Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/includes/api/ApiLogoutTest.php
libraryupgrader 5357695270 build: Updating dependencies 
composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0
  The following sniffs now pass and were enabled:
  * Generic.ControlStructures.InlineControlStructure
  * MediaWiki.PHPUnit.AssertCount.NotUsed

npm:
* svgo: 2.3.0 → 2.3.1
  * https://npmjs.com/advisories/1754 (CVE-2021-33587)

Change-Id: I2a9bbee2fecbf7259876d335f565ece4b3622426
2021-07-22 03:36:05 +00:00

73 lines
1.7 KiB
PHP
Raw Blame History

<?php
/**
* @group API
* @group Database
* @group medium
*
* @covers ApiLogout
*/
class ApiLogoutTest extends ApiTestCase {
protected function setUp(): void {
global $wgRequest;
parent::setUp();
$user = $this->getTestSysop()->getUser();
$wgRequest->getSession()->setUser( $user );
$this->apiContext->setUser( $user );
}
public function testUserLogoutBadToken() {
$user = $this->getTestSysop()->getUser();
$this->setExpectedApiException( 'apierror-badtoken' );
try {
$token = 'invalid token';
$this->doUserLogout( $token, $user );
} finally {
$this->assertTrue( $user->isRegistered(), 'not logged out' );
}
}
public function testUserLogout() {
$user = $this->getTestSysop()->getUser();
$this->assertTrue( $user->isRegistered(), 'sanity check' );
$token = $this->getUserCsrfTokenFromApi( $user );
$this->doUserLogout( $token, $user );
$this->assertFalse( $user->isRegistered() );
}
public function testUserLogoutWithWebToken() {
global $wgRequest;
$user = $this->getTestSysop()->getUser();
$this->assertTrue( $user->isRegistered(), 'sanity check' );
$token = $wgRequest->getSession()->getToken( 'logoutToken' )->toString();
$this->doUserLogout( $token, $user );
$this->assertFalse( $user->isRegistered() );
}
private function getUserCsrfTokenFromApi( User $user ) {
$retToken = $this->doApiRequest( [
'action' => 'query',
'meta' => 'tokens',
'type' => 'csrf'
], null, false, $user );
$this->assertArrayNotHasKey( 'warnings', $retToken );
return $retToken[0]['query']['tokens']['csrftoken'];
}
private function doUserLogout( $logoutToken, User $user ) {
return $this->doApiRequest( [
'action' => 'logout',
'token' => $logoutToken
], null, false, $user );
}
}
Reference in a new issue View git blame Copy permalink