MediaWiki REL1_30
TitlePermissionTest.php
Go to the documentation of this file.
1<?php
2
9class TitlePermissionTest extends MediaWikiLangTestCase {
10
14 protected $userName, $altUserName;
15
19 protected $title;
20
24 protected $user, $anonUser, $userUser, $altUser;
25
26 protected function setUp() {
27 parent::setUp();
28
29 $localZone = 'UTC';
30 $localOffset = date( 'Z' ) / 60;
31
32 $this->setMwGlobals( [
33 'wgLocaltimezone' => $localZone,
34 'wgLocalTZoffset' => $localOffset,
35 'wgNamespaceProtection' => [
36 NS_MEDIAWIKI => 'editinterface',
37 ],
38 ] );
39 // Without this testUserBlock will use a non-English context on non-English MediaWiki
40 // installations (because of how Title::checkUserBlock is implemented) and fail.
41 RequestContext::resetMain();
42
43 $this->userName = 'Useruser';
44 $this->altUserName = 'Altuseruser';
45 date_default_timezone_set( $localZone );
46
47 $this->title = Title::makeTitle( NS_MAIN, "Main Page" );
48 if ( !isset( $this->userUser ) || !( $this->userUser instanceof User ) ) {
49 $this->userUser = User::newFromName( $this->userName );
50
51 if ( !$this->userUser->getId() ) {
52 $this->userUser = User::createNew( $this->userName, [
53 "email" => "test@example.com",
54 "real_name" => "Test User" ] );
55 $this->userUser->load();
56 }
57
58 $this->altUser = User::newFromName( $this->altUserName );
59 if ( !$this->altUser->getId() ) {
60 $this->altUser = User::createNew( $this->altUserName, [
61 "email" => "alttest@example.com",
62 "real_name" => "Test User Alt" ] );
63 $this->altUser->load();
64 }
65
66 $this->anonUser = User::newFromId( 0 );
67
68 $this->user = $this->userUser;
69 }
70 }
71
72 protected function setUserPerm( $perm ) {
73 // Setting member variables is evil!!!
74
75 if ( is_array( $perm ) ) {
76 $this->user->mRights = $perm;
77 } else {
78 $this->user->mRights = [ $perm ];
79 }
80 }
81
82 protected function setTitle( $ns, $title = "Main_Page" ) {
83 $this->title = Title::makeTitle( $ns, $title );
84 }
85
86 protected function setUser( $userName = null ) {
87 if ( $userName === 'anon' ) {
88 $this->user = $this->anonUser;
89 } elseif ( $userName === null || $userName === $this->userName ) {
90 $this->user = $this->userUser;
91 } else {
92 $this->user = $this->altUser;
93 }
94 }
95
100 public function testQuickPermissions() {
101 global $wgContLang;
102 $prefix = $wgContLang->getFormattedNsText( NS_PROJECT );
103
104 $this->setUser( 'anon' );
105 $this->setTitle( NS_TALK );
106 $this->setUserPerm( "createtalk" );
107 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
108 $this->assertEquals( [], $res );
109
110 $this->setTitle( NS_TALK );
111 $this->setUserPerm( "createpage" );
112 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
113 $this->assertEquals( [ [ "nocreatetext" ] ], $res );
114
115 $this->setTitle( NS_TALK );
116 $this->setUserPerm( "" );
117 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
118 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
119
120 $this->setTitle( NS_MAIN );
121 $this->setUserPerm( "createpage" );
122 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
123 $this->assertEquals( [], $res );
124
125 $this->setTitle( NS_MAIN );
126 $this->setUserPerm( "createtalk" );
127 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
128 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
129
130 $this->setUser( $this->userName );
131 $this->setTitle( NS_TALK );
132 $this->setUserPerm( "createtalk" );
133 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
134 $this->assertEquals( [], $res );
135
136 $this->setTitle( NS_TALK );
137 $this->setUserPerm( "createpage" );
138 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
139 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
140
141 $this->setTitle( NS_TALK );
142 $this->setUserPerm( "" );
143 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
144 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
145
146 $this->setTitle( NS_MAIN );
147 $this->setUserPerm( "createpage" );
148 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
149 $this->assertEquals( [], $res );
150
151 $this->setTitle( NS_MAIN );
152 $this->setUserPerm( "createtalk" );
153 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
154 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
155
156 $this->setTitle( NS_MAIN );
157 $this->setUserPerm( "" );
