6 +23,7 @@ use Action;
|
|||
use Article;
|
||||
use Exception;
|
||||
use MediaWiki\Block\BlockErrorFormatter;
|
||||
use MediaWiki\Block\DatabaseBlock;
|
||||
use MediaWiki\Config\ServiceOptions;
|
||||
use MediaWiki\HookContainer\HookContainer;
|
||||
use MediaWiki\HookContainer\HookRunner;
|
||||
|
|
@ -702,9 +703,8 @@ class PermissionManager {
|
|||
$short,
|
||||
LinkTarget $page
|
||||
) {
|
||||
// Account creation blocks handled at userlogin.
|
||||
// Unblocking handled in SpecialUnblock
|
||||
if ( $rigor === self::RIGOR_QUICK || in_array( $action, [ 'createaccount', 'unblock' ] ) ) {
|
||||
if ( $rigor === self::RIGOR_QUICK || in_array( $action, [ 'unblock' ] ) ) {
|
||||
return $errors;
|
||||
}
|
||||
|
||||
|
|
@ -723,6 +723,37 @@ class PermissionManager {
|
|||
$useReplica = ( $rigor !== self::RIGOR_SECURE );
|
||||
$block = $user->getBlock( $useReplica );
|
||||
|
||||
if ( $action === 'createaccount' ) {
|
||||
$applicableBlock = null;
|
||||
if ( $block && $block->appliesToRight( 'createaccount' ) ) {
|
||||
$applicableBlock = $block;
|
||||
}
|
||||
|
||||
# T15611: if the IP address the user is trying to create an account from is
|
||||
# blocked with createaccount disabled, prevent new account creation there even
|
||||
# when the user is logged in
|
||||
if ( !$this->userHasRight( $user, 'ipblock-exempt' ) ) {
|
||||
$ipBlock = DatabaseBlock::newFromTarget(
|
||||
null, $user->getRequest()->getIP()
|
||||
);
|
||||
if ( $ipBlock && $ipBlock->appliesToRight( 'createaccount' ) ) {
|
||||
$applicableBlock = $ipBlock;
|
||||
}
|
||||
}
|
||||
// @todo FIXME: Pass the relevant context into this function.
|
||||
if ( $applicableBlock ) {
|
||||
$context = RequestContext::getMain();
|
||||
$message = $this->blockErrorFormatter->getMessage(
|
||||
$applicableBlock,
|
||||
$context->getUser(),
|
||||
$context->getLanguage(),
|
||||
$context->getRequest()->getIP()
|
||||
);
|
||||
$errors[] = array_merge( [ $message->getKey() ], $message->getParams() );
|
||||
return $errors;
|
||||
}
|
||||
}
|
||||
|
||||
// If the user does not have a block, or the block they do have explicitly
|
||||
// allows the action (like "read" or "upload").
|
||||
if ( !$block || $block->appliesToRight( $action ) === false ) {
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@ class ApiAMCreateAccount extends ApiBase {
|
|||
$reqs[] = $req;
|
||||
}
|
||||
}
|
||||
$res = $manager->beginAccountCreation( $this->getUser(), $reqs, $params['returnurl'] );
|
||||
$res = $manager->beginAccountCreation( $this->getAuthority(), $reqs, $params['returnurl'] );
|
||||
}
|
||||
|
||||
$this->getResult()->addValue( null, 'createaccount',
|
||||
|
|
|
|||
|
|
@ -29,7 +29,9 @@ use MediaWiki\Block\BlockManager;
|
|||
use MediaWiki\HookContainer\HookContainer;
|
||||
use MediaWiki\HookContainer\HookRunner;
|
||||
use MediaWiki\MediaWikiServices;
|
||||
use MediaWiki\Permissions\Authority;
|
||||
use MediaWiki\Permissions\PermissionStatus;
|
||||
use MediaWiki\User\UserIdentity;
|
||||
use MediaWiki\User\UserNameUtils;
|
||||
use MediaWiki\Watchlist\WatchlistManager;
|
||||
use Psr\Log\LoggerAwareInterface;
|
||||
|
|
@ -1039,10 +1041,10 @@ class AuthManager implements LoggerAwareInterface {
|
|||
|
||||
/**
|
||||
* Basic permissions checks on whether a user can create accounts
|
||||
* @param User $creator User doing the account creation
|
||||
* @param Authority $creator User doing the account creation
|
||||
* @return Status
|
||||
*/
|
||||
public function checkAccountCreatePermissions( User $creator ) {
|
||||
public function checkAccountCreatePermissions( Authority $creator ) {
|
||||
// Wiki is read-only?
