MediaWiki REL1_32
TitlePermissionTest.php
Go to the documentation of this file.
1<?php
2
3use MediaWiki\MediaWikiServices;
4
11class TitlePermissionTest extends MediaWikiLangTestCase {
12
16 protected $userName, $altUserName;
17
21 protected $title;
22
26 protected $user, $anonUser, $userUser, $altUser;
27
28 protected function setUp() {
29 parent::setUp();
30
31 $localZone = 'UTC';
32 $localOffset = date( 'Z' ) / 60;
33
34 $this->setMwGlobals( [
35 'wgLocaltimezone' => $localZone,
36 'wgLocalTZoffset' => $localOffset,
37 'wgNamespaceProtection' => [
38 NS_MEDIAWIKI => 'editinterface',
39 ],
40 ] );
41 // Without this testUserBlock will use a non-English context on non-English MediaWiki
42 // installations (because of how Title::checkUserBlock is implemented) and fail.
43 RequestContext::resetMain();
44
45 $this->userName = 'Useruser';
46 $this->altUserName = 'Altuseruser';
47 date_default_timezone_set( $localZone );
48
49 $this->title = Title::makeTitle( NS_MAIN, "Main Page" );
50 if ( !isset( $this->userUser ) || !( $this->userUser instanceof User ) ) {
51 $this->userUser = User::newFromName( $this->userName );
52
53 if ( !$this->userUser->getId() ) {
54 $this->userUser = User::createNew( $this->userName, [
55 "email" => "test@example.com",
56 "real_name" => "Test User" ] );
57 $this->userUser->load();
58 }
59
60 $this->altUser = User::newFromName( $this->altUserName );
61 if ( !$this->altUser->getId() ) {
62 $this->altUser = User::createNew( $this->altUserName, [
63 "email" => "alttest@example.com",
64 "real_name" => "Test User Alt" ] );
65 $this->altUser->load();
66 }
67
68 $this->anonUser = User::newFromId( 0 );
69
70 $this->user = $this->userUser;
71 }
72 $this->overrideMwServices();
73 }
74
75 protected function setUserPerm( $perm ) {
76 // Setting member variables is evil!!!
77
78 if ( is_array( $perm ) ) {
79 $this->user->mRights = $perm;
80 } else {
81 $this->user->mRights = [ $perm ];
82 }
83 }
84
85 protected function setTitle( $ns, $title = "Main_Page" ) {
86 $this->title = Title::makeTitle( $ns, $title );
87 }
88
89 protected function setUser( $userName = null ) {
90 if ( $userName === 'anon' ) {
91 $this->user = $this->anonUser;
92 } elseif ( $userName === null || $userName === $this->userName ) {
93 $this->user = $this->userUser;
94 } else {
95 $this->user = $this->altUser;
96 }
97 }
98
108 public function testQuickPermissions() {
109 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
110 getFormattedNsText( NS_PROJECT );
111
112 $this->setUser( 'anon' );
113 $this->setTitle( NS_TALK );
114 $this->setUserPerm( "createtalk" );
115 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
116 $this->assertEquals( [], $res );
117
118 $this->setTitle( NS_TALK );
119 $this->setUserPerm( "createpage" );
120 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
121 $this->assertEquals( [ [ "nocreatetext" ] ], $res );
122
123 $this->setTitle( NS_TALK );
124 $this->setUserPerm( "" );
125 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
126 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
127
128 $this->setTitle( NS_MAIN );
129 $this->setUserPerm( "createpage" );
130 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
131 $this->assertEquals( [], $res );
132
133 $this->setTitle( NS_MAIN );
134 $this->setUserPerm( "createtalk" );
135 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
136 $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
137
138 $this->setUser( $this->userName );
139 $this->setTitle( NS_TALK );
140 $this->setUserPerm( "createtalk" );
141 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
142 $this->assertEquals( [], $res );
143
144 $this->setTitle( NS_TALK );
145 $this->setUserPerm( "createpage" );
146 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
147 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
148
149 $this->setTitle( NS_TALK );
150 $this->setUserPerm( "" );
151 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
152 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
153
154 $this->setTitle( NS_MAIN );
155 $this->setUserPerm( "createpage" );
156 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
157 $this->assertEquals( [], $res );
158
159 $this->setTitle( NS_MAIN );
160 $this->setUserPerm( "createtalk" );
161 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
162 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
163
164 $this->setTitle( NS_MAIN );
165 $this->setUserPerm( "" );
166 $res = $this->title->getUserPermissionsErrors( 'create', $this->user );
167 $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