158 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
159 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
160
161 $this->setUser( 'anon' );
162 $this->setTitle( NS_USER, $this->userName . '' );
163 $this->setUserPerm( "" );
164 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
165 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
166
167 $this->setTitle( NS_USER, $this->userName . '/subpage' );
168 $this->setUserPerm( "" );
169 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
170 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
171
172 $this->setTitle( NS_USER, $this->userName . '' );
173 $this->setUserPerm( "move-rootuserpages" );
174 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
175 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
176
177 $this->setTitle( NS_USER, $this->userName . '/subpage' );
178 $this->setUserPerm( "move-rootuserpages" );
179 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
180 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
181
182 $this->setTitle( NS_USER, $this->userName . '' );
183 $this->setUserPerm( "" );
184 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
185 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
186
187 $this->setTitle( NS_USER, $this->userName . '/subpage' );
188 $this->setUserPerm( "" );
189 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
190 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
191
192 $this->setTitle( NS_USER, $this->userName . '' );
193 $this->setUserPerm( "move-rootuserpages" );
194 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
195 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
196
197 $this->setTitle( NS_USER, $this->userName . '/subpage' );
198 $this->setUserPerm( "move-rootuserpages" );
199 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
200 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
201
202 $this->setUser( $this->userName );
203 $this->setTitle( NS_FILE, "img.png" );
204 $this->setUserPerm( "" );
205 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
206 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
207
208 $this->setTitle( NS_FILE, "img.png" );
209 $this->setUserPerm( "movefile" );
210 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
211 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
212
213 $this->setUser( 'anon' );
214 $this->setTitle( NS_FILE, "img.png" );
215 $this->setUserPerm( "" );
216 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
217 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
218
219 $this->setTitle( NS_FILE, "img.png" );
220 $this->setUserPerm( "movefile" );
221 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
222 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
223
224 $this->setUser( $this->userName );
225 $this->setUserPerm( "move" );
226 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
227
228 $this->setUserPerm( "" );
229 $this->runGroupPermissions(
230 'move',
231 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
232 );
233
234 $this->setUser( 'anon' );
235 $this->setUserPerm( "move" );
236 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
237
238 $this->setUserPerm( "" );
239 $this->runGroupPermissions(
240 'move',
241 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
242 [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
243 );
244
245 if ( $this->isWikitextNS( NS_MAIN ) ) {
246 // NOTE: some content models don't allow moving
247 // @todo find a Wikitext namespace for testing
248
249 $this->setTitle( NS_MAIN );
250 $this->setUser( 'anon' );
251 $this->setUserPerm( "move" );
252 $this->runGroupPermissions( 'move', [] );
253
254 $this->setUserPerm( "" );
255 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
256 [ [ 'movenologintext' ] ] );
257
258 $this->setUser( $this->userName );
259 $this->setUserPerm( "" );
260 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
261
262 $this->setUserPerm( "move" );
263 $this->runGroupPermissions( 'move', [] );
264
265 $this->setUser( 'anon' );
266 $this->setUserPerm( 'move' );
267 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
268 $this->assertEquals( [], $res );
269
270 $this->setUserPerm( '' );
271 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
272 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
273 }
274
275 $this->setTitle( NS_USER );
276 $this->setUser( $this->userName );
277 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
278 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
279 $this->assertEquals( [], $res );
280
281 $this->setUserPerm( "move" );
282 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
283 $this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
284
285 $this->setUser( 'anon' );
286 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
287 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
288 $this->assertEquals( [], $res );
289
290 $this->setTitle( NS_USER, "User/subpage" );
291 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
292 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
293 $this->assertEquals( [], $res );
294
295 $this->setUserPerm( "move" );
296 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
297 $this->assertEquals( [], $res );
298
299 $this->setUser( 'anon' );
300 $check = [
301 'edit' => [
302 [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ] ],
303 [ [ 'badaccess-group0' ] ],
304 [],
305 true
306 ],
307 'protect' => [
308 [ [
309 'badaccess-groups',
310 "[[$prefix:Administrators|Administrators]]", 1 ],
311 [ 'protect-cantedit'
312 ] ],
313 [ [ 'badaccess-group0' ], [ 'protect-cantedit' ] ],
314 [ [ 'protect-cantedit' ] ],
315 false
316 ],
317 '' => [ [], [], [], true ]
318 ];
319
320 foreach ( [ "edit", "protect", "" ] as $action ) {
321 $this->setUserPerm( null );
322 $this->assertEquals( $check[$action][0],
323 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
324 $this->assertEquals( $check[$action][0],
325 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
326 $this->assertEquals( $check[$action][0],
327 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
328
329 global $wgGroupPermissions;
330 $old = $wgGroupPermissions;
331 $wgGroupPermissions = [];
332
333 $this->assertEquals( $check[$action][1],
334 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
335 $this->assertEquals( $check[$action][1],
336 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
337 $this->assertEquals( $check[$action][1],
338 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
339 $wgGroupPermissions = $old;
340
341 $this->setUserPerm( $action );
342 $this->assertEquals( $check[$action][2],
343 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
344 $this->assertEquals( $check[$action][2],
345 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
346 $this->assertEquals( $check[$action][2],
347 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
348
349 $this->setUserPerm( $action );
350 $this->assertEquals( $check[$action][3],
351 $this->title->userCan( $action, $this->user, true ) );
352 $this->assertEquals( $check[$action][3],
353 $this->title->quickUserCan( $action, $this->user ) );
354 # count( User::getGroupsWithPermissions( $action ) ) < 1
355 }
356 }
357
358 protected function runGroupPermissions( $action, $result, $result2 = null ) {
359 global $wgGroupPermissions;
360
361 if ( $result2 === null ) {
362 $result2 = $result;
363 }
364
365 $wgGroupPermissions['autoconfirmed']['move'] = false;
366 $wgGroupPermissions['user']['move'] = false;
367 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
368 $this->assertEquals( $result, $res );
369
370 $wgGroupPermissions['autoconfirmed']['move'] = true;
371 $wgGroupPermissions['user']['move'] = false;
372 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
373 $this->assertEquals( $result2, $res );
374
375 $wgGroupPermissions['autoconfirmed']['move'] = true;
376 $wgGroupPermissions['user']['move'] = true;
377 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
378 $this->assertEquals( $result2, $res );
379
380 $wgGroupPermissions['autoconfirmed']['move'] = false;
381 $wgGroupPermissions['user']['move'] = true;
382 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
383 $this->assertEquals( $result2, $res );
384 }
385
390 public function testSpecialsAndNSPermissions() {
391 global $wgNamespaceProtection;
392 $this->setUser( $this->userName );
393
394 $this->setTitle( NS_SPECIAL );
395
396 $this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
397 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
398
399 $this->setTitle( NS_MAIN );
400 $this->setUserPerm( 'bogus' );
401 $this->assertEquals( [],
402 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
403
404 $this->setTitle( NS_MAIN );
405 $this->setUserPerm( '' );
406 $this->assertEquals( [ [ 'badaccess-group0' ] ],
407 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
408
409 $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
410
411 $this->setTitle( NS_USER );
412 $this->setUserPerm( '' );
413 $this->assertEquals( [ [ 'badaccess-group0' ],
414 [ 'namespaceprotected', 'User', 'bogus' ] ],
415 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
416
417 $this->setTitle( NS_MEDIAWIKI );
418 $this->setUserPerm( 'bogus' );
419 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
420 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
421
422 $this->setTitle( NS_MEDIAWIKI );
423 $this->setUserPerm( 'bogus' );
424 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
425 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
426
427 $wgNamespaceProtection = null;
428
429 $this->setUserPerm( 'bogus' );
430 $this->assertEquals( [],
431 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
432 $this->assertEquals( true,
433 $this->title->userCan( 'bogus', $this->user ) );
434
435 $this->setUserPerm( '' );
436 $this->assertEquals( [ [ 'badaccess-group0' ] ],
437 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
438 $this->assertEquals( false,
439 $this->title->userCan( 'bogus', $this->user ) );
440 }
441
446 public function testCssAndJavascriptPermissions() {
447 $this->setUser( $this->userName );
448
449 $this->setTitle( NS_USER, $this->userName . '/test.js' );
450 $this->runCSSandJSPermissions(
451 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
452 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
453 [ [ 'badaccess-group0' ] ],
454 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
455 [ [ 'badaccess-group0' ] ]
456 );
457
458 $this->setTitle( NS_USER, $this->userName . '/test.css' );
459 $this->runCSSandJSPermissions(
460 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
461 [ [ 'badaccess-group0' ] ],
462 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
463 [ [ 'badaccess-group0' ] ],
464 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ]
465 );
466
467 $this->setTitle( NS_USER, $this->altUserName . '/test.js' );
468 $this->runCSSandJSPermissions(
469 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
470 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
471 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
472 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
473 [ [ 'badaccess-group0' ] ]
474 );
475
476 $this->setTitle( NS_USER, $this->altUserName . '/test.css' );
477 $this->runCSSandJSPermissions(
478 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
479 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
480 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
481 [ [ 'badaccess-group0' ] ],
482 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ]
483 );
484
485 $this->setTitle( NS_USER, $this->altUserName . '/tempo' );
486 $this->runCSSandJSPermissions(
487 [ [ 'badaccess-group0' ] ],
488 [ [ 'badaccess-group0' ] ],
489 [ [ 'badaccess-group0' ] ],
490 [ [ 'badaccess-group0' ] ],
491 [ [ 'badaccess-group0' ] ]
492 );
493 }
494
495 protected function runCSSandJSPermissions( $result0, $result1, $result2, $result3, $result4 ) {
496 $this->setUserPerm( '' );
497 $this->assertEquals( $result0,
498 $this->title->getUserPermissionsErrors( 'bogus',
499 $this->user ) );
500
501 $this->setUserPerm( 'editmyusercss' );
502 $this->assertEquals( $result1,
503 $this->title->getUserPermissionsErrors( 'bogus',
504 $this->user ) );
505
506 $this->setUserPerm( 'editmyuserjs' );
507 $this->assertEquals( $result2,
508 $this->title->getUserPermissionsErrors( 'bogus',
509 $this->user ) );
510
511 $this->setUserPerm( 'editusercss' );
512 $this->assertEquals( $result3,
513 $this->title->getUserPermissionsErrors( 'bogus',
514 $this->user ) );
515
516 $this->setUserPerm( 'edituserjs' );
517 $this->assertEquals( $result4,
518 $this->title->getUserPermissionsErrors( 'bogus',
519 $this->user ) );
520
521 $this->setUserPerm( [ 'edituserjs', 'editusercss' ] );
522 $this->assertEquals( [ [ 'badaccess-group0' ] ],
523 $this->title->getUserPermissionsErrors( 'bogus',
524 $this->user ) );
525 }
526
531 public function testPageRestrictions() {
532 global $wgContLang;
533
534 $prefix = $wgContLang->getFormattedNsText( NS_PROJECT );
535
536 $this->setTitle( NS_MAIN );
537 $this->title->mRestrictionsLoaded = true;