|
||||
if ( $this->readOnlyMode->isReadOnly() ) {
|
||||
return Status::newFatal( wfMessage( 'readonlytext', $this->readOnlyMode->getReason() ) );
|
||||
|
|
@ -1058,15 +1060,6 @@ class AuthManager implements LoggerAwareInterface {
|
|||
}
|
||||
|
||||
$ip = $this->getRequest()->getIP();
|
||||
|
||||
$block = $creator->isBlockedFromCreateAccount();
|
||||
if ( $block ) {
|
||||
$language = \RequestContext::getMain()->getLanguage();
|
||||
return Status::newFatal(
|
||||
$this->blockErrorFormatter->getMessage( $block, $creator, $language, $ip )
|
||||
);
|
||||
}
|
||||
|
||||
if ( $this->blockManager->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) {
|
||||
return Status::newFatal( 'sorbs_create_account_reason' );
|
||||
}
|
||||
|
|
@ -1087,13 +1080,13 @@ class AuthManager implements LoggerAwareInterface {
|
|||
* should be omitted. If the CreateFromLoginAuthenticationRequest has a
|
||||
* username set, that username must be used for all other requests.
|
||||
*
|
||||
* @param User $creator User doing the account creation
|
||||
* @param Authority $creator User doing the account creation
|
||||
* @param AuthenticationRequest[] $reqs
|
||||
* @param string $returnToUrl Url that REDIRECT responses should eventually
|
||||
* return to.
|
||||
* @return AuthenticationResponse
|
||||
*/
|
||||
public function beginAccountCreation( User $creator, array $reqs, $returnToUrl ) {
|
||||
public function beginAccountCreation( Authority $creator, array $reqs, $returnToUrl ) {
|
||||
$session = $this->request->getSession();
|
||||
if ( !$this->canCreateAccounts() ) {
|
||||
// Caller should have called canCreateAccounts()
|
||||
|
|
@ -1116,7 +1109,7 @@ class AuthManager implements LoggerAwareInterface {
|
|||
if ( !$status->isGood() ) {
|
||||
$this->logger->debug( __METHOD__ . ': {creator} cannot create users: {reason}', [
|
||||
'user' => $username,
|
||||
'creator' => $creator->getName(),
|
||||
'creator' => $creator->getUser()->getName(),
|
||||
'reason' => $status->getWikiText( null, null, 'en' )
|
||||
] );
|
||||
return AuthenticationResponse::newFail( $status->getMessage() );
|
||||
|
|
@ -1128,7 +1121,7 @@ class AuthManager implements LoggerAwareInterface {
|
|||
if ( !$status->isGood() ) {
|
||||
$this->logger->debug( __METHOD__ . ': {user} cannot be created: {reason}', [
|
||||
'user' => $username,
|
||||
'creator' => $creator->getName(),
|
||||
'creator' => $creator->getUser()->getName(),
|
||||
'reason' => $status->getWikiText( null, null, 'en' )
|
||||
] );
|
||||
return AuthenticationResponse::newFail( $status->getMessage() );
|
||||
|
|
@ -1145,7 +1138,7 @@ class AuthManager implements LoggerAwareInterface {
|
|||
$session->remove( 'AuthManager::accountCreationState' );
|
||||
$this->logger->debug( __METHOD__ . ': UserData is invalid: {reason}', [
|
||||
'user' => $user->getName(),
|
||||
'creator' => $creator->getName(),
|
||||
'creator' => $creator->getUser()->getName(),
|
||||
'reason' => $status->getWikiText( null, null, 'en' ),
