This way it gets run during extension test runs as well.
Temporarily add a hack allowing 'wbeu' duplicates until T196962 is fixed.
Change-Id: Ic89a22a2ff4525585de9e290a1d47d22cfaaac5e
So callers don't need to do this manually. Pointed out by Tim in T201799.
Depends-On: Ia6c36d5a650095e35093bf47e275e081e89b3daf
Change-Id: Ida62767f3ca53f99609cae01d3a20051bb92ccab
This change adds a PHPUnit test to ApiQueryDisabled as requested in T183885.
A PHPUnit test for ApiDisabled was already in place.
Bug: T183885
Change-Id: I7726c27a5ca74ce26f095afd13af4a71babea82e
Instead of having basically every caller do:
$pf = new PasswordFactory();
$pf->init( RequestContext::getMain()->getConfig() );
Just create a single PasswordFactory via MediaWikiServices and pass that
around. Things that want to use their own config can still pass settings
via the new constructor.
This will eventually let us remove the init() function, removing the
only hard dependency upon MediaWiki, to make it easier to librarize
(T89742).
Change-Id: I0fc7520dc023b11a7fa66083eff7b88ebfe49c7b
So we can make the job voting, preventing other tests from regressing.
These tests can be re-enabled whenever they're made to pass.
Bug: T195807
Change-Id: I58261dd70eea3581803987a4a7739c7d55558f42
This avoids error-prone code written separately in every test. In
addition to no existing tests resetting the TitleFormatter (more
services probably need to be reset as well), they mostly reset only the
namespace cache on $wgContLang, which wouldn't help for any other
language.
The parser test runner still doesn't do this, but maybe it should.
Change-Id: I44b7a1aec48f14b0950907fa14bd0df80f674296
This allows setting the expected exception message by the message key,
not text, so it remains correct if the message is updated. This
function could be defined to work with other exception types too, but it
seems useful to have shortcuts for common types like ApiUsageException
or MWException.
Change-Id: Ic86278e9e1e91eea0c045d2b93342f018e1d8e66
So we can make the job voting, preventing other tests from regressing.
These tests can be re-enabled whenever they're made to pass.
Change-Id: I959710138e1e1b37b6ba69561c2920a78208bf12
MCR deprecated the Revision class in favor of the broadly similar
RevisionRecord, and more interestingly added the concept of multiple
content "slots" to revisions.
Thus, prop=revisions, prop=deletedrevisions, and so on gain a parameter
to specify which slots are wanted. When this new parameter is not
specified (and any content-related props are specified), a warning about
the legacy format will be issued.
The rest of the modules just needed to call methods or use constants on
RevisionRecord instead of Revision. ApiQueryDeletedrevs wasn't touched,
since it has been deprecated since 1.25 anyway.
This also updates a few non-query modules that don't depend on details
of editing, diffing, or viewing MCR revisions that haven't been figured
out yet.
Bug: T200568
Change-Id: I1327d1784f5cedb006cd74df834cf9a560a77a5d
This changes behavior in some tests by making them set $wgLanguageCode
as well as $wgContLang, but that seems like a good thing.
Bug: T200246
Change-Id: I936888f46ff9fefe2707efba837e2ce3a7ca5e3f
Clarify and simplify exception output by deprecating
$wgShowSQLErrors and wgShowDBErrorBacktrace.
$wgShowExceptionDetails will now control most related output.
$wgShowHostnames will now solely control output of
MWExceptionRenderer::reportOutageHTML.
Bug: T165768
Change-Id: Idead2c11c499463dfa6293c3d4b33be3bde92e1a
ApiMain already caches the printer in ->mPrinter, so if
getPrinterByName() is being called more than once that's because we
really want a new printer instance, without any cached errors or other
behavior that results from reusing the same instance.
Bug: T199949
Change-Id: I779cbbaa8aab9b049a8eed732416edd828121ec4
This normalizes handling of transformations on the boundaries between
preferences and generic form controls and removes the special case
where email-blacklist is passed around as an array internally, leaking
into the API.
