MediaWiki  master
PermissionManagerTest.php
Go to the documentation of this file.
1 <?php
2 
4 
5 use Action;
12 use Title;
13 use User;
21 
28 
32  protected $userName, $altUserName;
33 
37  protected $title;
38 
43 
47  protected $permissionManager;
48 
50  const USER_TALK_PAGE = '<user talk page>';
51 
52  protected function setUp() {
53  parent::setUp();
54 
55  $localZone = 'UTC';
56  $localOffset = date( 'Z' ) / 60;
57 
58  $this->setMwGlobals( [
59  'wgLocaltimezone' => $localZone,
60  'wgLocalTZoffset' => $localOffset,
61  'wgNamespaceProtection' => [
62  NS_MEDIAWIKI => 'editinterface',
63  ],
64  'wgRevokePermissions' => [
65  'formertesters' => [
66  'runtest' => true
67  ]
68  ],
69  'wgAvailableRights' => [
70  'test',
71  'runtest',
72  'writetest',
73  'nukeworld',
74  'modifytest',
75  'editmyoptions'
76  ]
77  ] );
78 
79  $this->setGroupPermissions( 'unittesters', 'test', true );
80  $this->setGroupPermissions( 'unittesters', 'runtest', true );
81  $this->setGroupPermissions( 'unittesters', 'writetest', false );
82  $this->setGroupPermissions( 'unittesters', 'nukeworld', false );
83 
84  $this->setGroupPermissions( 'testwriters', 'test', true );
85  $this->setGroupPermissions( 'testwriters', 'writetest', true );
86  $this->setGroupPermissions( 'testwriters', 'modifytest', true );
87 
88  $this->setGroupPermissions( '*', 'editmyoptions', true );
89 
90  // Without this testUserBlock will use a non-English context on non-English MediaWiki
91  // installations (because of how Title::checkUserBlock is implemented) and fail.
93 
94  $this->userName = 'Useruser';
95  $this->altUserName = 'Altuseruser';
96  date_default_timezone_set( $localZone );
97 
98  $this->title = Title::makeTitle( NS_MAIN, "Main Page" );
99  if ( !isset( $this->userUser ) || !( $this->userUser instanceof User ) ) {
100  $this->userUser = User::newFromName( $this->userName );
101 
102  if ( !$this->userUser->getId() ) {
103  $this->userUser = User::createNew( $this->userName, [
104  "email" => "test@example.com",
105  "real_name" => "Test User" ] );
106  $this->userUser->load();
107  }
108 
109  $this->altUser = User::newFromName( $this->altUserName );
110  if ( !$this->altUser->getId() ) {
111  $this->altUser = User::createNew( $this->altUserName, [
112  "email" => "alttest@example.com",
113  "real_name" => "Test User Alt" ] );
114  $this->altUser->load();
115  }
116 
117  $this->anonUser = User::newFromId( 0 );
118 
119  $this->user = $this->userUser;
120  }
121 
122  $this->resetServices();
123  }
124 
125  public function tearDown() {
126  parent::tearDown();
127  $this->restoreMwServices();
128  }
129 
130  protected function setTitle( $ns, $title = "Main_Page" ) {
131  $this->title = Title::makeTitle( $ns, $title );
132  }
133 
134  protected function setUser( $userName = null ) {
135  if ( $userName === 'anon' ) {
136  $this->user = $this->anonUser;
137  } elseif ( $userName === null || $userName === $this->userName ) {
138  $this->user = $this->userUser;
139  } else {
140  $this->user = $this->altUser;
141  }
142  $this->resetServices();
143  }
144 
154  public function testQuickPermissions() {
155  $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
156  getFormattedNsText( NS_PROJECT );
157 
158  $this->setUser( 'anon' );
159  $this->setTitle( NS_TALK );
160  $this->overrideUserPermissions( $this->user, "createtalk" );
161  $res = MediaWikiServices::getInstance()->getPermissionManager()
162  ->getPermissionErrors( 'create', $this->user, $this->title );
163  $this->assertEquals( [], $res );
164 
165  $this->setTitle( NS_TALK );
166  $this->overrideUserPermissions( $this->user, "createpage" );
167  $res = MediaWikiServices::getInstance()->getPermissionManager()
168  ->getPermissionErrors( 'create', $this->user, $this->title );
169  $this->assertEquals( [ [ "nocreatetext" ] ], $res );
170 
171  $this->setTitle( NS_TALK );
172  $this->overrideUserPermissions( $this->user, "" );
173  $res = MediaWikiServices::getInstance()->getPermissionManager()
174  ->getPermissionErrors( 'create', $this->user, $this->title );
175  $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
176 
177  $this->setTitle( NS_MAIN );
178  $this->overrideUserPermissions( $this->user, "createpage" );
179  $res = MediaWikiServices::getInstance()->getPermissionManager()
180  ->getPermissionErrors( 'create', $this->user, $this->title );
181  $this->assertEquals( [], $res );
182 
183  $this->setTitle( NS_MAIN );
184  $this->overrideUserPermissions( $this->user, "createtalk" );
185  $res = MediaWikiServices::getInstance()->getPermissionManager()
186  ->getPermissionErrors( 'create', $this->user, $this->title );
187  $this->assertEquals( [ [ 'nocreatetext' ] ], $res );
188 
189  $this->setUser( $this->userName );
190  $this->setTitle( NS_TALK );
191  $this->overrideUserPermissions( $this->user, "createtalk" );
192  $res = MediaWikiServices::getInstance()->getPermissionManager()
193  ->getPermissionErrors( 'create', $this->user, $this->title );
194  $this->assertEquals( [], $res );
195 
196  $this->setTitle( NS_TALK );
197  $this->overrideUserPermissions( $this->user, "createpage" );
198  $res = MediaWikiServices::getInstance()->getPermissionManager()
199  ->getPermissionErrors( 'create', $this->user, $this->title );
200  $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
201 
202  $this->setTitle( NS_TALK );
203  $this->overrideUserPermissions( $this->user, "" );
204  $res = MediaWikiServices::getInstance()->getPermissionManager()
205  ->getPermissionErrors( 'create', $this->user, $this->title );
206  $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
207 
208  $this->setTitle( NS_MAIN );
209  $this->overrideUserPermissions( $this->user, "createpage" );
210  $res = MediaWikiServices::getInstance()->getPermissionManager()
211  ->getPermissionErrors( 'create', $this->user, $this->title );
212  $this->assertEquals( [], $res );
213 
214  $this->setTitle( NS_MAIN );
215  $this->overrideUserPermissions( $this->user, "createtalk" );
216  $res = MediaWikiServices::getInstance()->getPermissionManager()
217  ->getPermissionErrors( 'create', $this->user, $this->title );
218  $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
219 
220  $this->setTitle( NS_MAIN );
221  $this->overrideUserPermissions( $this->user, "" );
222  $res = MediaWikiServices::getInstance()->getPermissionManager()
223  ->getPermissionErrors( 'create', $this->user, $this->title );
224  $this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
225 
226  $this->setUser( 'anon' );
227  $this->setTitle( NS_USER, $this->userName . '' );
228  $this->overrideUserPermissions( $this->user, "" );
229  $res = MediaWikiServices::getInstance()->getPermissionManager()
230  ->getPermissionErrors( 'move', $this->user, $this->title );
231  $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
232 
233  $this->setTitle( NS_USER, $this->userName . '/subpage' );
234  $this->overrideUserPermissions( $this->user, "" );
235  $res = MediaWikiServices::getInstance()->getPermissionManager()
236  ->getPermissionErrors( 'move', $this->user, $this->title );
237  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
238 
239  $this->setTitle( NS_USER, $this->userName . '' );
240  $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
241  $res = MediaWikiServices::getInstance()->getPermissionManager()
242  ->getPermissionErrors( 'move', $this->user, $this->title );
243  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
244 
245  $this->setTitle( NS_USER, $this->userName . '/subpage' );
246  $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
247  $res = MediaWikiServices::getInstance()->getPermissionManager()
248  ->getPermissionErrors( 'move', $this->user, $this->title );
249  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