|
||||
] );
|
||||
return AuthenticationResponse::newFail( $status->getMessage() );
|
||||
|
|
@ -1158,8 +1151,8 @@ class AuthManager implements LoggerAwareInterface {
|
|||
$state = [
|
||||
'username' => $username,
|
||||
'userid' => 0,
|
||||
'creatorid' => $creator->getId(),
|
||||
'creatorname' => $creator->getName(),
|
||||
'creatorid' => $creator->getUser()->getId(),
|
||||
'creatorname' => $creator->getUser()->getName(),
|
||||
'reqs' => $reqs,
|
||||
'returnToUrl' => $returnToUrl,
|
||||
'primary' => null,
|
||||
|
|
@ -2066,10 +2059,10 @@ class AuthManager implements LoggerAwareInterface {
|
|||
* - ACTION_UNLINK: Same as ACTION_REMOVE, but limited to linked accounts.
|
||||
*
|
||||
* @param string $action One of the AuthManager::ACTION_* constants
|
||||
* @param User|null $user User being acted on, instead of the current user.
|
||||
* @param UserIdentity|null $user User being acted on, instead of the current user.
|
||||
* @return AuthenticationRequest[]
|
||||
*/
|
||||
public function getAuthenticationRequests( $action, User $user = null ) {
|
||||
public function getAuthenticationRequests( $action, UserIdentity $user = null ) {
|
||||
$options = [];
|
||||
$providerAction = $action;
|
||||
|
||||
|
|
@ -2136,14 +2129,14 @@ class AuthManager implements LoggerAwareInterface {
|
|||
* @param string $providerAction Action to pass to providers
|
||||
* @param array $options Options to pass to providers
|
||||
* @param AuthenticationProvider[] $providers
|
||||
* @param User|null $user
|
||||
* @param UserIdentity|null $user being acted on
|
||||
* @return AuthenticationRequest[]
|
||||
*/
|
||||
private function getAuthenticationRequestsInternal(
|
||||
$providerAction, array $options, array $providers, User $user = null
|
||||
$providerAction, array $options, array $providers, UserIdentity $user = null
|
||||
) {
|
||||
$user = $user ?: \RequestContext::getMain()->getUser();
|
||||
$options['username'] = $user->isAnon() ? null : $user->getName();
|
||||
$options['username'] = $user->isRegistered() ? $user->getName() : null;
|
||||
|
||||
// Query them and merge results
|
||||
$reqs = [];
|
||||
|
|
|
|||
|
|
@ -373,7 +373,7 @@ abstract class AuthManagerSpecialPage extends SpecialPage {
|
|||
case AuthManager::ACTION_LOGIN_CONTINUE:
|
||||
return $authManager->continueAuthentication( $requests );
|
||||
case AuthManager::ACTION_CREATE:
|
||||
return $authManager->beginAccountCreation( $this->getUser(), $requests,
|
||||
return $authManager->beginAccountCreation( $this->getAuthority(), $requests,
|
||||
$returnToUrl );
|
||||
case AuthManager::ACTION_CREATE_CONTINUE:
|
||||
return $authManager->continueAccountCreation( $requests );
|
||||
|
|
|
|||
|
|
@ -3670,6 +3670,7 @@ class User implements Authority, IDBAccessObject, UserIdentity, UserEmailContact
|
|||
|
||||
/**
|
||||
* Get whether the user is explicitly blocked from account creation.
|
||||
* @deprecated since 1.37. Instead use Authority::authorize* for createaccount permission.
