Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/includes/api/ApiBlockTest.php
Tim Starling d6727856fd Support new block schema 
Support migration stages when reading and writing blocks.

I tried to set it up for an easy next stage, in which support for the
old schema is removed. I tried to avoid factoring out of shared code
between the two schemas, so that the old schema cases can simply be
deleted without the need to revert unnecessary abstractions.

However, I added HideUserUtils to factor out ipb_deleted queries. Code
review showed that this was already quite complex, with multiple
approaches to the problem, so it benefits from refactoring even without
the schema abstraction.

HideUserUtils is a service rather than a standalone class to support
unit tests, since unit tests do not allow global config access. When
the migration stage config is removed, it will be a service with no
constructor parameters -- an unnecessary abstraction which should
ideally be resolved at that time.

When interpreting result rows, it is possible to share code by using
field aliases. But when constructing WHERE conditions, the actual field
names need to be used, so the migration is more intrusive in
ApiQueryBlocks and SpecialBlockList, where complex conditions are used.

Bug: T346293
Bug: T51504
Bug: T349883
Change-Id: I408acf7a57b0100fe18c455fc13141277a598925
2023-11-29 13:31:42 +11:00

375 lines
11 KiB
PHP
Raw Blame History

<?php
use MediaWiki\Block\DatabaseBlock;
use MediaWiki\Block\Restriction\ActionRestriction;
use MediaWiki\Block\Restriction\NamespaceRestriction;
use MediaWiki\Block\Restriction\PageRestriction;
use MediaWiki\MainConfigNames;
use MediaWiki\Permissions\Authority;
use MediaWiki\Permissions\UltimateAuthority;
use MediaWiki\Tests\Unit\Permissions\MockAuthorityTrait;
use MediaWiki\User\UserRigorOptions;
use MediaWiki\Utils\MWTimestamp;
/**
* @group API
* @group Database
* @group medium
*
* @covers ApiBlock
*/
class ApiBlockTest extends ApiTestCase {
use MockAuthorityTrait;
protected $mUser = null;
private $blockStore;
private $blockMigrationStage;
protected function setUp(): void {
parent::setUp();
$this->mUser = $this->getMutableTestUser()->getUser();
$this->overrideConfigValue(
MainConfigNames::BlockCIDRLimit,
[
'IPv4' => 16,
'IPv6' => 19,
]
);
$this->blockStore = $this->getServiceContainer()->getDatabaseBlockStore();
$this->blockMigrationStage =
$this->getConfVar( MainConfigNames::BlockTargetMigrationStage );
}
/**
* @param array $extraParams Extra API parameters to pass to doApiRequest
* @param Authority|null $blocker User to do the blocking, null to pick arbitrarily
* @return array result of doApiRequest
*/
private function doBlock( array $extraParams = [], Authority $blocker = null ) {
$this->assertNotNull( $this->mUser );
$params = [
'action' => 'block',
'user' => $this->mUser->getName(),
'reason' => 'Some reason',
];
if ( array_key_exists( 'userid', $extraParams ) ) {
// Make sure we don't have both user and userid
unset( $params['user'] );
}
$ret = $this->doApiRequestWithToken( array_merge( $params, $extraParams ), null, $blocker );
$block = $this->blockStore->newFromTarget( $this->mUser->getName() );
$this->assertTrue( $block !== null, 'Block is valid' );
$this->assertSame( $this->mUser->getName(), $block->getTargetName() );
$this->assertSame( 'Some reason', $block->getReasonComment()->text );
return $ret;
}
/**
* Block by username
*/
public function testNormalBlock() {
$this->doBlock();
}
/**
* Block by user ID
*/
public function testBlockById() {
$this->doBlock( [ 'userid' => $this->mUser->getId() ] );
}
/**
* A blocked user can't block
*/
public function testBlockByBlockedUser() {
$this->expectApiErrorCode( 'ipbblocked' );
$blocked = $this->getMutableTestUser( [ 'sysop' ] )->getUser();
$block = new DatabaseBlock( [
'address' => $blocked->getName(),
'by' => $this->getTestSysop()->getUser(),