538 $this->setUserPerm( "edit" );
539 $this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
540
541 $this->assertEquals( [],
542 $this->title->getUserPermissionsErrors( 'edit',
543 $this->user ) );
544
545 $this->assertEquals( true,
546 $this->title->quickUserCan( 'edit', $this->user ) );
547 $this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
548 "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
549
550 $this->assertEquals( [ [ 'badaccess-group0' ],
551 [ 'protectedpagetext', 'bogus', 'bogus' ],
552 [ 'protectedpagetext', 'editprotected', 'bogus' ],
553 [ 'protectedpagetext', 'protect', 'bogus' ] ],
554 $this->title->getUserPermissionsErrors( 'bogus',
555 $this->user ) );
556 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
557 [ 'protectedpagetext', 'editprotected', 'edit' ],
558 [ 'protectedpagetext', 'protect', 'edit' ] ],
559 $this->title->getUserPermissionsErrors( 'edit',
560 $this->user ) );
561 $this->setUserPerm( "" );
562 $this->assertEquals( [ [ 'badaccess-group0' ],
563 [ 'protectedpagetext', 'bogus', 'bogus' ],
564 [ 'protectedpagetext', 'editprotected', 'bogus' ],
565 [ 'protectedpagetext', 'protect', 'bogus' ] ],
566 $this->title->getUserPermissionsErrors( 'bogus',
567 $this->user ) );
568 $this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
569 [ 'protectedpagetext', 'bogus', 'edit' ],
570 [ 'protectedpagetext', 'editprotected', 'edit' ],
571 [ 'protectedpagetext', 'protect', 'edit' ] ],
572 $this->title->getUserPermissionsErrors( 'edit',
573 $this->user ) );
574 $this->setUserPerm( [ "edit", "editprotected" ] );
575 $this->assertEquals( [ [ 'badaccess-group0' ],
576 [ 'protectedpagetext', 'bogus', 'bogus' ],
577 [ 'protectedpagetext', 'protect', 'bogus' ] ],
578 $this->title->getUserPermissionsErrors( 'bogus',
579 $this->user ) );
580 $this->assertEquals( [
581 [ 'protectedpagetext', 'bogus', 'edit' ],
582 [ 'protectedpagetext', 'protect', 'edit' ] ],
583 $this->title->getUserPermissionsErrors( 'edit',
584 $this->user ) );
585
586 $this->title->mCascadeRestriction = true;
587 $this->setUserPerm( "edit" );
588 $this->assertEquals( false,
589 $this->title->quickUserCan( 'bogus', $this->user ) );
590 $this->assertEquals( false,
591 $this->title->quickUserCan( 'edit', $this->user ) );
592 $this->assertEquals( [ [ 'badaccess-group0' ],
593 [ 'protectedpagetext', 'bogus', 'bogus' ],
594 [ 'protectedpagetext', 'editprotected', 'bogus' ],
595 [ 'protectedpagetext', 'protect', 'bogus' ] ],
596 $this->title->getUserPermissionsErrors( 'bogus',
597 $this->user ) );
598 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
599 [ 'protectedpagetext', 'editprotected', 'edit' ],
600 [ 'protectedpagetext', 'protect', 'edit' ] ],
601 $this->title->getUserPermissionsErrors( 'edit',
602 $this->user ) );
603
604 $this->setUserPerm( [ "edit", "editprotected" ] );
605 $this->assertEquals( false,
606 $this->title->quickUserCan( 'bogus', $this->user ) );
607 $this->assertEquals( false,
608 $this->title->quickUserCan( 'edit', $this->user ) );
609 $this->assertEquals( [ [ 'badaccess-group0' ],
610 [ 'protectedpagetext', 'bogus', 'bogus' ],
611 [ 'protectedpagetext', 'protect', 'bogus' ],
612 [ 'protectedpagetext', 'protect', 'bogus' ] ],
613 $this->title->getUserPermissionsErrors( 'bogus',
614 $this->user ) );
615 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
616 [ 'protectedpagetext', 'protect', 'edit' ],
617 [ 'protectedpagetext', 'protect', 'edit' ] ],
618 $this->title->getUserPermissionsErrors( 'edit',
619 $this->user ) );
620 }
621
622 public function testCascadingSourcesRestrictions() {
623 $this->setTitle( NS_MAIN, "test page" );
624 $this->setUserPerm( [ "edit", "bogus" ] );
625
626 $this->title->mCascadeSources = [
627 Title::makeTitle( NS_MAIN, "Bogus" ),
628 Title::makeTitle( NS_MAIN, "UnBogus" )
629 ];
630 $this->title->mCascadingRestrictions = [
631 "bogus" => [ 'bogus', "sysop", "protect", "" ]
632 ];
633
634 $this->assertEquals( false,
635 $this->title->userCan( 'bogus', $this->user ) );
636 $this->assertEquals( [
637 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
638 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
639 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
640 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
641
642 $this->assertEquals( true,
643 $this->title->userCan( 'edit', $this->user ) );