250 
251  $this->setTitle( NS_USER, $this->userName . '' );
252  $this->overrideUserPermissions( $this->user, "" );
253  $res = MediaWikiServices::getInstance()->getPermissionManager()
254  ->getPermissionErrors( 'move', $this->user, $this->title );
255  $this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
256 
257  $this->setTitle( NS_USER, $this->userName . '/subpage' );
258  $this->overrideUserPermissions( $this->user, "" );
259  $res = MediaWikiServices::getInstance()->getPermissionManager()
260  ->getPermissionErrors( 'move', $this->user, $this->title );
261  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
262 
263  $this->setTitle( NS_USER, $this->userName . '' );
264  $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
265  $res = MediaWikiServices::getInstance()->getPermissionManager()
266  ->getPermissionErrors( 'move', $this->user, $this->title );
267  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
268 
269  $this->setTitle( NS_USER, $this->userName . '/subpage' );
270  $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
271  $res = MediaWikiServices::getInstance()->getPermissionManager()
272  ->getPermissionErrors( 'move', $this->user, $this->title );
273  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
274 
275  $this->setUser( $this->userName );
276  $this->setTitle( NS_FILE, "img.png" );
277  $this->overrideUserPermissions( $this->user, "" );
278  $res = MediaWikiServices::getInstance()->getPermissionManager()
279  ->getPermissionErrors( 'move', $this->user, $this->title );
280  $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
281 
282  $this->setTitle( NS_FILE, "img.png" );
283  $this->overrideUserPermissions( $this->user, "movefile" );
284  $res = MediaWikiServices::getInstance()->getPermissionManager()
285  ->getPermissionErrors( 'move', $this->user, $this->title );
286  $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
287 
288  $this->setUser( 'anon' );
289  $this->setTitle( NS_FILE, "img.png" );
290  $this->overrideUserPermissions( $this->user, "" );
291  $res = MediaWikiServices::getInstance()->getPermissionManager()
292  ->getPermissionErrors( 'move', $this->user, $this->title );
293  $this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
294 
295  $this->setTitle( NS_FILE, "img.png" );
296  $this->overrideUserPermissions( $this->user, "movefile" );
297  $res = MediaWikiServices::getInstance()->getPermissionManager()
298  ->getPermissionErrors( 'move', $this->user, $this->title );
299  $this->assertEquals( [ [ 'movenologintext' ] ], $res );
300 
301  $this->setUser( $this->userName );
302  // $this->setUserPerm( "move" );
303  $this->runGroupPermissions( 'move', 'move', [ [ 'movenotallowedfile' ] ] );
304 
305  // $this->setUserPerm( "" );
306  $this->runGroupPermissions(
307  '',
308  'move',
309  [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
310  );
311 
312  $this->setUser( 'anon' );
313  //$this->setUserPerm( "move" );
314  $this->runGroupPermissions( 'move', 'move', [ [ 'movenotallowedfile' ] ] );
315 
316  // $this->setUserPerm( "" );
317  $this->runGroupPermissions(
318  '',
319  'move',
320  [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
321  [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
322  );
323 
324  if ( $this->isWikitextNS( NS_MAIN ) ) {
325  // NOTE: some content models don't allow moving
326  // @todo find a Wikitext namespace for testing
327 
328  $this->setTitle( NS_MAIN );
329  $this->setUser( 'anon' );
330  // $this->setUserPerm( "move" );
331  $this->runGroupPermissions( 'move', 'move', [] );
332 
333  // $this->setUserPerm( "" );
334  $this->runGroupPermissions( '', 'move', [ [ 'movenotallowed' ] ],
335  [ [ 'movenologintext' ] ] );
336 
337  $this->setUser( $this->userName );
338  // $this->setUserPerm( "" );
339  $this->runGroupPermissions( '', 'move', [ [ 'movenotallowed' ] ] );