'reason' => 'Capriciousness',
'timestamp' => '19370101000000',
'expiry' => 'infinity',
] );
$this->getServiceContainer()->getDatabaseBlockStore()->insertBlock( $block );
$this->doBlock( [], $blocked );
}
public function testBlockOfNonexistentUser() {
$this->expectApiErrorCode( 'nosuchuser' );
$this->doBlock( [ 'user' => 'Nonexistent' ] );
}
public function testBlockOfNonexistentUserId() {
$id = 948206325;
$this->expectApiErrorCode( 'nosuchuserid' );
$this->assertNull( $this->getServiceContainer()->getUserIdentityLookup()->getUserIdentityByUserId( $id ) );
$this->doBlock( [ 'userid' => $id ] );
}
public function testBlockWithTag() {
$this->getServiceContainer()->getChangeTagsStore()->defineTag( 'custom tag' );
$this->doBlock( [ 'tags' => 'custom tag' ] );
$this->assertSame( 1, (int)$this->getDb()->newSelectQueryBuilder()
->select( 'COUNT(*)' )
->from( 'logging' )
->join( 'change_tag', null, 'ct_log_id = log_id' )
->join( 'change_tag_def', null, 'ctd_id = ct_tag_id' )
->where( [ 'log_type' => 'block', 'ctd_name' => 'custom tag' ] )
->caller( __METHOD__ )->fetchField() );
}
public function testBlockWithProhibitedTag() {
$this->expectApiErrorCode( 'tags-apply-no-permission' );
$this->getServiceContainer()->getChangeTagsStore()->defineTag( 'custom tag' );
$this->overrideConfigValue(
MainConfigNames::RevokePermissions,
[ 'user' => [ 'applychangetags' => true ] ]
);
$this->doBlock( [ 'tags' => 'custom tag' ] );
}
public function testBlockWithHide() {
$res = $this->doBlock(
[ 'hidename' => '' ],
new UltimateAuthority( $this->getTestSysop()->getUser() )
);
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_OLD ) {
$this->assertSame( '1', $this->db->newSelectQueryBuilder()
->select( 'ipb_deleted' )
->from( 'ipblocks' )
->where( [ 'ipb_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField() );
}
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_NEW ) {
$this->assertSame( '1', $this->db->newSelectQueryBuilder()
->select( 'bl_deleted' )
->from( 'block' )
->where( [ 'bl_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField() );
}
}
public function testBlockWithProhibitedHide() {
$performer = $this->mockUserAuthorityWithoutPermissions(
$this->getTestUser()->getUser(),
[ 'hideuser' ]
);
$this->expectApiErrorCode( 'permissiondenied' );
$this->doBlock( [ 'hidename' => '' ], $performer );
}
public function testBlockWithEmailBlock() {
$this->overrideConfigValues( [
MainConfigNames::EnableEmail => true,
MainConfigNames::EnableUserEmail => true,
] );
$res = $this->doBlock( [ 'noemail' => '' ] );
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_OLD ) {
$this->assertSame( '1', $this->getDb()->newSelectQueryBuilder()
->select( 'ipb_block_email' )
->from( 'ipblocks' )
->where( [ 'ipb_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField() );
}
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_NEW ) {
$this->assertSame( '1', $this->getDb()->newSelectQueryBuilder()
->select( 'bl_block_email' )
->from( 'block' )
->where( [ 'bl_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField() );
}
}
public function testBlockWithProhibitedEmailBlock() {
$this->overrideConfigValues( [
MainConfigNames::EnableEmail => true,
MainConfigNames::EnableUserEmail => true,
MainConfigNames::RevokePermissions => [ 'sysop' => [ 'blockemail' => true ] ],
] );
$this->expectApiErrorCode( 'cantblock-email' );
$this->doBlock( [ 'noemail' => '' ] );
}
public function testBlockWithExpiry() {
$fakeTime = 1616432035;
MWTimestamp::setFakeTime( $fakeTime );
$res = $this->doBlock( [ 'expiry' => '1 day' ] );
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_OLD ) {
$expiry = $this->getDb()->newSelectQueryBuilder()
->select( 'ipb_expiry' )
->from( 'ipblocks' )
->where( [ 'ipb_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField();
}
if ( $this->blockMigrationStage & SCHEMA_COMPAT_WRITE_NEW ) {
$expiry = $this->getDb()->newSelectQueryBuilder()
