Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/includes/api/ApiCreateAccountTest.php
Brad Jorsch 5083e810eb Remove SessionManager, temporarily 
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.

Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.

This reverts the following commits:
* 6acd424e0d SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8a Close a loophole in CookieSessionProvider
* fcdd643a46 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb7 SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a19 SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d21 RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f677 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b0 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f70 Call session_cache_limiter() before starting a session
* 2c34aeea72 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a5 Ignore auth cookies with value 'deleted'
* 43f904b51a SessionManager: Kill getPersistedSessionId()
* 50c5256352 SessionManager: Add SessionBackend::setProviderMetadata()
* f640d40315 SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78 Do not raise a PHP warning when session write fails
* 722a7331ad Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b SessionManager: Change behavior of getSessionById()
* 66e82e614e Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d9 Add "bot passwords"
* d7716f1df0 Add missing argument for wfDebugLog
* a73c5b7395 Add SessionManager

Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
2016-02-01 22:06:49 +00:00

161 lines
3.8 KiB
PHP
Raw Blame History

<?php
/**
* @group Database
* @group API
* @group medium
*
* @covers ApiCreateAccount
*/
class ApiCreateAccountTest extends ApiTestCase {
protected function setUp() {
parent::setUp();
LoginForm::setCreateaccountToken();
$this->setMwGlobals( array( 'wgEnableEmail' => true ) );
}
/**
* Test the account creation API with a valid request. Also
* make sure the new account can log in and is valid.
*
* This test does multiple API requests so it might end up being
* a bit slow. Raise the default timeout.
* @group medium
*/
public function testValid() {
global $wgServer;
if ( !isset( $wgServer ) ) {
$this->markTestIncomplete( 'This test needs $wgServer to be set in LocalSettings.php' );
}
$password = PasswordFactory::generateRandomPasswordString();
$ret = $this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Apitestnew',
'password' => $password,
'email' => 'test@domain.test',
'realname' => 'Test Name'
) );
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$this->assertNotInternalType( 'null', $result['createaccount'] );
// Should first ask for token.
$a = $result['createaccount'];
$this->assertEquals( 'NeedToken', $a['result'] );
$token = $a['token'];
// Finally create the account
$ret = $this->doApiRequest(
array(
'action' => 'createaccount',
'name' => 'Apitestnew',
'password' => $password,
'token' => $token,
'email' => 'test@domain.test',
'realname' => 'Test Name'
),
$ret[2]
);
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$this->assertEquals( 'Success', $result['createaccount']['result'] );
// Try logging in with the new user.
$ret = $this->doApiRequest( array(
'action' => 'login',
'lgname' => 'Apitestnew',
'lgpassword' => $password,
) );
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$this->assertNotInternalType( 'null', $result['login'] );
$a = $result['login']['result'];
$this->assertEquals( 'NeedToken', $a );
$token = $result['login']['token'];
$ret = $this->doApiRequest(
array(
'action' => 'login',
'lgtoken' => $token,
'lgname' => 'Apitestnew',
'lgpassword' => $password,
),
$ret[2]
);
$result = $ret[0];
$this->assertNotInternalType( 'bool', $result );
$a = $result['login']['result'];
$this->assertEquals( 'Success', $a );
// log out to destroy the session
$ret = $this->doApiRequest(
array(
'action' => 'logout',
),
$ret[2]
);
$this->assertEquals( array(), $ret[0] );
}
/**
* Make sure requests with no names are invalid.
* @expectedException UsageException
*/
public function testNoName() {
$this->doApiRequest( array(
'action' => 'createaccount',
'token' => LoginForm::getCreateaccountToken(),
'password' => 'password',
) );
}
/**
* Make sure requests with no password are invalid.
* @expectedException UsageException
*/
public function testNoPassword() {
$this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'testName',
'token' => LoginForm::getCreateaccountToken(),
) );
}
/**
* Make sure requests with existing users are invalid.
* @expectedException UsageException
*/
public function testExistingUser() {
$this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Apitestsysop',
'token' => LoginForm::getCreateaccountToken(),
'password' => 'password',
'email' => 'test@domain.test',
) );
}
/**
* Make sure requests with invalid emails are invalid.
* @expectedException UsageException
*/
public function testInvalidEmail() {
$this->doApiRequest( array(
'action' => 'createaccount',
'name' => 'Test User',
'token' => LoginForm::getCreateaccountToken(),
'password' => 'password',
'email' => 'invalid',
) );
}
}
Reference in a new issue View git blame Copy permalink