As a result of this normalization, meta=userinfo no longer returns an
array of users, using the internal representation like action=options.
Bug: T198935
Change-Id: Iff63da0d215585cfcf083e7f7ec8ed45d5b77301
If the request URL was not normalized, for example having a double slash
in it, this could cause it to fail to match in the PathRouter. But the
canonicalizing redirect was using the normalized URL, causing a redirect
loop exception.
So:
* If the PathRouter fails to match with the original URL, try matching
against the normalized URL. This allows it to still work for
normalized URLs with a double slash in the title part of the path.
* Have WebRequest::getFullRequestURL() always return the URL without
removing dot segments or interpreting double slashes. Just append
the path to the server.
* Make MediaWikiTest.php use WebRequest instead of FauxRequest, allowing
it to reproduce the exception in question. Add relevant test.
* Add tests for the new PathRouter behaviour.
Bug: T100782
Change-Id: Ic0f3a0060904abc364f75dae920480b81175d52f
Directly use the UTF-8 encoding of the 'NO-BREAK SPACE' (U+00A0) instead of
the HTML/XML entities   or   or .
With the UTF-8 character the generated HTML is shorter and better to read.
Also change the special value for the label in HTMLForm from   to
U+00A0 but also support   for backward compability.
Bug: T154300
Change-Id: I882599ac1120789bb4e524c4394870680caca4f4
Specifically, check the assert and assertuser parameters before setting
up the action module, so errors in parsing the module's parameters due
to being logged out don't override the client's intended "am I logged
in?" check.
Note this means that assertion failures will no longer use custom module
output formatters. This seems like an acceptable tradeoff: on Wikimedia
sites in May 2018 there were no requests that would have been affected
by this change.
Bug: T197672
Change-Id: I02a71395d5ed9f445e57162f2136292825f8dbb5
This introduces PageUpdater to replace WikiPage::doEditContent,
and DerivedPageDataUpdater, to replace WikiPage::doEditUpdates
and WikiPage::prepareContentForEdit.
See docs/pageupdater.txt for a description of their
functionality.
MCR migration notes:
* The interface of PageUpdater is expected to
remain mostly stable after this patch. Code that has been using
WikiPage::doEditContent can be confidently migrated to using the
new mechanism for revision creation.
* This patch keeps the code inside PageUpdater largely aligned
with the old code in WikiPage, to make review easier to to avoid
mistakes. It is intended to be refactored further, moving
application logic into stateless services.
* DerivedPageDataUpdate is intended as a stepping stone for further
refactoring. Its behavior is designed to be compatible with
callback code that currently relies on
WikiPage::prepareContentForEdit. Much of the code that currently
lives in DerivedPageDataUpdate should be factored out into
services, all behavior relevant to calling code should be exposed
via narrow interfaces.
Bug: T174038
Bug: T196653
Change-Id: If610c68f4912e89af616cdcac1d35a1be3946afa
Some unit tests for the MCR schema migration change the DB schema
in the test setup. However, addCoreDBData() will not work with the
modified schema. Since these tests don't actually need addCoreDBData()
to do anything, they can simply override it to do nothing.
Without this change, tests for Ic2221da30c and Ifabf39e12ba843
fail with $wgMultiContentRevisionSchemaMigrationStage = MIGRATION_WRITE_BOTH.
Change-Id: I86e140ec981dfa4e904822b1600399c533f9e3d6
This mimics how full text works by silenty dropping results returned from
search that no longer exist. This could be because the search index is slightly
out of sync with reality, or the search engine could simply be broken.
Only silent from the users perspective. We maintain a count in statsd of
the number of titles dropped. This can be monitored over time to
recognize any increases.
Bug: T115756
Change-Id: I2f29d73e258cd448a14d35a2b4902a4fb6f61c68
Various code using the search engine shouldn't need to implement it's
own methods, such as over-fetching, to determine if there are more
results available. This should be knowledge internal to search that is
exposed by a boolean.