->select( 'bl_expiry' )
->from( 'block' )
->where( [ 'bl_id' => $res[0]['block']['id'] ] )
->caller( __METHOD__ )->fetchField();
}
$this->assertSame( (int)wfTimestamp( TS_UNIX, $expiry ), $fakeTime + 86400 );
}
public function testBlockWithInvalidExpiry() {
$this->expectApiErrorCode( 'invalidexpiry' );
$this->doBlock( [ 'expiry' => '' ] );
}
public function testBlockWithoutRestrictions() {
$this->doBlock();
$block = $this->blockStore->newFromTarget( $this->mUser->getName() );
$this->assertTrue( $block->isSitewide() );
$this->assertSame( [], $block->getRestrictions() );
}
public function testBlockWithRestrictionsPage() {
$title = 'Foo';
$this->getExistingTestPage( $title );
$this->doBlock( [
'partial' => true,
'pagerestrictions' => $title,
'allowusertalk' => true,
] );
$block = $this->blockStore->newFromTarget( $this->mUser->getName() );
$this->assertFalse( $block->isSitewide() );
$this->assertInstanceOf( PageRestriction::class, $block->getRestrictions()[0] );
$this->assertEquals( $title, $block->getRestrictions()[0]->getTitle()->getText() );
}
public function testBlockWithRestrictionsNamespace() {
$namespace = NS_TALK;
$this->doBlock( [
'partial' => true,
'namespacerestrictions' => $namespace,
'allowusertalk' => true,
] );
$block = $this->blockStore->newFromTarget( $this->mUser->getName() );
$this->assertInstanceOf( NamespaceRestriction::class, $block->getRestrictions()[0] );
$this->assertEquals( $namespace, $block->getRestrictions()[0]->getValue() );
}
public function testBlockWithRestrictionsAction() {
$this->overrideConfigValue(
MainConfigNames::EnablePartialActionBlocks,
true
);
$blockActionInfo = $this->getServiceContainer()->getBlockActionInfo();
$action = 'upload';
$this->doBlock( [
'partial' => true,
'actionrestrictions' => $action,
'allowusertalk' => true,
] );
$block = $this->blockStore->newFromTarget( $this->mUser->getName() );
$this->assertInstanceOf( ActionRestriction::class, $block->getRestrictions()[0] );
$this->assertEquals( $action, $blockActionInfo->getActionFromId( $block->getRestrictions()[0]->getValue() ) );
}
public function testBlockingActionWithNoToken() {
$this->expectApiErrorCode( 'missingparam' );
$this->doApiRequest(
[
'action' => 'block',
'user' => $this->mUser->getName(),
'reason' => 'Some reason',
],
null,
false,
$this->getTestSysop()->getUser()
);
}
public function testBlockWithLargeRange() {
$this->expectApiErrorCode( 'baduser' );
$this->doApiRequestWithToken(
[
'action' => 'block',
'user' => '127.0.0.1/64',
'reason' => 'Some reason',
],
null,
$this->getTestSysop()->getUser()
);
}
public function testBlockingTooManyPageRestrictions() {
$this->expectApiErrorCode( 'toomanyvalues' );
$this->doApiRequestWithToken(
[
'action' => 'block',
'user' => $this->mUser->getName(),
'reason' => 'Some reason',
'partial' => true,
'pagerestrictions' => 'One|Two|Three|Four|Five|Six|Seven|Eight|Nine|Ten|Eleven',
],
null,
$this->getTestSysop()->getUser()
);
}
public function testRangeBlock() {
$this->mUser = $this->getServiceContainer()->getUserFactory()->newFromName( '128.0.0.0/16', UserRigorOptions::RIGOR_NONE );
$this->doBlock();
}
public function testVeryLargeRangeBlock() {
$this->mUser = $this->getServiceContainer()->getUserFactory()->newFromName( '128.0.0.0/1', UserRigorOptions::RIGOR_NONE );
$this->expectApiErrorCode( 'ip_range_toolarge' );
$this->doBlock();
}
public function testBlockByIdReturns() {
// See T189073 and Ifdced735b694b85116cb0e43dadbfa8e4cdb8cab for context
$userId = $this->mUser->getId();
$res = $this->doBlock(
[ 'userid' => $userId ]
);
$blockResult = $res[0]['block'];
$this->assertArrayHasKey( 'user', $blockResult );
$this->assertSame( $this->mUser->getName(), $blockResult['user'] );
$this->assertArrayHasKey( 'userID', $blockResult );
$this->assertSame( $userId, $blockResult['userID'] );
}
}
Reference in a new issue View git blame Copy permalink