|
||||
* @return bool|AbstractBlock
|
||||
*/
|
||||
public function isBlockedFromCreateAccount() {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ use Psr\Container\ContainerInterface;
|
|||
use Psr\Log\LoggerInterface;
|
||||
use Psr\Log\LogLevel;
|
||||
use ReadOnlyMode;
|
||||
use Status;
|
||||
use StatusValue;
|
||||
use WebRequest;
|
||||
use Wikimedia\ObjectFactory;
|
||||
|
|
@ -74,6 +75,11 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
/** @var WatchlistManager */
|
||||
private $watchlistManager;
|
||||
|
||||
protected function setUp(): void {
|
||||
parent::setUp();
|
||||
$this->tablesUsed[] = 'ipblocks';
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets a mock on a hook
|
||||
* @param string $hook
|
||||
|
|
@ -1403,7 +1409,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
}
|
||||
|
||||
public static function provideAllowsAuthenticationDataChange() {
|
||||
$ignored = \Status::newGood( 'ignored' );
|
||||
$ignored = Status::newGood( 'ignored' );
|
||||
$ignored->warning( 'authmanager-change-not-supported' );
|
||||
|
||||
$okFromPrimary = StatusValue::newGood();
|
||||
|
|
@ -1417,17 +1423,17 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
[
|
||||
StatusValue::newGood(),
|
||||
StatusValue::newGood(),
|
||||
\Status::newGood(),
|
||||
Status::newGood(),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood(),
|
||||
StatusValue::newGood( 'ignore' ),
|
||||
\Status::newGood(),
|
||||
Status::newGood(),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood( 'ignored' ),
|
||||
StatusValue::newGood(),
|
||||
\Status::newGood(),
|
||||
Status::newGood(),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood( 'ignored' ),
|
||||
|
|
@ -1437,27 +1443,27 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
[
|
||||
StatusValue::newFatal( 'fail from primary' ),
|
||||
StatusValue::newGood(),
|
||||
\Status::newFatal( 'fail from primary' ),
|
||||
Status::newFatal( 'fail from primary' ),
|
||||
],
|
||||
[
|
||||
$okFromPrimary,
|
||||
StatusValue::newGood(),
|
||||
\Status::wrap( $okFromPrimary ),
|
||||
Status::wrap( $okFromPrimary ),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood(),
|
||||
StatusValue::newFatal( 'fail from secondary' ),
|
||||
\Status::newFatal( 'fail from secondary' ),
|
||||
Status::newFatal( 'fail from secondary' ),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood(),
|
||||
$okFromSecondary,
|
||||
\Status::wrap( $okFromSecondary ),
|
||||
Status::wrap( $okFromSecondary ),
|
||||
],
|
||||
[
|
||||
StatusValue::newGood(),
|
||||
$throttledMailPassword,
|
||||
\Status::newGood( 'throttled-mailpassword' ),
|
||||
Status::newGood( 'throttled-mailpassword' ),
|
||||
]
|
||||
];
|
||||
}
|
||||
|
|
@ -1502,30 +1508,48 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
}
|
||||
}
|
||||
|
||||
public function testCheckAccountCreatePermissions() {
|
||||
$this->initializeManager( true );
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_anon() {
|
||||
$this->setGroupPermissions( '*', 'createaccount', true );
|
||||
$this->initializeManager( true );
|
||||
$this->assertEquals(
|
||||
\Status::newGood(),
|
||||
Status::newGood(),
|
||||
$this->manager->checkAccountCreatePermissions( new \User )
|
||||
);
|
||||
}
|
||||
|
||||
$readOnlyMode = \MediaWiki\MediaWikiServices::getInstance()->getReadOnlyMode();
|
||||
$readOnlyMode->setReason( 'Because' );
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( wfMessage( 'readonlytext', 'Because' ) ),
|
||||
$this->manager->checkAccountCreatePermissions( new \User )
|
||||
);
|
||||
$readOnlyMode->setReason( false );
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_anonNotAllowed() {
|
||||
$this->setGroupPermissions( '*', 'createaccount', false );
|
||||
$this->initializeManager( true );
|
||||
$status = $this->manager->checkAccountCreatePermissions( new \User );
|
||||
$this->assertFalse( $status->isOK() );
|
||||
$this->assertTrue( $status->hasMessage( 'badaccess-groups' ) );
|
||||
$this->setGroupPermissions( '*', 'createaccount', true );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_readOnly() {
|
||||
$this->initializeManager( true );
|
||||
$readOnlyMode = $this->getServiceContainer()->getReadOnlyMode();
|
||||
$readOnlyMode->setReason( 'Because' );
|
||||
$this->assertEquals(
|
||||
Status::newFatal( wfMessage( 'readonlytext', 'Because' ) ),
|
||||
$this->manager->checkAccountCreatePermissions( new \User )
|
||||
);
|
||||
$readOnlyMode->setReason( false );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
* @covers \MediaWiki\Permissions\PermissionManager::checkUserBlock()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_blocked() {
|
||||
$this->initializeManager( true );
|
||||
|
||||
$user = \User::newFromName( 'UTBlockee' );
|
||||
|
|
@ -1534,12 +1558,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
\TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
|
||||
$user->saveSettings();
|
||||
}
|
||||
$blockStore = MediaWikiServices::getInstance()->getDatabaseBlockStore();
|
||||
$oldBlock = DatabaseBlock::newFromTarget( 'UTBlockee' );
|
||||
if ( $oldBlock ) {
|
||||
// An old block will prevent our new one from saving.
|
||||
$blockStore->deleteBlock( $oldBlock );
|
||||
}
|
||||
$blockStore = $this->getServiceContainer()->getDatabaseBlockStore();
|
||||
$blockOptions = [
|
||||
'address' => 'UTBlockee',
|
||||
'user' => $user->getId(),
|
||||
|
|
@ -1555,7 +1574,16 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$status = $this->manager->checkAccountCreatePermissions( $user );
|
||||
$this->assertFalse( $status->isOK() );
|
||||
$this->assertTrue( $status->hasMessage( 'blockedtext' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
* @covers \MediaWiki\Permissions\PermissionManager::checkUserBlock()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_ipBlocked() {
|
||||
$this->setGroupPermissions( '*', 'createaccount', true );
|
||||
$this->initializeManager( true );
|
||||
$blockStore = $this->getServiceContainer()->getDatabaseBlockStore();
|
||||
$blockOptions = [
|
||||
'address' => '127.0.0.0/24',
|
||||
'by' => $this->getTestSysop()->getUser()->getId(),
|
||||
|
|
@ -1566,12 +1594,15 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
];
|
||||
$block = new DatabaseBlock( $blockOptions );
|
||||
$blockStore->insertBlock( $block );
|
||||
$scopeVariable = new ScopedCallback( [ $block, 'delete' ] );
|
||||
$status = $this->manager->checkAccountCreatePermissions( new \User );
|
||||
$this->assertFalse( $status->isOK() );
|
||||
$this->assertTrue( $status->hasMessage( 'blockedtext-partial' ) );
|
||||
ScopedCallback::consume( $scopeVariable );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_DNSBlacklist() {
|
||||
$this->setMwGlobals( [
|
||||
'wgEnableDnsBlacklist' => true,
|
||||
'wgDnsBlacklistUrls' => [
|
||||
|
|
@ -1589,6 +1620,49 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->assertTrue( $status->isGood() );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers \MediaWiki\Auth\AuthManager::checkAccountCreatePermissions()
|
||||
* @covers \MediaWiki\Permissions\PermissionManager::checkUserBlock()
|
||||
*/
|
||||
public function testCheckAccountCreatePermissions_ipIsBlockedByUserNot() {
|
||||
$this->initializeManager( true );
|
||||
|
||||
$user = \User::newFromName( 'UTBlockee' );
|
||||
if ( $user->getId() == 0 ) {
|
||||
$user->addToDatabase();
|
||||
\TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
|
||||
$user->saveSettings();
|
||||
}
|
||||
$blockStore = $this->getServiceContainer()->getDatabaseBlockStore();
|
||||
$blockOptions = [
|
||||
'address' => 'UTBlockee',
|
||||
'user' => $user->getId(),
|
||||
'by' => $this->getTestSysop()->getUser()->getId(),
|
||||
'reason' => __METHOD__,
|
||||
'expiry' => time() + 100500,
|
||||
'createAccount' => false,
|
||||
];
|
||||
$block = new DatabaseBlock( $blockOptions );
|
||||
$blockStore->insertBlock( $block );
|
||||
|
||||
$blockOptions = [
|
||||
'address' => '127.0.0.0/24',
|
||||
'by' => $this->getTestSysop()->getUser()->getId(),
|
||||
'reason' => __METHOD__,
|
||||
'expiry' => time() + 100500,
|
||||
'createAccount' => true,
|
||||
'sitewide' => false,
|
||||
];
|
||||
$block = new DatabaseBlock( $blockOptions );
|
||||
$blockStore->insertBlock( $block );
|
||||
|
||||
$this->resetServices();
|
||||