Change-Id: Ica094428700637dfdedb723b03f6aeadfe12b9f4
The funky iteration here was at best annoying. Switch
it over to an iterator based approach with appropriate
BC code to simulate the old iteration style.
Depends-On: I19a8d6621a130811871dec9335038797627d9448
Change-Id: I9fccda15dd58a0dc35771d3b5cd7a6e8b02514a0
Find: /isset\(\s*([^()]+?)\s*\)\s*\?\s*\1\s*:\s*/
Replace with: '\1 ?? '
(Everywhere except includes/PHPVersionCheck.php)
(Then, manually fix some line length and indentation issues)
Then manually reviewed the replacements for cases where confusing
operator precedence would result in incorrect results
(fixing those in I478db046a1cc162c6767003ce45c9b56270f3372).
Change-Id: I33b421c8cb11cdd4ce896488c9ff5313f03a38cf
Also add non-optional database fields to insert.
The fields are defined with a default in mysql,
but not in postgres or oracle.
Bug: T195807
Change-Id: I201638e3438cb0e5004f8da121e64a770e6a8fca
There is no need to escape double quotes in content of XML.
Html::element() also does not escape double quotes in content.
ENT_NOQUOTES escapes '<', '>' and '&' but not "'" and '"'.
https://secure.php.net/manual/en/function.htmlspecialchars.php
Change-Id: I3b585c43e532cca1a8951d6c9e8b4825fc3b012d
Since 2008 the API has truncated with a warning when too many values are
passed to a multi-valued parameter. It's long past time to make this an
error.
Bug: T41936
Change-Id: I0f9efbdf9230373fa0c175a7fcacbca68225cf40
This is a bit more interoperable than trying to roll our own by using
Title::makeTitleSafe().
We still need to handle IP addresses separately, of course.
Bug: T194916
Change-Id: Ie3900d768cbe15aef079b97d91f7fd23dc7c3e26
With MCR coming up, ApiEditPage is going to need to be able to take
"text" and "contentmodel" parameters for each slot-role, and enumerating
such parameters for every possible slot would probably get rather
confusing as to what is required when, or at least long-winded in
repeating the exact same thing for every possible role.
So let's abstract it: we'll have an "editroles" parameter to specify which
slots are being edited, and ApiEditPage will just declare that
"text-{role}" and "contentmodel-{role}" parameters should exist for each
value of "editroles" in the submission.
Note this patch doesn't introduce anything that uses templated
parameters, just the functionality itself. For testing purposes you
might cherry pick I2d658e9a.
Bug: T174032
Change-Id: Ia19a1617b73067bfb1f0f16ccc57d471778b7361
Follows-up d3da5e08d3, which broke PHP 7.1 and PHP 7.2 test jobs.
This isn't about logic in ApiBase, but about PHP's str-to-int
logic which actually varies between PHP5 and PHP7.
One maps it to 1000, the other as strict int 1 (with non-numerical
text chopped off, the same as it would for 1foo).
If we want to support 1e3 as part of the API itself, then we'd
need to parse it ourselves and then add the test back.
Bug: T192425
Change-Id: I6fc43f29425749a1abe785fefa312db6a98ea7cd
The siteinfo API response's 'writeapi' value is now hard-set to true,
as are the ResourceLoader variables wgEnableAPI and wgEnableWriteAPI,
to be deprecated later.
Bug: T115414
Change-Id: I54ff9428b247ba203d67aba079149393f323d5a9
One bug caught: the watch and unwatch params were not being honored.
They have now been removed.
Depends-On: Ia21a974f2b463afc9324182137b95c80db86a6aa
Change-Id: I0e214339c9ae3f0fb5a40c88a84190bc32503151
Fixed bug: in PHP versions less than 5.6.0, any request that didn't
attempt to add any groups would warn, because it would call array_fill()
with the second argument (num) equal to 0. From PHP 5.6.0, the num
argument to array_fill() is allowed to be 0.