168
169 $this->setUser( 'anon' );
170 $this->setTitle( NS_USER, $this->userName . '' );
171 $this->setUserPerm( "" );
172 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
173 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
174
175 $this->setTitle( NS_USER, $this->userName . '/subpage' );
176 $this->setUserPerm( "" );
177 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
178 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
179
180 $this->setTitle( NS_USER, $this->userName . '' );
181 $this->setUserPerm( "move-rootuserpages" );
182 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
183 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
184
185 $this->setTitle( NS_USER, $this->userName . '/subpage' );
186 $this->setUserPerm( "move-rootuserpages" );
187 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
188 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
189
190 $this->setTitle( NS_USER, $this->userName . '' );
191 $this->setUserPerm( "" );
192 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
193 $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
194
195 $this->setTitle( NS_USER, $this->userName . '/subpage' );
196 $this->setUserPerm( "" );
197 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
198 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
199
200 $this->setTitle( NS_USER, $this->userName . '' );
201 $this->setUserPerm( "move-rootuserpages" );
202 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
203 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
204
205 $this->setTitle( NS_USER, $this->userName . '/subpage' );
206 $this->setUserPerm( "move-rootuserpages" );
207 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
208 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
209
210 $this->setUser( $this->userName );
211 $this->setTitle( NS_FILE, "img.png" );
212 $this->setUserPerm( "" );
213 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
214 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
215
216 $this->setTitle( NS_FILE, "img.png" );
217 $this->setUserPerm( "movefile" );
218 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
219 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
220
221 $this->setUser( 'anon' );
222 $this->setTitle( NS_FILE, "img.png" );
223 $this->setUserPerm( "" );
224 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
225 $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
226
227 $this->setTitle( NS_FILE, "img.png" );
228 $this->setUserPerm( "movefile" );
229 $res = $this->title->getUserPermissionsErrors( 'move', $this->user );
230 $this->assertEquals( [ [ 'movenologintext' ] ], $res );
231
232 $this->setUser( $this->userName );
233 $this->setUserPerm( "move" );
234 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
235
236 $this->setUserPerm( "" );
237 $this->runGroupPermissions(
238 'move',
239 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
240 );
241
242 $this->setUser( 'anon' );
243 $this->setUserPerm( "move" );
244 $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
245
246 $this->setUserPerm( "" );
247 $this->runGroupPermissions(
248 'move',
249 [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
250 [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
251 );
252
253 if ( $this->isWikitextNS( NS_MAIN ) ) {
254 // NOTE: some content models don't allow moving
255 // @todo find a Wikitext namespace for testing
256
257 $this->setTitle( NS_MAIN );
258 $this->setUser( 'anon' );
259 $this->setUserPerm( "move" );
260 $this->runGroupPermissions( 'move', [] );
261
262 $this->setUserPerm( "" );
263 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
264 [ [ 'movenologintext' ] ] );
265
266 $this->setUser( $this->userName );
267 $this->setUserPerm( "" );
268 $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
269
270 $this->setUserPerm( "move" );
271 $this->runGroupPermissions( 'move', [] );
272
273 $this->setUser( 'anon' );
274 $this->setUserPerm( 'move' );
275 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
276 $this->assertEquals( [], $res );
277
278 $this->setUserPerm( '' );
279 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
280 $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
281 }
282
283 $this->setTitle( NS_USER );
284 $this->setUser( $this->userName );
285 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
286 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
287 $this->assertEquals( [], $res );
288
289 $this->setUserPerm( "move" );
290 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
291 $this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
292
293 $this->setUser( 'anon' );
294 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
295 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
296 $this->assertEquals( [], $res );
297
298 $this->setTitle( NS_USER, "User/subpage" );
299 $this->setUserPerm( [ "move", "move-rootuserpages" ] );
300 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
301 $this->assertEquals( [], $res );
302
303 $this->setUserPerm( "move" );
304 $res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
305 $this->assertEquals( [], $res );
306
307 $this->setUser( 'anon' );
308 $check = [
309 'edit' => [
310 [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ] ],
311 [ [ 'badaccess-group0' ] ],
312 [],
313 true
314 ],
315 'protect' => [
316 [ [
317 'badaccess-groups',
318 "[[$prefix:Administrators|Administrators]]", 1 ],
319 [ 'protect-cantedit'
320 ] ],
321 [ [ 'badaccess-group0' ], [ 'protect-cantedit' ] ],
322 [ [ 'protect-cantedit' ] ],
323 false
324 ],
325 '' => [ [], [], [], true ]
326 ];
327
328 foreach ( [ "edit", "protect", "" ] as $action ) {
329 $this->setUserPerm( null );
330 $this->assertEquals( $check[$action][0],
331 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
332 $this->assertEquals( $check[$action][0],
333 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
334 $this->assertEquals( $check[$action][0],
335 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
336
337 global $wgGroupPermissions;
338 $old = $wgGroupPermissions;
339 $wgGroupPermissions = [];
340
341 $this->assertEquals( $check[$action][1],
342 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
343 $this->assertEquals( $check[$action][1],
344 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
345 $this->assertEquals( $check[$action][1],
346 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
347 $wgGroupPermissions = $old;
348
349 $this->setUserPerm( $action );
350 $this->assertEquals( $check[$action][2],
351 $this->title->getUserPermissionsErrors( $action, $this->user, true ) );
352 $this->assertEquals( $check[$action][2],
353 $this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
354 $this->assertEquals( $check[$action][2],
355 $this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
356
357 $this->setUserPerm( $action );
358 $this->assertEquals( $check[$action][3],
359 $this->title->userCan( $action, $this->user, true ) );
360 $this->assertEquals( $check[$action][3],
361 $this->title->quickUserCan( $action, $this->user ) );
362 # count( User::getGroupsWithPermissions( $action ) ) < 1
363 }
364 }
365
366 protected function runGroupPermissions( $action, $result, $result2 = null ) {
367 global $wgGroupPermissions;
368
369 if ( $result2 === null ) {
370 $result2 = $result;
371 }
372
373 $wgGroupPermissions['autoconfirmed']['move'] = false;
374 $wgGroupPermissions['user']['move'] = false;
375 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
376 $this->assertEquals( $result, $res );
377
378 $wgGroupPermissions['autoconfirmed']['move'] = true;
379 $wgGroupPermissions['user']['move'] = false;
380 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
381 $this->assertEquals( $result2, $res );
382
383 $wgGroupPermissions['autoconfirmed']['move'] = true;
384 $wgGroupPermissions['user']['move'] = true;
385 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
386 $this->assertEquals( $result2, $res );
387
388 $wgGroupPermissions['autoconfirmed']['move'] = false;
389 $wgGroupPermissions['user']['move'] = true;
390 $res = $this->title->getUserPermissionsErrors( $action, $this->user );
391 $this->assertEquals( $result2, $res );
392 }
393
399 public function testSpecialsAndNSPermissions() {
400 global $wgNamespaceProtection;
401 $this->setUser( $this->userName );
402
403 $this->setTitle( NS_SPECIAL );
404
405 $this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
406 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
407
408 $this->setTitle( NS_MAIN );
409 $this->setUserPerm( 'bogus' );
410 $this->assertEquals( [],
411 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
412
413 $this->setTitle( NS_MAIN );
414 $this->setUserPerm( '' );
415 $this->assertEquals( [ [ 'badaccess-group0' ] ],
416 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
417
418 $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
419
420 $this->setTitle( NS_USER );
421 $this->setUserPerm( '' );
422 $this->assertEquals( [ [ 'badaccess-group0' ],
423 [ 'namespaceprotected', 'User', 'bogus' ] ],
424 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