644 $this->assertEquals( [],
645 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
646 }
647
652 public function testActionPermissions() {
653 $this->setUserPerm( [ "createpage" ] );
654 $this->setTitle( NS_MAIN, "test page" );
655 $this->title->mTitleProtection['permission'] = '';
656 $this->title->mTitleProtection['user'] = $this->user->getId();
657 $this->title->mTitleProtection['expiry'] = 'infinity';
658 $this->title->mTitleProtection['reason'] = 'test';
659 $this->title->mCascadeRestriction = false;
660
661 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
662 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
663 $this->assertEquals( false,
664 $this->title->userCan( 'create', $this->user ) );
665
666 $this->title->mTitleProtection['permission'] = 'editprotected';
667 $this->setUserPerm( [ 'createpage', 'protect' ] );
668 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
669 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
670 $this->assertEquals( false,
671 $this->title->userCan( 'create', $this->user ) );
672
673 $this->setUserPerm( [ 'createpage', 'editprotected' ] );
674 $this->assertEquals( [],
675 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
676 $this->assertEquals( true,
677 $this->title->userCan( 'create', $this->user ) );
678
679 $this->setUserPerm( [ 'createpage' ] );
680 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
681 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
682 $this->assertEquals( false,
683 $this->title->userCan( 'create', $this->user ) );
684
685 $this->setTitle( NS_MEDIA, "test page" );
686 $this->setUserPerm( [ "move" ] );
687 $this->assertEquals( false,
688 $this->title->userCan( 'move', $this->user ) );
689 $this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
690 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
691
692 $this->setTitle( NS_HELP, "test page" );
693 $this->assertEquals( [],
694 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
695 $this->assertEquals( true,
696 $this->title->userCan( 'move', $this->user ) );
697
698 $this->title->mInterwiki = "no";
699 $this->assertEquals( [ [ 'immobile-source-page' ] ],
700 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
701 $this->assertEquals( false,
702 $this->title->userCan( 'move', $this->user ) );
703
704 $this->setTitle( NS_MEDIA, "test page" );
705 $this->assertEquals( false,
706 $this->title->userCan( 'move-target', $this->user ) );
707 $this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
708 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
709
710 $this->setTitle( NS_HELP, "test page" );
711 $this->assertEquals( [],
712 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
713 $this->assertEquals( true,
714 $this->title->userCan( 'move-target', $this->user ) );
715
716 $this->title->mInterwiki = "no";
717 $this->assertEquals( [ [ 'immobile-target-page' ] ],
718 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
719 $this->assertEquals( false,
720 $this->title->userCan( 'move-target', $this->user ) );
721 }
722
723 public function testUserBlock() {
724 $this->setMwGlobals( [
725 'wgEmailConfirmToEdit' => true,
726 'wgEmailAuthentication' => true,
727 ] );
728
729 $this->setUserPerm( [ "createpage", "move" ] );
730 $this->setTitle( NS_HELP, "test page" );
731
732 # $wgEmailConfirmToEdit only applies to 'edit' action
733 $this->assertEquals( [],
734 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
735 $this->assertContains( [ 'confirmedittext' ],
736 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
737
738 $this->setMwGlobals( 'wgEmailConfirmToEdit', false );
739 $this->assertNotContains( [ 'confirmedittext' ],
740 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
741
742 # $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
743 $this->assertEquals( [],
744 $this->title->getUserPermissionsErrors( 'move-target',
745 $this->user ) );
746
747 global $wgLang;
748 $prev = time();
749 $now = time() + 120;
750 $this->user->mBlockedby = $this->user->getId();
751 $this->user->mBlock = new Block( [
752 'address' => '127.0.8.1',
753 'by' => $this->user->getId(),
754 'reason' => 'no reason given',
755 'timestamp' => $prev + 3600,
756 'auto' => true,
757 'expiry' => 0
758 ] );
759 $this->user->mBlock->mTimestamp = 0;
760 $this->assertEquals( [ [ 'autoblockedtext',
761 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