Change-Id: I0c5772f15d8f550dc43fb37c3c58d15dd73ea584
Also removed a sketchy-looking usage of ?: with a string in
ApiParse.php. In this case I think it was fine, because it would only
cause a bug if a page's display title was '0' but its actual title was
not '0', which is only possible if $wgRestrictDisplayTitle is false,
which is broken by design anyway and I don't think is worth testing.
But ?: used for something that should be interpreted as a string is
generally not a good idea.
One bug fixed: an error message that used an undefined variable.
Depends-On: Id0e6184aff8f9d7e8f32558e1de14faa0168cc1d
Change-Id: I0904bff0f9d80892d0db2ebb590c24fb862f2418
One bug fixed: if ApiCheckCanExecute returned false but didn't set
$message, we would try to output a message of false, which would throw
an exception.
Change-Id: Ib06970e280d750ff57d81672f1b365167b93aa3e
One bug fixed: a timestamp of '00' or similar would get interpreted as
'now' by mistake instead of Unix timestamp 0, without throwing the
warning for using 0 instead of 'now'. This is because it called
wfTimestamp() once to parse the input date, got a Unix timestamp of 0
back, and then tried passing that 0 back to wfTimestamp again to
reformat as a wiki date, but it got reinterpreted as 'now'.
Also fixed parameters with type "user" to validate usernames more
correctly. This might be risky, though, if I missed any valid
usernames, or if API clients were for some reason relying on passing in
invalid usernames. If we don't actually want to do this, we should add
a comment explaining why we're allowing any title without a fragment
rather than validating properly.
Still lots more work to do here.
Change-Id: I56b4290263df8698efdbddda71a7eabd9e303abc
Bugs fixed:
* The major one was that appendtext and prependtext seemingly didn't
work at all on empty pages in the MediaWiki namespace, because
$this->getTitle() was being used in place of $titleObj.
* Negative undo/undoafter were not rejected in a correct fashion.
* If a logged-in user who was not allowed to upload images tried to
create an image redirect, the error message used a nonexistent key.
I also replaced assertEquals with assertSame.
I also removed a bit of clearly dead code. This includes a "break"
following dieStatus(). If we actually want this break so that nobody
adds a case after the default and then removes the dieStatus() so the
switch incorrectly falls through, it could be re-added with
@codeCoverageIgnore.
I put the fixes in the same commit as the test changes because I like to
keep fixes together with the tests for those fixes.
All code now shows up as covered locally, except for one line that seems
to be a PHPUnit bug.
Change-Id: I9375bc5f40268fd681a2d447c66a03f40b23390a
The difference between two integers is less than 1 only if it's 0, so
the test as-is will fail whenever the second changes between when '1
day' is evaluated when inserting the block, and when time() is called
for the assert.
Change-Id: Ic76ff05729129b74345696879a934253525213fa
The code coverage tool still reports that line 50 ("$status,") is not
covered, but this is just a parameter to a function that is in fact
called and does show up as covered, so I'm pretty sure it's a bug.
I replaced a couple of sanity checks that reported "incomplete" on
failure with actual assertions so that the test would fail properly if
the sanity check failed.
The testing could still probably be expanded considerably.
Change-Id: Ib6ba7227af23bcb50c7e3bafb0b51395e8acf03f
Still missing a test for file deletion, because I didn't figure out a
simple way to create a file page that I can test on.
Change-Id: I276e84b4f7777e5dd5be5520e572b9b9bb0c0633
I only made one small addition, because I don't understand login/session
code well enough to easily do more.
Change-Id: I36c5ea8e31fb00d75da24c38381f74ba8a15f31a
* Convert OutputHandler.php from global functions to a class.
- wfOutputHandler → OutputHandler::handle
(no alias, no usage outside core)
- wfGzipHandler → OutputHandler::handleGzip
(private, no usage outside class)
- wfRequestExtension → OutputHandler::findUriExtension
(private, no usage outside class)
- wfMangleFlashPolicy → OutputHandler::mangleFlashPolicy
(private, no usage outside class)
- wfDoContentLength → OutputHandler::emitContentLength
(private, no usage outside class)
- wfHtmlValidationHandler → OutputHandler::validateAllHtml
(private, no usage outside class)
* Add the class to autoload.php for exposure outside WebStart.
Specifically, for use in ApiFormatPhpTest. This also removes the
need to manually load the class because this code runs after
Setup.php loads AutoLoader.php.
Bug: T189966
Change-Id: I27a41ec0ae0ee30aeb313a616323b967605c4055
Locally this reports that everything is covered, although the get*()
functions are not registering at all (white backgrounds).
Change-Id: I73fabfb33b329dc3416368fda52d35f7ee6a4a18
Storing the user name or IP in every row in large tables like revision
and logging takes up space and makes operations on these tables slower.
This patch begins the process of moving those into one "actor" table
which other tables can reference with a single integer field.
A subsequent patch will remove the old columns.
Bug: T167246
Depends-On: I9293fd6e0f958d87e52965de925046f1bb8f8a50
Change-Id: I8d825eb02c69cc66d90bd41325133fd3f99f0226
The return value for ApiFormatBase::getFilename() was formerly
documented as "must be encoded for inclusion in a Content-Disposition
header's filename parameter." While this is ok for the common use case
where the module is returning a constant string or can assume whatever
it gets back from getExtensionsForType() is ok, it's not in general a
good idea to make all callers handle that.
Further, it's not possible to represent characters outside of the
ISO-8859-1 character set in a 'filename' parameter. You have to use
'filename*' to do that (see RFC 5987 and RFC 6266).
So, this patch changes the definition of getFilename() to remove the
encoding requirement, and adds code to properly convert and escape the
value for the 'filename' and (if necessary) 'filename*' parameters.
Note this may give unexpected results (double encoding) if any module
actually is returning an encoded filename. I don't see any such cases in
core or in extensions in Gerrit.
Change-Id: I0c2749a847b639f228efff4e1917a61612a1f7d1
This allows to response with an invalidreason instead silently ignore
the parameter.
Example request: api.php?format=json&action=query&titles=%20
Response before this change:
{
"batchcomplete": ""
}
Response with this change:
{
"batchcomplete": "",
"query": {
"pages": {
"-1": {
"title": " ",
"invalidreason": "The requested page title is empty or contains only the name of a namespace.",
"invalid": ""
}
}
}
}
Bug: T185846
Change-Id: I6fdaf32792a0e6e37b08176f975c10607093351b
It is the job of git and svn to provide this information/metadata.
The form was different, some with short, some with long month name
some with leading zero at the day, some without.
The year is also present in the Copyright clause
Change-Id: If006907b82b9e45f13cfa2e45d41107a95570e1a
Ensuring proper behavior of the base class lets comprehensive tests of
subclasses be simpler.
This also adjusts ApiFormatTestBase to be a bit more usable, passing an
array of options through to encodeData() instead of just a class name.
And removes the unused 'SKIP' from testGeneralEncoding, but allows
expecting an exception (for use in I63ce42dd).
Change-Id: Ib2a1fa0b04860b09105376881ff8411f9534c453
This adds 'sanity check' message for one of asserts so it is more
clear that it is asserting a precondition.
Change-Id: I10d36c1bf69effd7bd83f4a2259144e9f6e114fc
Clean up use of @codingStandardsIgnore
- @codingStandardsIgnoreFile -> phpcs:ignoreFile
- @codingStandardsIgnoreLine -> phpcs:ignore
- @codingStandardsIgnoreStart -> phpcs:disable
- @codingStandardsIgnoreEnd -> phpcs:enable
For phpcs:disable always the necessary sniffs are provided.
Some start/end pairs are changed to line ignore
Change-Id: I92ef235849bcc349c69e53504e664a155dd162c8