425
426 $this->setTitle( NS_MEDIAWIKI );
427 $this->setUserPerm( 'bogus' );
428 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
429 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
430
431 $this->setTitle( NS_MEDIAWIKI );
432 $this->setUserPerm( 'bogus' );
433 $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
434 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
435
436 $wgNamespaceProtection = null;
437
438 $this->setUserPerm( 'bogus' );
439 $this->assertEquals( [],
440 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
441 $this->assertEquals( true,
442 $this->title->userCan( 'bogus', $this->user ) );
443
444 $this->setUserPerm( '' );
445 $this->assertEquals( [ [ 'badaccess-group0' ] ],
446 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
447 $this->assertEquals( false,
448 $this->title->userCan( 'bogus', $this->user ) );
449 }
450
456 public function testJsConfigEditPermissions() {
457 $this->setUser( $this->userName );
458
459 $this->setTitle( NS_USER, $this->userName . '/test.js' );
460 $this->runConfigEditPermissions(
461 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
462
463 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
464 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
465 [ [ 'badaccess-group0' ] ],
466
467 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
468 [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
469 [ [ 'badaccess-group0' ] ],
470 [ [ 'badaccess-groups' ] ]
471 );
472 }
473
479 public function testJsonConfigEditPermissions() {
480 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
481 getFormattedNsText( NS_PROJECT );
482 $this->setUser( $this->userName );
483
484 $this->setTitle( NS_USER, $this->userName . '/test.json' );
485 $this->runConfigEditPermissions(
486 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
487
488 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
489 [ [ 'badaccess-group0' ] ],
490 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
491
492 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
493 [ [ 'badaccess-group0' ] ],
494 [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
495 [ [ 'badaccess-groups' ] ]
496 );
497 }
498
504 public function testCssConfigEditPermissions() {
505 $this->setUser( $this->userName );
506
507 $this->setTitle( NS_USER, $this->userName . '/test.css' );
508 $this->runConfigEditPermissions(
509 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
510
511 [ [ 'badaccess-group0' ] ],
512 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
513 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
514
515 [ [ 'badaccess-group0' ] ],
516 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
517 [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
518 [ [ 'badaccess-groups' ] ]
519 );
520 }
521
527 public function testOtherJsConfigEditPermissions() {
528 $this->setUser( $this->userName );
529
530 $this->setTitle( NS_USER, $this->altUserName . '/test.js' );
531 $this->runConfigEditPermissions(
532 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
533
534 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
535 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
536 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
537
538 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
539 [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
540 [ [ 'badaccess-group0' ] ],
541 [ [ 'badaccess-groups' ] ]
542 );
543 }
544
550 public function testOtherJsonConfigEditPermissions() {
551 $this->setUser( $this->userName );
552
553 $this->setTitle( NS_USER, $this->altUserName . '/test.json' );
554 $this->runConfigEditPermissions(
555 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
556
557 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
558 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
559 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
560
561 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
562 [ [ 'badaccess-group0' ] ],
563 [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
564 [ [ 'badaccess-groups' ] ]
565 );
566 }
567
573 public function testOtherCssConfigEditPermissions() {
574 $this->setUser( $this->userName );
575
576 $this->setTitle( NS_USER, $this->altUserName . '/test.css' );
577 $this->runConfigEditPermissions(
578 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
579
580 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
581 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
582 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
583
584 [ [ 'badaccess-group0' ] ],
585 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
586 [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
587 [ [ 'badaccess-groups' ] ]
588 );
589 }
590
596 public function testOtherNonConfigEditPermissions() {
597 $this->setUser( $this->userName );
598
599 $this->setTitle( NS_USER, $this->altUserName . '/tempo' );
600 $this->runConfigEditPermissions(
601 [ [ 'badaccess-group0' ] ],
602
603 [ [ 'badaccess-group0' ] ],
604 [ [ 'badaccess-group0' ] ],
605 [ [ 'badaccess-group0' ] ],
606
607 [ [ 'badaccess-group0' ] ],
608 [ [ 'badaccess-group0' ] ],
609 [ [ 'badaccess-group0' ] ],
610 [ [ 'badaccess-groups' ] ]
611 );
612 }
613
618 public function testPatrolActionConfigEditPermissions() {
619 $this->setUser( 'anon' );
620 $this->setTitle( NS_USER, 'ToPatrolOrNotToPatrol' );
621 $this->runConfigEditPermissions(
622 [ [ 'badaccess-group0' ] ],
623
624 [ [ 'badaccess-group0' ] ],
625 [ [ 'badaccess-group0' ] ],
626 [ [ 'badaccess-group0' ] ],
627
628 [ [ 'badaccess-group0' ] ],
629 [ [ 'badaccess-group0' ] ],
630 [ [ 'badaccess-group0' ] ],
631 [ [ 'badaccess-groups' ] ]
632 );
633 }
634
635 protected function runConfigEditPermissions(
636 $resultNone,
637 $resultMyCss,
638 $resultMyJson,
639 $resultMyJs,
640 $resultUserCss,
641 $resultUserJson,
642 $resultUserJs,
643 $resultPatrol
644 ) {
645 $this->setUserPerm( '' );
646 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
647 $this->assertEquals( $resultNone, $result );
648
649 $this->setUserPerm( 'editmyusercss' );
650 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
651 $this->assertEquals( $resultMyCss, $result );
652
653 $this->setUserPerm( 'editmyuserjson' );
654 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
655 $this->assertEquals( $resultMyJson, $result );
656
657 $this->setUserPerm( 'editmyuserjs' );
658 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
659 $this->assertEquals( $resultMyJs, $result );
660
661 $this->setUserPerm( 'editusercss' );
662 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
663 $this->assertEquals( $resultUserCss, $result );
664
665 $this->setUserPerm( 'edituserjson' );
666 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
667 $this->assertEquals( $resultUserJson, $result );
668
669 $this->setUserPerm( 'edituserjs' );
670 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
671 $this->assertEquals( $resultUserJs, $result );
672
673 $this->setUserPerm( '' );
674 $result = $this->title->getUserPermissionsErrors( 'patrol', $this->user );
675 $this->assertEquals( reset( $resultPatrol[0] ), reset( $result[0] ) );
676
677 $this->setUserPerm( [ 'edituserjs', 'edituserjson', 'editusercss' ] );
678 $result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
679 $this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
680 }
681
691 public function testPageRestrictions() {
692 $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
693 getFormattedNsText( NS_PROJECT );
694
695 $this->setTitle( NS_MAIN );
696 $this->title->mRestrictionsLoaded = true;
697 $this->setUserPerm( "edit" );
698 $this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
699
700 $this->assertEquals( [],
701 $this->title->getUserPermissionsErrors( 'edit',
702 $this->user ) );
703
704 $this->assertEquals( true,
705 $this->title->quickUserCan( 'edit', $this->user ) );
706 $this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
707 "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
708
709 $this->assertEquals( [ [ 'badaccess-group0' ],
710 [ 'protectedpagetext', 'bogus', 'bogus' ],
711 [ 'protectedpagetext', 'editprotected', 'bogus' ],
712 [ 'protectedpagetext', 'protect', 'bogus' ] ],
713 $this->title->getUserPermissionsErrors( 'bogus',
714 $this->user ) );
715 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
716 [ 'protectedpagetext', 'editprotected', 'edit' ],
717 [ 'protectedpagetext', 'protect', 'edit' ] ],
718 $this->title->getUserPermissionsErrors( 'edit',
719 $this->user ) );
720 $this->setUserPerm( "" );
721 $this->assertEquals( [ [ 'badaccess-group0' ],
722 [ 'protectedpagetext', 'bogus', 'bogus' ],
723 [ 'protectedpagetext', 'editprotected', 'bogus' ],
724 [ 'protectedpagetext', 'protect', 'bogus' ] ],
725 $this->title->getUserPermissionsErrors( 'bogus',
726 $this->user ) );
727 $this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
728 [ 'protectedpagetext', 'bogus', 'edit' ],
729 [ 'protectedpagetext', 'editprotected', 'edit' ],
730 [ 'protectedpagetext', 'protect', 'edit' ] ],
731 $this->title->getUserPermissionsErrors( 'edit',
732 $this->user ) );
733 $this->setUserPerm( [ "edit", "editprotected" ] );
734 $this->assertEquals( [ [ 'badaccess-group0' ],
735 [ 'protectedpagetext', 'bogus', 'bogus' ],
736 [ 'protectedpagetext', 'protect', 'bogus' ] ],
737 $this->title->getUserPermissionsErrors( 'bogus',
738 $this->user ) );
739 $this->assertEquals( [
740 [ 'protectedpagetext', 'bogus', 'edit' ],
741 [ 'protectedpagetext', 'protect', 'edit' ] ],
742 $this->title->getUserPermissionsErrors( 'edit',
743 $this->user ) );
744
745 $this->title->mCascadeRestriction = true;
746 $this->setUserPerm( "edit" );
747 $this->assertEquals( false,
748 $this->title->quickUserCan( 'bogus', $this->user ) );
749 $this->assertEquals( false,
750 $this->title->quickUserCan( 'edit', $this->user ) );
751 $this->assertEquals( [ [ 'badaccess-group0' ],
752 [ 'protectedpagetext', 'bogus', 'bogus' ],
753 [ 'protectedpagetext', 'editprotected', 'bogus' ],
754 [ 'protectedpagetext', 'protect', 'bogus' ] ],
755 $this->title->getUserPermissionsErrors( 'bogus',
756 $this->user ) );
757 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
758 [ 'protectedpagetext', 'editprotected', 'edit' ],
759 [ 'protectedpagetext', 'protect', 'edit' ] ],
760 $this->title->getUserPermissionsErrors( 'edit',
761 $this->user ) );
762
763 $this->setUserPerm( [ "edit", "editprotected" ] );
764 $this->assertEquals( false,
765 $this->title->quickUserCan( 'bogus', $this->user ) );
766 $this->assertEquals( false,
767 $this->title->quickUserCan( 'edit', $this->user ) );
768 $this->assertEquals( [ [ 'badaccess-group0' ],
769 [ 'protectedpagetext', 'bogus', 'bogus' ],
770 [ 'protectedpagetext', 'protect', 'bogus' ],
771 [ 'protectedpagetext', 'protect', 'bogus' ] ],
772 $this->title->getUserPermissionsErrors( 'bogus',
773 $this->user ) );
774 $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
775 [ 'protectedpagetext', 'protect', 'edit' ],
776 [ 'protectedpagetext', 'protect', 'edit' ] ],
777 $this->title->getUserPermissionsErrors( 'edit',
778 $this->user ) );
779 }
780
784 public function testCascadingSourcesRestrictions() {
785 $this->setTitle( NS_MAIN, "test page" );
786 $this->setUserPerm( [ "edit", "bogus" ] );
787
788 $this->title->mCascadeSources = [
789 Title::makeTitle( NS_MAIN, "Bogus" ),
790 Title::makeTitle( NS_MAIN, "UnBogus" )
791 ];
792 $this->title->mCascadingRestrictions = [
793 "bogus" => [ 'bogus', "sysop", "protect", "" ]
794 ];
795
796 $this->assertEquals( false,
797 $this->title->userCan( 'bogus', $this->user ) );
798 $this->assertEquals( [
799 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
800 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
801 [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
802 $this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
803
804 $this->assertEquals( true,
805 $this->title->userCan( 'edit', $this->user ) );
806 $this->assertEquals( [],
807 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
808 }
809
815 public function testActionPermissions() {
816 $this->setUserPerm( [ "createpage" ] );
817 $this->setTitle( NS_MAIN, "test page" );
818 $this->title->mTitleProtection['permission'] = '';
819 $this->title->mTitleProtection['user'] = $this->user->getId();
820 $this->title->mTitleProtection['expiry'] = 'infinity';
821 $this->title->mTitleProtection['reason'] = 'test';
822 $this->title->mCascadeRestriction = false;
823
824 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
825 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
826 $this->assertEquals( false,
827 $this->title->userCan( 'create', $this->user ) );
828
829 $this->title->mTitleProtection['permission'] = 'editprotected';
830 $this->setUserPerm( [ 'createpage', 'protect' ] );
831 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
832 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
833 $this->assertEquals( false,
834 $this->title->userCan( 'create', $this->user ) );
835
836 $this->setUserPerm( [ 'createpage', 'editprotected' ] );
837 $this->assertEquals( [],
838 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
839 $this->assertEquals( true,
840 $this->title->userCan( 'create', $this->user ) );
841
842 $this->setUserPerm( [ 'createpage' ] );
843 $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
844 $this->title->getUserPermissionsErrors( 'create', $this->user ) );
845 $this->assertEquals( false,
846 $this->title->userCan( 'create', $this->user ) );
847
848 $this->setTitle( NS_MEDIA, "test page" );
849 $this->setUserPerm( [ "move" ] );
850 $this->assertEquals( false,
851 $this->title->userCan( 'move', $this->user ) );
