Block Special pages only if the user is sitewide blocked
Update the default implementation of FormSpecialPage::checkExecutePermissions() so that a Special page is only blocked if the user has a sitewide block. This change allows the user to continue performing critical functions (like resetting their password) even if they are partially blocked. Bug: T209097 Change-Id: I5190297b7b235b6ebbdfa522323ce9bbd46b6729
This commit is contained in:
David Barratt
Dbarratt
parent
5376b0b4b2
commit
a574f4c065
4 changed files with 94 additions and 2 deletions
|
|
@ -203,9 +203,11 @@ abstract class FormSpecialPage extends SpecialPage {
|
||||||
protected function checkExecutePermissions( User $user ) {
|
protected function checkExecutePermissions( User $user ) {
|
||||||
$this->checkPermissions();
|
$this->checkPermissions();
|
||||||
|
|
||||||
if ( $this->requiresUnblock() && $user->isBlocked() ) {
|
if ( $this->requiresUnblock() ) {
|
||||||
$block = $user->getBlock();
|
$block = $user->getBlock();
|
||||||
throw new UserBlockedError( $block );
|
if ( $block && $block->isSitewide() ) {
|
||||||
|
throw new UserBlockedError( $block );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $this->requiresWrite() ) {
|
if ( $this->requiresWrite() ) {
|
||||||
|
|
|
||||||
|
|
@ -154,6 +154,7 @@ $wgAutoloadClasses += [
|
||||||
# tests/phpunit/includes/specialpage
|
# tests/phpunit/includes/specialpage
|
||||||
'SpecialPageTestHelper' => "$testDir/phpunit/includes/specialpage/SpecialPageTestHelper.php",
|
'SpecialPageTestHelper' => "$testDir/phpunit/includes/specialpage/SpecialPageTestHelper.php",
|
||||||
'AbstractChangesListSpecialPageTestCase' => "$testDir/phpunit/includes/specialpage/AbstractChangesListSpecialPageTestCase.php",
|
'AbstractChangesListSpecialPageTestCase' => "$testDir/phpunit/includes/specialpage/AbstractChangesListSpecialPageTestCase.php",
|
||||||
|
'FormSpecialPageTestCase' => "$testDir/phpunit/includes/specialpage/FormSpecialPageTestCase.php",
|
||||||
|
|
||||||
# tests/phpunit/includes/specials
|
# tests/phpunit/includes/specials
|
||||||
'SpecialPageTestBase' => "$testDir/phpunit/includes/specials/SpecialPageTestBase.php",
|
'SpecialPageTestBase' => "$testDir/phpunit/includes/specials/SpecialPageTestBase.php",
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,79 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Factory for handling the special page list and generating SpecialPage objects.
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation; either version 2 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License along
|
||||||
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||||
|
* http://www.gnu.org/copyleft/gpl.html
|
||||||
|
*
|
||||||
|
* @group SpecialPage
|
||||||
|
*/
|
||||||
|
abstract class FormSpecialPageTestCase extends SpecialPageTestBase {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @covers FormSpecialPage::checkExecutePermissions
|
||||||
|
*/
|
||||||
|
public function testCheckExecutePermissionsSitewideBlock() {
|
||||||
|
$special = $this->newSpecialPage();
|
||||||
|
$checkExecutePermissions = $this->getMethod( $special, 'checkExecutePermissions' );
|
||||||
|
|
||||||
|
$user = clone $this->getTestUser()->getUser();
|
||||||
|
$user->mBlockedby = $user->getName();
|
||||||
|
$user->mBlock = new Block( [
|
||||||
|
'address' => '127.0.8.1',
|
||||||
|
'by' => $user->getId(),
|
||||||
|
'reason' => 'sitewide block',
|
||||||
|
'timestamp' => time(),
|
||||||
|
'sitewide' => true,
|
||||||
|
'expiry' => 10,
|
||||||
|
] );
|
||||||
|
|
||||||
|
$this->expectException( UserBlockedError::class );
|
||||||
|
$checkExecutePermissions( $user );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @covers FormSpecialPage::checkExecutePermissions
|
||||||
|
*/
|
||||||
|
public function testCheckExecutePermissionsPartialBlock() {
|
||||||
|
$special = $this->newSpecialPage();
|
||||||
|
$checkExecutePermissions = $this->getMethod( $special, 'checkExecutePermissions' );
|
||||||
|
|
||||||
|
$user = clone $this->getTestUser()->getUser();
|
||||||
|
$user->mBlockedby = $user->getName();
|
||||||
|
$user->mBlock = new Block( [
|
||||||
|
'address' => '127.0.8.1',
|
||||||
|
'by' => $user->getId(),
|
||||||
|
'reason' => 'partial block',
|
||||||
|
'timestamp' => time(),
|
||||||
|
'sitewide' => false,
|
||||||
|
'expiry' => 10,
|
||||||
|
] );
|
||||||
|
|
||||||
|
$this->assertNull( $checkExecutePermissions( $user ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a protected/private method.
|
||||||
|
*
|
||||||
|
* @param object $obj
|
||||||
|
* @param string $name
|
||||||
|
* @return callable
|
||||||
|
*/
|
||||||
|
protected function getMethod( $obj, $name ) {
|
||||||
|
$method = new ReflectionMethod( $obj, $name );
|
||||||
|
$method->setAccessible( true );
|
||||||
|
return $method->getClosure( $obj );
|
||||||
|
}
|
||||||
|
}
|
||||||
10
tests/phpunit/includes/specials/SpecialPasswordResetTest.php
Normal file
10
tests/phpunit/includes/specials/SpecialPasswordResetTest.php
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
class SpecialPasswordResetTest extends FormSpecialPageTestCase {
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
protected function newSpecialPage() {
|
||||||
|
return new SpecialPasswordReset();
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue