Add checks to token-returning functions to prevent returning tokens in
jsonp mode. This affects action=tokens, action=login,
action=createaccount, and action=query&list=deletedrevs.
Also, remove the "gettoken" parameter to action=block and
action=unblock, which has been deprecated since 1.20.
Bug: 49090
Change-Id: Ibeaa5c72d8084585092b15935a3f5709104bf7f7
All tests based on APITestCase can be slow. I've also seen more than one
Jenkins failure due to GlobalTest::testMerge timing out.
Also, added a meta-test on APITestCase to make sure that all its
subclasses are marked with @group medium or @group large, to prevent new
tests from re-causing the bug.
Change-Id: I48630736a3d06574876fd1fa3d90899cfbc48012
This commit depends on the introduction of
MediaWikiTestCase::setMwGlobals in change Iccf6ea81f4.
Various tests already set their globals, but forgot to restore
them afterwards, or forgot to call the parent setUp, tearDown...
Either way they won't have to anymore with setMwGlobals.
Consistent use of function characteristics:
* protected function setUp
* protected function tearDown
* public static function (provide..)
(Matching the function signature with PHPUnit/Framework/TestCase.php)
Replaces:
* public function (setUp|tearDown)\(
* protected function $1(
* \tfunction (setUp|tearDown)\(
* \tprotected function $1(
* \tfunction (data|provide)\(
* \tpublic static function $1\(
Also renamed a few "data#", "provider#" and "provides#" functions
to "provide#" for consistency. This also removes confusion where
the /media tests had a few private methods called dataFile(),
which were sometimes expected to be data providers.
Fixes:
TimestampTest often failed due to a previous test setting a
different language (it tests "1 hour ago" so need to make sure
it is set to English).
MWNamespaceTest became a lot cleaner now that it executes with
a known context. Though the now-redundant code that was removed
didn't work anyway because wgContentNamespaces isn't keyed by
namespace id, it had them was values...
FileBackendTest:
* Fixed: "PHP Fatal: Using $this when not in object context"
HttpTest
* Added comment about:
"PHP Fatal: Call to protected MWHttpRequest::__construct()"
(too much unrelated code to fix in this commit)
ExternalStoreTest
* Add an assertTrue as well, without it the test is useless
because regardless of whether wgExternalStores is true or false
it only uses it if it is an array.
Change-Id: I9d2b148e57bada64afeb7d5a99bec0e58f8e1561
* Use the API module's own context to check edit tokens.
* Use the global session if none is provided to doApiRequest.
* Fix ApiFlockTest to not pass an empty session, so the tokens from
the global request can be used.
Change-Id: I2bff2390f43beb984b1b451bcf4e41271b2f054f
Add tests for:
- action=block and action=unblock gettoken
- attempting to block or unblock a user with no token passed.
Patchset2: use a provider to have tests run against both 'block' and
'unblock' actions.
Change-Id: I686348ff4e2fe419c556acea2fa59dd203dc9440
That test has probably always been broken and use an invalid token. The
bug tracking brokenness is http://bugzilla.wikimedia.org/35646
Since the broken test is merged in master, that block the integration of
Jenkins and Gerrit by having any submitted patchset to be reported as
failling :-(
Root cause is https://gerrit.wikimedia.org/r/3434 which made the
Block/Unblock API to actually verify the token previously always
considered valid (bug 34212).
Change-Id: Iecf6b083163c214c734360b2f6d9b4bed8af07dc
That will let us tests all the API tests by using PHPUnit group
filtering such as:
php phpunit.php --group API
Also cleaned some whitespaces
Patchset-4: skipped files that had only whitespace changes
Change-Id: I51e03d910521b061f505e3a9b11a08c7b95f1538
* Make tests work again
* Added ApiTestCase::doApiRequest() and related to pass it to the context and removed override of $wgUser where possible
* Fix ApiLogin to get the correct User object (i.e. the logged in one)
* Fix ApiBase to feed a RequestContext to setContext() so that ApiLogin can call setUser()
* Fix Oracle stuff per CR on r88755
* Don't expect tests to clean up after themselves, do it in MediaWikiTestCase::run() (skipping user and interwiki, also per CR)
** Also don't do it from the destructor, phpunit calls this more often than you'd think
* Need to find: way to detect "is this the last test?" so we can drop our tables on completion
This follow up r88755 that make tests depends on each other. The creation
of a Block through the API is troublesome to the BlockTest suite.
Requires r89070
* Internalise $mAddress/$mUser, $mBy/$mByName, $mEnableAutoblock, $mId as getTarget(), getBlockers(), isAutoblocking(), getId().
* This required editing AbuseFilter and CheckUser backwards-incompatibly, so push the rest of the changes out to those extensions.
* Attack the evil 14-parameter constructor and gratuitously-confusing newFromDB( $notVeryImportantParameter, $moreImportantParameter)
* Reimplement the hack for bug 13611 in a slightly less fragile fashion; could still do with further cleanup, but then again the login frontend is its own can of worms... :S
* Remove transitionary getTargetAndType() and newFromTargetAndType() methods
* Some optimisation in parseTarget()
* Fix the broken phpunit test mentioned in r84251
