Block Special pages only if the user is sitewide blocked
Update the default implementation of FormSpecialPage::checkExecutePermissions() so that a Special page is only blocked if the user has a sitewide block. This change allows the user to continue performing critical functions (like resetting their password) even if they are partially blocked. Bug: T209097 Change-Id: I5190297b7b235b6ebbdfa522323ce9bbd46b6729
This commit is contained in:
David Barratt
Dbarratt
parent
5376b0b4b2
commit
a574f4c065
4 changed files with 94 additions and 2 deletions
|
|
@ -203,9 +203,11 @@ abstract class FormSpecialPage extends SpecialPage {
|
|||
protected function checkExecutePermissions( User $user ) {
|
||||
$this->checkPermissions();
|
||||
|
||||
if ( $this->requiresUnblock() && $user->isBlocked() ) {
|
||||
if ( $this->requiresUnblock() ) {
|
||||
$block = $user->getBlock();
|
||||
throw new UserBlockedError( $block );
|
||||
if ( $block && $block->isSitewide() ) {
|
||||
throw new UserBlockedError( $block );
|
||||
}
|
||||
}
|
||||
|
||||
if ( $this->requiresWrite() ) {
|
||||
|
|
|
|||
|
|
@ -154,6 +154,7 @@ $wgAutoloadClasses += [
|
|||
# tests/phpunit/includes/specialpage
|
||||
'SpecialPageTestHelper' => "$testDir/phpunit/includes/specialpage/SpecialPageTestHelper.php",
|
||||
'AbstractChangesListSpecialPageTestCase' => "$testDir/phpunit/includes/specialpage/AbstractChangesListSpecialPageTestCase.php",
|
||||
'FormSpecialPageTestCase' => "$testDir/phpunit/includes/specialpage/FormSpecialPageTestCase.php",
|
||||
|
||||
# tests/phpunit/includes/specials
|
||||
'SpecialPageTestBase' => "$testDir/phpunit/includes/specials/SpecialPageTestBase.php",
|
||||
|
|
|
|||
|
|
@ -0,0 +1,79 @@
|
|||
<?php
|
||||
/**
|
||||
* Factory for handling the special page list and generating SpecialPage objects.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
* http://www.gnu.org/copyleft/gpl.html
|
||||
*
|
||||
* @group SpecialPage
|
||||
*/
|
||||
abstract class FormSpecialPageTestCase extends SpecialPageTestBase {
|
||||
|
||||
/**
|
||||
* @covers FormSpecialPage::checkExecutePermissions
|
||||
*/
|
||||
public function testCheckExecutePermissionsSitewideBlock() {
|
||||
$special = $this->newSpecialPage();
|
||||
$checkExecutePermissions = $this->getMethod( $special, 'checkExecutePermissions' );
|
||||
|
||||
$user = clone $this->getTestUser()->getUser();
|
||||
$user->mBlockedby = $user->getName();
|
||||
$user->mBlock = new Block( [
|
||||
'address' => '127.0.8.1',
|
||||
'by' => $user->getId(),
|
||||
'reason' => 'sitewide block',
|
||||
'timestamp' => time(),
|
||||
'sitewide' => true,
|
||||
'expiry' => 10,
|
||||
] );
|
||||
|
||||
$this->expectException( UserBlockedError::class );
|
||||
$checkExecutePermissions( $user );
|
||||
}
|
||||
|
||||
/**
|
||||
* @covers FormSpecialPage::checkExecutePermissions
|
||||
*/
|
||||
public function testCheckExecutePermissionsPartialBlock() {
|
||||
$special = $this->newSpecialPage();
|
||||
$checkExecutePermissions = $this->getMethod( $special, 'checkExecutePermissions' );
|
||||
|
||||
$user = clone $this->getTestUser()->getUser();
|
||||
$user->mBlockedby = $user->getName();
|
||||
$user->mBlock = new Block( [
|
||||
'address' => '127.0.8.1',
|
||||
'by' => $user->getId(),
|
||||
'reason' => 'partial block',
|
||||
'timestamp' => time(),
|
||||
'sitewide' => false,
|
||||
'expiry' => 10,
|
||||
] );
|
||||
|
||||
$this->assertNull( $checkExecutePermissions( $user ) );
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a protected/private method.
|
||||
*
|
||||
* @param object $obj
|
||||
* @param string $name
|
||||
* @return callable
|
||||
*/
|
||||
protected function getMethod( $obj, $name ) {
|
||||
$method = new ReflectionMethod( $obj, $name );
|
||||
$method->setAccessible( true );
|
||||
return $method->getClosure( $obj );
|
||||
}
|
||||
}
|
||||
10
tests/phpunit/includes/specials/SpecialPasswordResetTest.php
Normal file
10
tests/phpunit/includes/specials/SpecialPasswordResetTest.php
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
<?php
|
||||
|
||||
class SpecialPasswordResetTest extends FormSpecialPageTestCase {
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
protected function newSpecialPage() {
|
||||
return new SpecialPasswordReset();
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue