Just methods where adding "static" to the declaration was enough, I
didn't do anything with providers that used $this.
Initially by search and replace. There were many mistakes which I
found mostly by running the PHPStorm inspection which searches for
$this usage in a static method. Later I used the PHPStorm "make static"
action which avoids the more obvious mistakes.
Bug: T332865
Change-Id: I47ed6692945607dfa5c139d42edbd934fa4f3a36
If $ignoredErrors isn’t empty, the process of filtering out ignored
errors may have left holes in the array. This isn’t desirable; in
particular, PermissionsError expects the first element ($errors[0]) to
exist. Let’s reindex the array sequentially to avoid problems.
Change-Id: I023d83bf7f29117da9d5a9062c9edb8c60a7e547
createMock() does the same, but is much easier to read.
A small difference is that some of the replacements made in this
patch didn't use disableOriginalConstructor() before. In case this
was relevant we should see the respective test fail. If not we can
save some CPU cycles and skip these constructors.
Change-Id: Ib98fb06e0fe753b7a53cb087a47e1159515a8ad5
As we slowly move away from using globals, overrideConfigValue()
and overrideConfigValues() were introduced as a way to override
test configs between tests.
Under the hood, it just calls setMwGlobals() which resets services,
so take note.
Part 1: Directories covered are: languages/, maintenance/, tests/,
structure/ and includes/Permissions/.
Depends-On: I618b16c6d99c94eb2e7edcf05e888a65f7156754
Change-Id: If56f7d10d79f3a9824a52091a2b544d8653dd7b6
Since 65f89072e3, the Article constructor will throw if a page
can't exist, which means that the Action hierarchy cannot act on pages
that can't exist. So guard the Article construction in
PermissionManager::checkUserBlock(), by assuming that the relevant
Action has nothing to say about such pages.
Bug: T306358
Change-Id: I9fd1324f1df98e8adb9daf4d3e63eb00499bad8e
* In PermissionManager, if a user is anonymous but temporary user
creation is possible, grant elevated permissions at RIGOR_QUICK rigor
level. This is mostly to make skins show "edit" instead of "view
source" to anonymous users in the recommended permissions
configuration.
* Present temporary users as if they are not logged in in various places
in the interface: create/move permissions errors, login, preferences,
watchlist, BotPasswords, ChangeEmail, ResetTokens.
* Show a warning on login/logout about loss of access to the temp
account.
* On login, don't show the temporary name as a suggestion for the login
username.
Change-Id: Id0d5ffa46c3ca5c7b30d540cedbaa528b682aa85
For now, let's just proxy the title object and set the
interwiki but to make things nicer, we should not provide
a title via setUp(), we should use providers.
Bug: T275763
Change-Id: I761de85ae5a839e8a695b85ce0fd7200b498da22
This allows checking restrictions without a dependency on Title, based
only on a PageIdentity.
Additional fixes along the way:
* Correctly return false instead of 'infinity' for
getRestrictionExpiry( 'create' ) on an existing page
* Correctly handle non-special pages that can't exist (like media pages)
in listApplicableRestrictionTypes() (return empty array instead of
'create')
* Improve readability of isProtected()
The expectation change in TitleTest::testIsProtected() is because the
test was formerly broken, since it set mRestrictions without setting
mRestrictionsLoaded. (Which illustrates how this approach to testing is
essentially broken.)
Co-authored-by: Vedmaka <god.vedmaka@gmail.com>
Bug: T218395
Change-Id: Ia73ea587586cb69eb53265b2f8f7a296a2573dd0
1) The following methods were hard deprecated:
- User::addAutopromoteOnceGroups
- User::getEffectiveGroups
- User::getAutomaticGroups
- User::getFormerGroups
2) User ::getGroups, ::getGroupMemberships, ::addGroup,
::removeGroup were replaced in the production code,
but they were not hard deprecated because of conflict
with UserRightsProxy class.
Bug: T275148
Change-Id: Ia69598316f5dc5dd9511f6112b5b13e1aa07575a
Ended up using
grep -Prl '\->setMethods\(' . | xargs sed -r -i 's/setMethods\(/onlyMethods\(/g'
special-casing setMethods( null ) -> onlyMethods( [] )
and then manual fix of failing test (from PS2 onwards).
Bug: T278010
Change-Id: I012dca7ae774bb430c1c44d50991ba0b633353f1
My personal best practice is to not document @params when there
is a @dataProvider. I mean, these test…() functions are not
meant to be called from anywhere. They do not really need
documentation. @param tags don't do much but duplicate what the
@dataProvider does. This is error-prone, as demonstrated by the
examples in this patch.
This patch also removes @throws tags from tests. A test…() can
never throw an exception. Otherwise the test would fail.
Most of these are found by the not yet released I10559d8.
Change-Id: I3782bca43f875687cd2be972144a7ab6b298454e
For specific actions that do not change the content of
pages, skip the additional permission checks required
for individual user configuration pages. This allows
sysops to view deleted content of such pages,
even though they cannot edit the page.
Bug: T202989
Change-Id: I02e820c818e9e58e6591ec412fc3eca9384e0bb2
Remove broken `testQuickPermissions` tests,
as well as the helper method `runGroupPermissions`
only used in those broken tests. Will follow-up
with the addition of working tests, splitting
to ease review since the new tests will
be very different from the old ones (eg using
a dataProvider)
Change-Id: I4aa9d4b5f8ac4ee74aae3282b221d0bbbb7276a4
Replace existing `testPageRestrictions` method,
which is `@group Broken`, with simpler tests with
direct access to `checkPageRestrictions` via TestingAccessWrapper
Change-Id: Iadd74c1bad95ecdbb89fd5835330a9c5f32432d0
Rewrite tests for `checkUserConfigPermissions`
Replace `runConfigEditPermissions` with direct
access to the private method using TestingAccessWrapper
Change-Id: I05757a0d0249edf7dd39b8c21988f7fa88020b2b
Right now its just reducing the number of calls to
MediaWikiServices::getInstance()->getPermissionManager()
to make the tests a bit more readable
This change should be a no-op
Change-Id: I97c9dd8d057dbb20d07c51a67e17f4734b13723f
Following 23c3c70d7f, soft deprecate the static methods on
DatabaseBlock that have been moved to DatabaseBlockStore:
* ::insert
* ::delete
* ::update
* ::purgeExpired
Update calls to the deprecated methods from core.
Change-Id: I1272eb978594fd4f386bda12cbc24131ad7d882f
A new user right, `delete-redirect`, is added (not given to anyone
by default). At Special:MovePage, if attempting to move to a single
revision redirect that would otherwise be an invalid target (i.e.
doesn't point to the source page), the user is able to delete the
target.
Deletions are logged as `delete/delete_redir2`, and the move is
then logged normally as `move/move`, mirroring current delete and
move logging.
To allow for separate handling by Special:MovePage,
MovePage::isValidMove now returns a fatal status `redirectexists` if
the target isn't valid but passes Title::isSingleRevRedirect.
Otherwise, `articleexists` is returned (as previously). Other callers
that don't intend to treat single revision redirects differently
should treat `redirectexists` the same as `articleexists`.
Currently, this deletion (like normal delete and move) cannot be
done through the move api. Since the deletion is only valid when
moving a page, unlike for normal deletion, deleting redirects with
this right cannot be done via the delete api either.
Bug: T239277
Change-Id: I36c8df0a12d326ae07018046541bd00103936144
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