852 $this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
853 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
854
855 $this->setTitle( NS_HELP, "test page" );
856 $this->assertEquals( [],
857 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
858 $this->assertEquals( true,
859 $this->title->userCan( 'move', $this->user ) );
860
861 $this->title->mInterwiki = "no";
862 $this->assertEquals( [ [ 'immobile-source-page' ] ],
863 $this->title->getUserPermissionsErrors( 'move', $this->user ) );
864 $this->assertEquals( false,
865 $this->title->userCan( 'move', $this->user ) );
866
867 $this->setTitle( NS_MEDIA, "test page" );
868 $this->assertEquals( false,
869 $this->title->userCan( 'move-target', $this->user ) );
870 $this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
871 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
872
873 $this->setTitle( NS_HELP, "test page" );
874 $this->assertEquals( [],
875 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
876 $this->assertEquals( true,
877 $this->title->userCan( 'move-target', $this->user ) );
878
879 $this->title->mInterwiki = "no";
880 $this->assertEquals( [ [ 'immobile-target-page' ] ],
881 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
882 $this->assertEquals( false,
883 $this->title->userCan( 'move-target', $this->user ) );
884 }
885
889 public function testUserBlock() {
890 $this->setMwGlobals( [
891 'wgEmailConfirmToEdit' => true,
892 'wgEmailAuthentication' => true,
893 ] );
894
895 $this->setUserPerm( [ "createpage", "move" ] );
896 $this->setTitle( NS_HELP, "test page" );
897
898 # $wgEmailConfirmToEdit only applies to 'edit' action
899 $this->assertEquals( [],
900 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
901 $this->assertContains( [ 'confirmedittext' ],
902 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
903
904 $this->setMwGlobals( 'wgEmailConfirmToEdit', false );
905 $this->assertNotContains( [ 'confirmedittext' ],
906 $this->title->getUserPermissionsErrors( 'edit', $this->user ) );
907
908 # $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
909 $this->assertEquals( [],
910 $this->title->getUserPermissionsErrors( 'move-target',
911 $this->user ) );
912
913 global $wgLang;
914 $prev = time();
915 $now = time() + 120;
916 $this->user->mBlockedby = $this->user->getId();
917 $this->user->mBlock = new Block( [
918 'address' => '127.0.8.1',
919 'by' => $this->user->getId(),
920 'reason' => 'no reason given',
921 'timestamp' => $prev + 3600,
922 'auto' => true,
923 'expiry' => 0
924 ] );
925 $this->user->mBlock->mTimestamp = 0;
926 $this->assertEquals( [ [ 'autoblockedtext',
927 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
928 'Useruser', null, 'infinite', '127.0.8.1',
929 $wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
930 $this->title->getUserPermissionsErrors( 'move-target',
931 $this->user ) );
932
933 $this->assertEquals( false, $this->title->userCan( 'move-target', $this->user ) );
934 // quickUserCan should ignore user blocks
935 $this->assertEquals( true, $this->title->quickUserCan( 'move-target', $this->user ) );
936
937 global $wgLocalTZoffset;
938 $wgLocalTZoffset = -60;
939 $this->user->mBlockedby = $this->user->getName();
940 $this->user->mBlock = new Block( [
941 'address' => '127.0.8.1',
942 'by' => $this->user->getId(),
943 'reason' => 'no reason given',
944 'timestamp' => $now,
945 'auto' => false,
946 'expiry' => 10,
947 ] );
948 $this->assertEquals( [ [ 'blockedtext',
949 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
950 'Useruser', null, '23:00, 31 December 1969', '127.0.8.1',
951 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
952 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
953 # $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
954 # $user->blockedFor() == ''
955 # $user->mBlock->mExpiry == 'infinity'
956
957 $this->user->mBlockedby = $this->user->getName();
958 $this->user->mBlock = new Block( [
959 'address' => '127.0.8.1',
960 'by' => $this->user->getId(),
961 'reason' => 'no reason given',
962 'timestamp' => $now,
963 'auto' => false,
964 'expiry' => 10,
965 'systemBlock' => 'test',
966 ] );
967 $this->assertEquals( [ [ 'systemblockedtext',
968 '[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
969 'Useruser', 'test', '23:00, 31 December 1969', '127.0.8.1',
970 $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
971 $this->title->getUserPermissionsErrors( 'move-target', $this->user ) );
972 }
973}
$wgNamespaceProtection
$wgNamespaceProtection
Set the minimum permissions required to edit pages in each namespace.
