Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/tests/phpunit/unit/includes/user/UserNameUtilsTest.php
Dreamy Jazz 560197c660 Deny temp account autocreation when temp accounts are disabled 
Why:
* When temporary accounts are disabled, no new temporary
  accounts should be created either on edit or through
  a CentralAuth autocreation.
* UserNameUtils::isUsable is used to prevent the
  CentralAuth autocreation making the temporary account
  username not usable for login or account creation.
* However, this check to determine if the name is
  reserved by the temporary user system still considers
  the name as a valid temporary account if the system
  was once enabled (but since disabled).
* This is a bug, and instead if the feature is disabled
  the username should be considered unusable. This then
  prevents the CentralAuth autocreation on a wiki which
  knows the feature but has it disabled.

What:
* Update UserNameUtils::isUsable to return false if
  the name is reserved by the temporary user system
  and TempUserConfig::isEnabled returns false.
* Test this new behaviour with a unit test.

Bug: T370513
Change-Id: I467c39538796a660a7417397c99928a1a25007bc
2024-07-19 16:32:35 +00:00

366 lines
11 KiB
PHP
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
use MediaWiki\MainConfigNames;
use MediaWiki\Tests\Unit\DummyServicesTrait;
use MediaWiki\User\TempUser\RealTempUserConfig;
use MediaWiki\User\UserRigorOptions;
use Psr\Log\LogLevel;
/**
* @covers \MediaWiki\User\UserNameUtils
* @author DannyS712
*/
class UserNameUtilsTest extends MediaWikiUnitTestCase {
use DummyServicesTrait;
/**
* @dataProvider provideIsValid
* @covers \MediaWiki\User\UserNameUtils::isValid
*/
public function testIsValid( string $name, bool $result ) {
$this->assertSame(
$result,
$this->getDummyUserNameUtils()->isValid( $name )
);
}
public static function provideIsValid() {
return [
'Empty string' => [ '', false ],
'Blank space' => [ ' ', false ],
'Starts with small letter' => [ 'abcd', false ],
'Contains slash' => [ 'Ab/cd', false ],
'Whitespace' => [ 'Ab cd', true ],
'IP' => [ '192.168.1.1', false ],
'IP dash range' => [ '111.222.333.444-555.666.777.888', false ],
'IP range' => [ '116.17.184.5/32', false ],
'IPv6 range' => [ '::e:f:2001/96', false ],
'Reserved Namespace' => [ 'User:Abcd', false ],
'Starts with Numbers' => [ '12abcd232', true ],
'Start with ? mark' => [ '?abcd', true ],
'Start with #' => [ '#abcd', false ],
' Mixed scripts' => [ 'Abcdകഖഗഘ', true ],
'ZWNJ- Format control character' => [ 'ജോസ്‌തോമസ്', false ],
' Ideographic space' => [ 'Ab cd', false ],
'Looks too much like an IPv4 address (1)' => [ '300.300.300.300', false ],
'Looks too much like an IPv4 address (2)' => [ '302.113.311.900', false ],
'Reserved for usage by UseMod for cloaked logged-out users' => [ '203.0.113.xxx', false ],
'Disallowed characters' => [ "\u{E000}", false ],
];
}
/**
* @dataProvider provideIsUsable
* @covers \MediaWiki\User\UserNameUtils::isUsable
*/
public function testIsUsable( string $name, bool $result ) {
$utils = $this->getDummyUserNameUtils( [
MainConfigNames::ReservedUsernames => [
'MediaWiki default',
'msg:reserved-user'
],
'textFormatter' => $this->getDummyTextFormatter(),
] );
$this->assertSame(
$result,
$utils->isUsable( $name )
);
}
public static function provideIsUsable() {
return [
'Only valid user names are creatable' => [ '', false ],
'Reserved names cannot be used' => [ 'MediaWiki default', false ],
'Names can also be reserved via msg: ' => [ 'reserved-user', false ],
'User names with no issues can be used' => [ 'FooBar', true ],
'Reserved temp users' => [ '!Unregistered 1234', false ],
'Real temp users' => [ '*Unregistered 1234', true ],
];
}
public function testIsUsableForTemporaryAccountWhenFeatureIsKnownButDisabled() {
$utils = $this->getDummyUserNameUtils( [
'tempUserConfig' => new RealTempUserConfig( [
'enabled' => false,
'known' => true,
'expireAfterDays' => null,
'actions' => [ 'edit' ],
'serialProvider' => [ 'type' => 'local' ],
'serialMapping' => [ 'type' => 'plain-numeric' ],
'reservedPattern' => '!$1',
'matchPattern' => '*$1',
'genPattern' => '*Unregistered $1'
] ),
] );
$this->assertFalse(
$utils->isUsable( '*Unregistered 1234' ),
'::isUsable should return false for a valid temporary account ' .
'when TempUserConfig::isEnabled is false and TempUserConfig::isKnown is true'
);
}
/**
* @covers \MediaWiki\User\UserNameUtils::isCreatable
*/
public function testIsCreatable() {
$logger = new TestLogger( true, static function ( $message ) {
$message = str_replace(
'MediaWiki\\User\\UserNameUtils::isCreatable: ',
'',
$message
);
return $message;
} );
$utils = $this->getDummyUserNameUtils( [
'logger' => $logger,
] );
$longUserName = str_repeat( 'q', 1000 );
$this->assertFalse(
$utils->isCreatable( $longUserName ),
'longUserName is too long'
);
$this->assertSame( [
[ LogLevel::DEBUG, "'$longUserName' uncreatable due to length" ],
], $logger->getBuffer() );
$logger->clearBuffer();
$atUserName = 'Foo@Bar';
$this->assertFalse(
$utils->isCreatable( $atUserName ),
'User name contains invalid character'
);
$this->assertSame( [
[ LogLevel::DEBUG, "'$atUserName' uncreatable due to wgInvalidUsernameCharacters" ],
], $logger->getBuffer() );
$logger->clearBuffer();
$this->assertTrue(
$utils->isCreatable( 'FooBar' ),
'User names with no issues can be created'
);
$tempUserName = '*Unregistered 1234';
$this->assertFalse(
$utils->isCreatable( $tempUserName ),
'UI account creation with the temp user prefix needs to be prevented'
);
}
/**
* @dataProvider provideGetCanonical
* @covers \MediaWiki\User\UserNameUtils::getCanonical
*/
public function testGetCanonical( string $name, array $expectedArray ) {
$utils = $this->getDummyUserNameUtils();
foreach ( $expectedArray as $validate => $expected ) {
$this->assertSame(
$expected,
$utils->getCanonical( $name, $validate ),
"Validating '$name' with level '$validate' should be '$expected'"
);
}
}
public static function provideGetCanonical() {
return [
'Normal name' => [
'Normal name',
[
UserRigorOptions::RIGOR_CREATABLE => 'Normal name',
UserRigorOptions::RIGOR_USABLE => 'Normal name',
UserRigorOptions::RIGOR_VALID => 'Normal name',
UserRigorOptions::RIGOR_NONE => 'Normal name'
]
],
'Leading space' => [
' Leading space',
[ UserRigorOptions::RIGOR_CREATABLE => 'Leading space' ]
],
'Trailing space' => [
'Trailing space ',
[ UserRigorOptions::RIGOR_CREATABLE => 'Trailing space' ]
],
'Subject namespace prefix' => [
'User:Username',
[
UserRigorOptions::RIGOR_NONE => 'Username'
]
],
'Talk namespace prefix' => [
'Talk:Username',
[
UserRigorOptions::RIGOR_CREATABLE => false,
UserRigorOptions::RIGOR_USABLE => false,
UserRigorOptions::RIGOR_VALID => false,
UserRigorOptions::RIGOR_NONE => 'Talk:Username'
]
],
'With hash' => [
'name with # hash',
[
UserRigorOptions::RIGOR_CREATABLE => false,
UserRigorOptions::RIGOR_USABLE => false
]
],
'Multi spaces' => [
'Multi spaces',
[
UserRigorOptions::RIGOR_CREATABLE => 'Multi spaces',
UserRigorOptions::RIGOR_USABLE => 'Multi spaces'
]
],
'Lowercase' => [
'lowercase',
[ UserRigorOptions::RIGOR_CREATABLE => 'Lowercase' ]
],
'Invalid character' => [
'in[]valid',
[
UserRigorOptions::RIGOR_CREATABLE => false,
UserRigorOptions::RIGOR_USABLE => false,
UserRigorOptions::RIGOR_VALID => false,
UserRigorOptions::RIGOR_NONE => 'In[]valid'
]
],
'With slash' => [
'with / slash',
[
UserRigorOptions::RIGOR_CREATABLE => false,
UserRigorOptions::RIGOR_USABLE => false,
UserRigorOptions::RIGOR_VALID => false,
UserRigorOptions::RIGOR_NONE => 'With / slash'
]
],
// 'interwiki' is a valid interwiki prefix, per configuration of the
// title formatter in DummyServicesTrait::getDummyUserNameUtils()
'Interwiki prefix in username' => [
'interwiki:Username',
[
UserRigorOptions::RIGOR_CREATABLE => false,
UserRigorOptions::RIGOR_USABLE => false,
