Ideally, only User associated with the global request
should be associated with UserAuthority. For a random
user instance, not the current performer, checking permissions
should be based solely on user groups and perhaps an
existing block. Right now however, PermissionManager
is coupled with global request, so we still instantiate
a UserAuthority for non-current users. This mimics the
behaviour we've had before. As we refactor PermissionManager,
we will be able to replace Authority implementation in this case,
or even entirely prohibit non-performer authority.
Bug: T271459
Depends-On: Iebf2dca34eea751391d9740443c195287399aa5c
Change-Id: Ib094e498fd883db23f2763f171281b1c9e99217e
This reverts commit 8f46ef5ff4.
This has seemingly broken FlaggedRevs and thus a bunch of repos.
Bug: T272170
Change-Id: I67de3dbbbc9163aae937f710ecb0e40db0d483a0
This reverts commit 36f1adf670.
This has seemingly broken FlaggedRevs and thus a bunch of repos.
Bug: T272170
Change-Id: I26c6fd656c75a6b209fb17965dc9109edf68642b
This allows Title and WikiPage objects to be compared with PageIdentity
and LinkTarget instances consistently.
Change-Id: I1bbd15d17d046359393ecfc1acd2778273260a95
This makes it so methods that take a WikiPage can be narrowed to a
PageIdentity, and prepares WikiPage for the introduction of the PageRecord
interface.
Bug: T208776
Change-Id: Iab8bd75a1948873baab9c91c76f966d606b23c0f
The `testGetWatchedItemsWithRecentChangeInfo_watchlistOwnerAndInvalidToken`
method (and its data provider) moved to the remaining integration test,
since those actually do require integration
Also do some minor clean up to the unit tests:
* Replace ::getFakeRow with manual (object) casts
* Combine duplicate getMockNonAnonUserWithIdAndRestrictedPermissions
and getMockNonAnonUserWithIdAndNoPatrolRights
Change-Id: Ie853f465b39f06dadd65582df061a9c44068b63a
Follow-up ba6490aa1e.
That patch worked around $executeContext iteration errors due to the
lack of recursion support in doUpdates()/handleUpdateQueue(). Errors
were triggered by MediaWiki::schedulePostSendJobs() enqueueing deferred
updates that invoke JobRunner::run(), which, in turn, invoke doUpdates()
for each job via JobRunner:: doExecuteJob(). The doUpdates() method was
changed to operate on the sub-queue for the in-progress DeferrableUpdate.
Further improve the recursion logic:
* Use classes for the scope stack and scope queues.
* Put *all* updates added during a DeferrableUpdate::doUpdate() call into
the subqueue, regardless of "defer until" stage or whether it implements
MergeableUpdate. Now, doUpdate() can run *everything* it enqueued instead
of a non-obvious subset. Note that the TransactionRoundDefiningUpdate
that invokes JobRunner was already a POSTSEND update before ba6490aa1eb;
the only effect of this change is that MergeableUpdate instances from jobs
will once again run in doExecuteJob().
* Make recursive DeferredUpdates::doUpdate() calls error out immediately
unless the DeferrableUpdate responsible is a TransactionRoundAwareUpdate
with the TRX_ROUND_ABSENT flag. This covers the schedulePostSendJobs()
scenario and only prohibits insane call patterns. Failing early avoids
the risk of handleUpdateQueue() dropping all the updates due to the same
DBTransactionError error in DeferredUpdates::attemptUpdate().
* Avoid recursion loop in tryOpportunisticExecute() when JobQueueDB is in
use and a large number of tasks are pending. This happened due to methods
like onTransactionPreCommitOrIdle() being used within JobQueueDB.
Mark DeferredUpdates::doUpdates()/tryOpportunisticExecute() as @internal
and create a Maintenance::shutdown() method to avoid a direct call in the
doMaintenance.php file.
Bug: T249069
Bug: T268840
Change-Id: Ib369f0e74243a48ababdb9cd83b155c9a0f5e741
Sometimes when moving pages, a row for the target page may already exist
in the watchlist_expiry table. The exact scenario that's causing the
prod errors could not be repo'd in tests or locally, but using REPLACE
should be a safe solution.
Tests updated to actually verify the expiry of the new title, if
present, is overriden with the old one following the page move.
Bug: T271971
Change-Id: Id4d46fcdea4816e5714d266985ba86fdc6450cfb
PageIdentity is intended as a lightweight alternative to Title,
similar to LinkTarget, but providing a page ID. It follows the precedent
of UserIdentity.
Bug: T208776
Change-Id: Iaed4871e0d32c67d4fb13e487625527f6a21e9c5
Most of these are found by the not yet released I10559d8.
I remove the type MockObject in some cases when the calling
code really does not need to know if he get's a mock or the
real thing. However, I do this only in places that are very
closely related to the fixes.
Change-Id: I26a4c3c5a8ae141bf56161b52b54bce7e68f2e30
In the case of Monobook, Monobook styles were overriding a
normalize rule and failing to work.
Bug: T269618
Change-Id: Ifa346f60e3a50d874e68043dc4dece3fd8b41aa3
The code didn't properly handle requests for info about non-existing
pages.
Bug: T271804
Bug: T271815
Change-Id: If4e56ff5ecb4a048767833c89847bb58269cad43
PHPUnit tests that are not based on MediaWikiIntegrationTestCase must
not access the global service container. This patch fixes two instances:
* GlobalIdGeneratorTest was tsting the getTimestampFromUUIDv1 via the
legacy static method in UIDGenerator. Changed to test the GlobalIdGenerator
method directly. Tests for the deprecated static methods should be
separate, if needed at all.
* DerivativeResourceLoaderContextTest does not reside under the "unit"
directory for strict unit tests, but was not based on
MediaWikiIntegrationTestCase, even though ResourceLoader logic heavily
relies on the global service container instance. Fixed by deriving the
test class from MediaWikiIntegrationTestCase.
Change-Id: I40b8364edc5bd88d60e62b0cd0fa51c6ae9d2298
This reverts commit 900c6663b0.
Reason for revert: breaks Parsoid CI. Instead of fixing the test in presence of the FlaggedRevs hook, I would rather convert DefaultPreferencesFactory to Authority and fix the tests once instead of doing it twice.
Change-Id: Iaa440a9804c9ed97339e737162ef64ccf29ceb51
Make the caching logic use getWithSetCallback() and simplify
the code given that there is only one Preprocessor subclass.
Also, keep the cached values JSON serializable but rely on
the serialization in BagOStuff instead for simplicity.
Add related class constants for injecting preprocessor flags.
Bug: T254608
Change-Id: I72f9f0c0bc352ed5120469090c71294ff0c24999
Many files were in the autoloader despite having potentially harmful
file-scope code.
* Exclude all CommandLineInc maintenance scripts from the autoloader.
* Introduce "NO_AUTOLOAD" tag which excludes the file containing it
from the autoloader. Use it on CommandLineInc.php and a few
suspicious-looking files without classes in case they are refactored
to add classes in the future.
* Add a test which parses all non-PSR4 class files and confirms that
they do not contain dangerous file-scope code. It's slow (15s) but
its results were enlightening.
* Several maintenance scripts define constants in the file scope,
intending to modify the behaviour of MediaWiki. Either move the
define() to a later setup function, or protect with NO_AUTOLOAD.
* Use require_once consistently with Maintenance.php and
doMaintenance.php, per the original convention which is supposed to
allow one maintenance script to use the class of another maintenance
script. Using require breaks autoloading of these maintenance class
files.
* When Maintenance.php is included, check if MediaWiki has already
started, and if so, return early. Revert the fix for T250003 which
is incompatible with this safety measure. Hopefully it was superseded
by splitting out the class file.
* In runScript.php add a redundant PHP_SAPI check since it does some
things in file-scope code before any other check will be run.
* Change the if(false) class_alias(...) to something more hackish and
more compatible with the new test.
* Some site-related scripts found Maintenance.php in a non-standard way.
Use the standard way.
* fileOpPerfTest.php called error_reporting(). Probably debugging code
left in; removed.
* Moved mediawiki.compress.7z registration from the class file to the
caller.
Change-Id: I1b1be90343a5ab678df6f1b1bdd03319dcf6537f
This introduces a utility method in MWDebug, and uses it to clean up
the deprecation mechanism for Skin::setupSkinUserCss().
Bug: T257990
Bug: T267080
Change-Id: I5b07fa82dcc2b0fd112f122e45c9b2562cd09247
Refactor the database setup code to share more code between
ParserTestRunner and MediaWikiIntegrationTestCase. Made
`::setupAllTestDBs` static so it can be reused from
ParserTestRunner.
Made ParserTestRunner::addArticle more like
MediaWikiIntegrationTestCase::addCoreDBData(). Some additional
refactoring work could be done here in the future to share more code.
After the refactoring the ParserTestTables hook is no longer necessary
and so has been (soft) deprecated. MediaWikiIntegrationTestCase
clones all database tables, so ParserTestRunner no longer needs to ask
extensions for a list of specific tables it should clone. Cleaning up
the handful of extensions which define this hook will be left to a
future patch set.
Change-Id: I5124789fac333a664b73b4b4a1e801ecc0a618ca