762 'Useruser', null, 'infinite', '127.0.8.1',
763 $wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
764 $this->title->getUserPermissionsErrors( 'move-target',
765 $this->user ) );
766
767 $this->assertEquals( false, $this->title->userCan( 'move-target', $this->user ) );
768 // quickUserCan should ignore user blocks
769 $this->assertEquals( true, $this->title->quickUserCan( 'move-target', $this->user ) );
770
771 global $wgLocalTZoffset;
772 $wgLocalTZoffset = -60;
773 $this->user->mBlockedby = $this->user->getName();
774 $this->user->mBlock = new Block( [
775 'address' => '127.0.8.1',
776 'by' => $this->user->getId(),
777 'reason' => 'no reason given',
778 'timestamp' => $now,
779 'auto' => false,
780 'expiry' => 10,
781 ] );
782 $this->assertEquals( [ [ 'blockedtext',
783 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
784 'Useruser', null, '23:00, 31 December 1969', '127.0.8.1',
785 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
786 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
787 # $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
788 # $user->blockedFor() == ''
789 # $user->mBlock->mExpiry == 'infinity'
790
791 $this->user->mBlockedby = $this->user->getName();
792 $this->user->mBlock = new Block( [
793 'address' => '127.0.8.1',
794 'by' => $this->user->getId(),
795 'reason' => 'no reason given',
796 'timestamp' => $now,
797 'auto' => false,
798 'expiry' => 10,
799 'systemBlock' => 'test',
800 ] );
801 $this->assertEquals( [ [ 'systemblockedtext',
802 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
803 'Useruser', 'test', '23:00, 31 December 1969', '127.0.8.1',
804 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
805 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
806 }
807}
$wgNamespaceProtection
$wgNamespaceProtection
Set the minimum permissions required to edit pages in each namespace.
Definition DefaultSettings.php:5357
$wgGroupPermissions
$wgGroupPermissions
Permission keys given to users in each group.
Definition DefaultSettings.php:5129
$wgLocalTZoffset
$wgLocalTZoffset
Set an offset from UTC in minutes to use for the default timezone setting for anonymous users and new...
Definition DefaultSettings.php:3142
wfTimestamp
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition GlobalFunctions.php:2041
MediaWikiLangTestCase
Base class that store and restore the Language objects.
Definition MediaWikiLangTestCase.php:6
MediaWikiTestCase\setMwGlobals
setMwGlobals( $pairs, $value=null)
Sets a global, maintaining a stashed version of the previous global to be restored in tearDown.
Definition MediaWikiTestCase.php:672
MediaWikiTestCase\isWikitextNS
isWikitextNS( $ns)
Returns true if the given namespace defaults to Wikitext according to $wgNamespaceContentModels.
Definition MediaWikiTestCase.php:1676
RequestContext\resetMain
static resetMain()
Resets singleton returned by getMain().
Definition RequestContext.php:496
TitlePermissionTest\setTitle
setTitle( $ns, $title="Main_Page")
Definition TitlePermissionTest.php:82
TitlePermissionTest\runCSSandJSPermissions
runCSSandJSPermissions( $result0, $result1, $result2, $result3, $result4)
Definition TitlePermissionTest.php:495
TitlePermissionTest\runGroupPermissions
runGroupPermissions( $action, $result, $result2=null)
Definition TitlePermissionTest.php:358
Title
Represents a title within MediaWiki.
Definition Title.php:39
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:51
$res
$res
Definition database.txt:21
$wgContLang
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as and the local content language as $wgContLang
Definition design.txt:57
$wgLang
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as $wgLang
Definition design.txt:56
$result
namespace being checked & $result
Definition hooks.txt:2293
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition hooks.txt:1976
false
processing should stop and the error should be shown to the user * false
Definition hooks.txt:187
NS_HELP
const NS_HELP
Definition Defines.php:77
NS_USER
const NS_USER
Definition Defines.php:67
NS_FILE
const NS_FILE
Definition Defines.php:71
NS_MAIN
const NS_MAIN
Definition Defines.php:65
NS_SPECIAL
const NS_SPECIAL
Definition Defines.php:54
NS_MEDIA
const NS_MEDIA
Definition Defines.php:53
NS_TALK
const NS_TALK
Definition Defines.php:66
NS_PROJECT
const NS_PROJECT
Definition Defines.php:69