UserRigorOptions::RIGOR_VALID => false,
UserRigorOptions::RIGOR_NONE => 'Interwiki:Username'
]
],
];
}
/**
* @covers \MediaWiki\User\UserNameUtils::getCanonical
*/
public function testGetCanonical_bad() {
$this->expectException( InvalidArgumentException::class );
$this->expectExceptionMessage( 'Invalid parameter value for validation' );
$this->getDummyUserNameUtils()->getCanonical( 'ValidName', 'InvalidValidationValue' );
}
/**
* @dataProvider provideIPs
* @covers \MediaWiki\User\UserNameUtils::isIP
*/
public function testIsIP( string $value, bool $result ) {
$utils = $this->getDummyUserNameUtils();
$this->assertSame(
$result,
$utils->isIP( $value )
);
}
public static function provideIPs() {
return [
'Empty string' => [ '', false ],
'Blank space' => [ ' ', false ],
'IPv4 private 10/8 (1)' => [ '10.0.0.0', true ],
'IPv4 private 10/8 (2)' => [ '10.255.255.255', true ],
'IPv4 private 192.168/16' => [ '192.168.1.1', true ],
'IPv4 example' => [ '203.0.113.0', true ],
'IPv6 example' => [ '2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff', true ],
// Not valid IPs but classified as such by MediaWiki for negated asserting
// of whether this might be the identifier of a logged-out user or whether
// to allow usernames like it.
'Looks too much like an IPv4 address' => [ '300.300.300.300', true ],
'Assigned by UseMod to cloaked logged-out users' => [ '203.0.113.xxx', true ],
'Does not accept IPv4 ranges' => [ '74.24.52.13/20', false ],
'Does not accept IPv6 ranges' => [ 'fc:100:a:d:1:e:ac:0/24', false ],
];
}
/**
* @dataProvider provideIPRanges
* @covers \MediaWiki\User\UserNameUtils::isValidIPRange
*/
public function testIsValidIPRange( $value, $result ) {
$utils = $this->getDummyUserNameUtils();
$this->assertSame(
$result,
$utils->isValidIPRange( $value )
);
}
public static function provideIPRanges() {
return [
[ '116.17.184.5/32', true ],
[ '0.17.184.5/30', true ],
[ '16.17.184.1/24', true ],
[ '30.242.52.14/1', true ],
[ '10.232.52.13/8', true ],
[ '30.242.52.14/0', true ],
[ '::e:f:2001/96', true ],
[ '::c:f:2001/128', true ],
[ '::10:f:2001/70', true ],
[ '::fe:f:2001/1', true ],
[ '::6d:f:2001/8', true ],
[ '::fe:f:2001/0', true ],
[ '116.17.184.5/33', false ],
[ '0.17.184.5/130', false ],
[ '16.17.184.1/-1', false ],
[ '10.232.52.13/*', false ],
[ '7.232.52.13/ab', false ],
[ '11.232.52.13/', false ],
[ '::e:f:2001/129', false ],
[ '::c:f:2001/228', false ],
[ '::10:f:2001/-1', false ],
[ '::6d:f:2001/*', false ],
[ '::86:f:2001/ab', false ],
[ '::23:f:2001/', false ]
];
}
/**
* @dataProvider provideIPv4DashRanges
* @covers \MediaWiki\User\UserNameUtils::isLikeIPv4DashRange
*/
public function testIsLikeIPv4DashRange( $value, $result ) {
$utils = $this->getDummyUserNameUtils();
$this->assertSame(
$result,
$utils->isLikeIPv4DashRange( $value )
);
}
public static function provideIPv4DashRanges() {
return [
[ '1.2.3.4-5.6.7.8', true ],
[ '111.222.333.444-555.666.777.888', true ],
[ '128.128.128.0-128.128.128.1', true ],
[ '255.255.255.50-255.255.255.254', true ],
[ 'User 1.2.3.4-5.6.7.8', false ],
[ 'A string', false ]
];
}
public function testIsTemp() {
$utils = $this->getDummyUserNameUtils();
$this->assertFalse( $utils->isTemp( 'Some user' ) );
$this->assertTrue( $utils->isTemp( '*Unregistered 1234' ) );
$this->assertTrue( $utils->isTemp( '*1234' ) );
}
public function testGetTempPlaceholder() {
$utils = $this->getDummyUserNameUtils();
$name = $utils->getTempPlaceholder();
$this->assertSame( '*Unregistered *', $name );
}
}
Reference in a new issue View git blame Copy permalink