$this->initializeManager( true );
|
||||
$status = $this->manager->checkAccountCreatePermissions( $user );
|
||||
$this->assertFalse( $status->isOK() );
|
||||
$this->assertTrue( $status->hasMessage( 'blockedtext-partial' ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $uniq
|
||||
* @return string
|
||||
|
|
@ -1606,7 +1680,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->initializeManager();
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( 'authmanager-create-disabled' ),
|
||||
Status::newFatal( 'authmanager-create-disabled' ),
|
||||
$this->manager->canCreateAccount( $username )
|
||||
);
|
||||
|
||||
|
|
@ -1621,7 +1695,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->initializeManager( true );
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( 'userexists' ),
|
||||
Status::newFatal( 'userexists' ),
|
||||
$this->manager->canCreateAccount( $username )
|
||||
);
|
||||
|
||||
|
|
@ -1636,17 +1710,17 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->initializeManager( true );
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( 'noname' ),
|
||||
Status::newFatal( 'noname' ),
|
||||
$this->manager->canCreateAccount( $username . '<>' )
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( 'userexists' ),
|
||||
Status::newFatal( 'userexists' ),
|
||||
$this->manager->canCreateAccount( 'UTSysop' )
|
||||
);
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newGood(),
|
||||
Status::newGood(),
|
||||
$this->manager->canCreateAccount( $username )
|
||||
);
|
||||
|
||||
|
|
@ -1661,7 +1735,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->initializeManager( true );
|
||||
|
||||
$this->assertEquals(
|
||||
\Status::newFatal( 'fail' ),
|
||||
Status::newFatal( 'fail' ),
|
||||
$this->manager->canCreateAccount( $username )
|
||||
);
|
||||
}
|
||||
|
|
@ -2559,7 +2633,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$expect = \Status::newGood();
|
||||
$expect = Status::newGood();
|
||||
$expect->warning( 'userexists' );
|
||||
$this->assertEquals( $expect, $ret );
|
||||
$this->assertNotEquals( 0, $user->getId() );
|
||||
|
|
@ -2575,7 +2649,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, false, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$expect = \Status::newGood();
|
||||
$expect = Status::newGood();
|
||||
$expect->warning( 'userexists' );
|
||||
$this->assertEquals( $expect, $ret );
|
||||
$this->assertNotEquals( 0, $user->getId() );
|
||||
|
|
@ -2594,7 +2668,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$user = \User::newFromName( $username );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( wfMessage( 'readonlytext', 'Because' ) ), $ret );
|
||||
$this->assertEquals( Status::newFatal( wfMessage( 'readonlytext', 'Because' ) ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2611,7 +2685,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'test' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'test' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2626,7 +2700,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'test2' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'test2' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2641,7 +2715,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'noname' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'noname' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username . '@', $user->getId() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2660,7 +2734,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'authmanager-autocreate-noperm' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'authmanager-autocreate-noperm' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2682,7 +2756,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_MAINT, true, false );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'ok' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'ok' ), $ret );
|
||||
|
||||
// Test that both permutations of permissions are allowed
|
||||
// (this hits the two "ok" entries in $mocks['pre'])
|
||||
|
|
@ -2695,7 +2769,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'ok' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'ok' ), $ret );