Definition DefaultSettings.php:5364
$wgLocalTZoffset
$wgLocalTZoffset
Set an offset from UTC in minutes to use for the default timezone setting for anonymous users and new...
Definition DefaultSettings.php:3221
wfTimestamp
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition GlobalFunctions.php:1966
$wgGroupPermissions
$wgGroupPermissions['sysop']['replacetext']
Definition ReplaceText.php:56
$wgLang
$wgLang
Definition Setup.php:910
MediaWikiLangTestCase
Base class that store and restore the Language objects.
Definition MediaWikiLangTestCase.php:8
MediaWikiTestCase\overrideMwServices
overrideMwServices(Config $configOverrides=null, array $services=[])
Stashes the global instance of MediaWikiServices, and installs a new one, allowing test cases to over...
Definition MediaWikiTestCase.php:934
MediaWikiTestCase\setMwGlobals
setMwGlobals( $pairs, $value=null)
Sets a global, maintaining a stashed version of the previous global to be restored in tearDown.
Definition MediaWikiTestCase.php:706
MediaWikiTestCase\isWikitextNS
isWikitextNS( $ns)
Returns true if the given namespace defaults to Wikitext according to $wgNamespaceContentModels.
Definition MediaWikiTestCase.php:2160
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:99
TitlePermissionTest\setTitle
setTitle( $ns, $title="Main_Page")
Definition TitlePermissionTest.php:85
TitlePermissionTest\runConfigEditPermissions
runConfigEditPermissions( $resultNone, $resultMyCss, $resultMyJson, $resultMyJs, $resultUserCss, $resultUserJson, $resultUserJs, $resultPatrol)
Definition TitlePermissionTest.php:635
TitlePermissionTest\testUserBlock
testUserBlock()
Title::checkUserBlock.
Definition TitlePermissionTest.php:889
TitlePermissionTest\runGroupPermissions
runGroupPermissions( $action, $result, $result2=null)
Definition TitlePermissionTest.php:366
TitlePermissionTest\testCascadingSourcesRestrictions
testCascadingSourcesRestrictions()
Title::checkCascadingSourcesRestrictions.
Definition TitlePermissionTest.php:784
Title
Represents a title within MediaWiki.
Definition Title.php:39
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:47
User\newFromName
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
Definition User.php:592
User\newFromId
static newFromId( $id)
Static factory method for creation from a given user ID.
Definition User.php:615
User\createNew
static createNew( $name, $params=[])
Add a user to the database, return the user object.
Definition User.php:4301
$res
$res
Definition database.txt:21
$result
namespace being checked & $result
Definition hooks.txt:2385
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition hooks.txt:2055
false
processing should stop and the error should be shown to the user * false
Definition hooks.txt:187
NS_HELP
const NS_HELP
Definition Defines.php:76
NS_USER
const NS_USER
Definition Defines.php:66
NS_FILE
const NS_FILE
Definition Defines.php:70
NS_MAIN
const NS_MAIN
Definition Defines.php:64
NS_SPECIAL
const NS_SPECIAL
Definition Defines.php:53
NS_MEDIA
const NS_MEDIA
Definition Defines.php:52
NS_TALK
const NS_TALK
Definition Defines.php:65
NS_PROJECT
const NS_PROJECT
Definition Defines.php:68