|
||||
|
||||
$this->setGroupPermissions( '*', 'createaccount', true );
|
||||
$this->setGroupPermissions( '*', 'autocreateaccount', false );
|
||||
|
|
@ -2705,7 +2779,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'ok' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'ok' ), $ret );
|
||||
$logger->clearBuffer();
|
||||
|
||||
// Test lock fail
|
||||
|
|
@ -2717,7 +2791,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
unset( $lock );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'usernameinprogress' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'usernameinprogress' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2732,7 +2806,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'fail-in-pre' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'fail-in-pre' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2749,7 +2823,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'fail-in-primary' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'fail-in-primary' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2766,7 +2840,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'fail-in-secondary' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'fail-in-secondary' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2787,7 +2861,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$this->hook( 'LocalUserCreated', LocalUserCreatedHook::class, $this->never() );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newFatal( 'authmanager-autocreate-exception' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'authmanager-autocreate-exception' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2806,7 +2880,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
->willReturn( \Status::newFatal( 'because' ) );
|
||||
$user->setName( $username );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->assertEquals( \Status::newFatal( 'because' ), $ret );
|
||||
$this->assertEquals( Status::newFatal( 'because' ), $ret );
|
||||
$this->assertSame( 0, $user->getId() );
|
||||
$this->assertNotEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2854,11 +2928,11 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$status = $oldUser->addToDatabase();
|
||||
$this->assertTrue( $status->isOK(), 'sanity check' );
|
||||
$user->setId( $oldUser->getId() );
|
||||
return \Status::newFatal( 'userexists' );
|
||||
return Status::newFatal( 'userexists' );
|
||||
} ) );
|
||||
$user->setName( $username );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$expect = \Status::newGood();
|
||||
$expect = Status::newGood();
|
||||
$expect->warning( 'userexists' );
|
||||
$this->assertEquals( $expect, $ret );
|
||||
$this->assertNotEquals( 0, $user->getId() );
|
||||
|
|
@ -2879,7 +2953,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
->with( $callback, true );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newGood(), $ret );
|
||||
$this->assertEquals( Status::newGood(), $ret );
|
||||
$this->assertNotEquals( 0, $user->getId() );
|
||||
$this->assertEquals( $username, $user->getName() );
|
||||
$this->assertEquals( $user->getId(), $session->getUser()->getId() );
|
||||
|
|
@ -2897,7 +2971,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
->with( $callback, true );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, false, true );
|
||||
$this->unhook( 'LocalUserCreated' );
|
||||
$this->assertEquals( \Status::newGood(), $ret );
|
||||
$this->assertEquals( Status::newGood(), $ret );
|
||||
$this->assertNotEquals( 0, $user->getId() );
|
||||
$this->assertEquals( $username, $user->getName() );
|
||||
$this->assertSame( 0, $session->getUser()->getId() );
|
||||
|
|
@ -2915,7 +2989,7 @@ class AuthManagerTest extends \MediaWikiIntegrationTestCase {
|
|||
$username = self::usernameForCreation();
|
||||
$user = \User::newFromName( $username );
|
||||
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, false, true );
|
||||
$this->assertEquals( \Status::newGood(), $ret );
|
||||
$this->assertEquals( Status::newGood(), $ret );
|
||||
$logger->clearBuffer();
|
||||
|
||||
$data = \DatabaseLogEntry::getSelectQueryData();
|
||||
|
|
|
|||
Loading…
Reference in a new issue