340 
341  //$this->setUserPerm( "move" );
342  $this->runGroupPermissions( 'move', 'move', [] );
343 
344  $this->setUser( 'anon' );
345  $this->overrideUserPermissions( $this->user, 'move' );
346  $res = MediaWikiServices::getInstance()->getPermissionManager()
347  ->getPermissionErrors( 'move-target', $this->user, $this->title );
348  $this->assertEquals( [], $res );
349 
350  $this->overrideUserPermissions( $this->user, '' );
351  $res = MediaWikiServices::getInstance()->getPermissionManager()
352  ->getPermissionErrors( 'move-target', $this->user, $this->title );
353  $this->assertEquals( [ [ 'movenotallowed' ] ], $res );
354  }
355 
356  $this->setTitle( NS_USER );
357  $this->setUser( $this->userName );
358  $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
359  $res = MediaWikiServices::getInstance()->getPermissionManager()
360  ->getPermissionErrors( 'move-target', $this->user, $this->title );
361  $this->assertEquals( [], $res );
362 
363  $this->overrideUserPermissions( $this->user, "move" );
364  $res = MediaWikiServices::getInstance()->getPermissionManager()
365  ->getPermissionErrors( 'move-target', $this->user, $this->title );
366  $this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
367 
368  $this->setUser( 'anon' );
369  $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
370  $res = MediaWikiServices::getInstance()->getPermissionManager()
371  ->getPermissionErrors( 'move-target', $this->user, $this->title );
372  $this->assertEquals( [], $res );
373 
374  $this->setTitle( NS_USER, "User/subpage" );
375  $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
376  $res = MediaWikiServices::getInstance()->getPermissionManager()
377  ->getPermissionErrors( 'move-target', $this->user, $this->title );
378  $this->assertEquals( [], $res );
379 
380  $this->overrideUserPermissions( $this->user, "move" );
381  $res = MediaWikiServices::getInstance()->getPermissionManager()
382  ->getPermissionErrors( 'move-target', $this->user, $this->title );
383  $this->assertEquals( [], $res );
384 
385  $this->setUser( 'anon' );
386  $check = [
387  'edit' => [
388  [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ] ],
389  [ [ 'badaccess-group0' ] ],
390  [],
391  true
392  ],
393  'protect' => [
394  [ [
395  'badaccess-groups',
396  "[[$prefix:Administrators|Administrators]]", 1 ],
397  [ 'protect-cantedit'
398  ] ],
399  [ [ 'badaccess-group0' ], [ 'protect-cantedit' ] ],
400  [ [ 'protect-cantedit' ] ],
401  false
402  ],
403  '' => [ [], [], [], true ]
404  ];
405 
406  foreach ( [ "edit", "protect", "" ] as $action ) {
407  $this->overrideUserPermissions( $this->user );
408  $this->assertEquals( $check[$action][0],
409  MediaWikiServices::getInstance()->getPermissionManager()
410  ->getPermissionErrors( $action, $this->user, $this->title, true ) );
411  $this->assertEquals( $check[$action][0],
412  MediaWikiServices::getInstance()->getPermissionManager()
413  ->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
414  $this->assertEquals( $check[$action][0],
415  MediaWikiServices::getInstance()->getPermissionManager()
416  ->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
417 
418  global $wgGroupPermissions;
419  $old = $wgGroupPermissions;
420  $wgGroupPermissions = [];
421  $this->resetServices();
422 
423  $this->assertEquals( $check[$action][1],
424  MediaWikiServices::getInstance()->getPermissionManager()
425  ->getPermissionErrors( $action, $this->user, $this->title, true ) );
426  $this->assertEquals( $check[$action][1],
427  MediaWikiServices::getInstance()->getPermissionManager()
428  ->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
429  $this->assertEquals( $check[$action][1],
430  MediaWikiServices::getInstance()->getPermissionManager()
431  ->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
432  $wgGroupPermissions = $old;
433  $this->resetServices();
434 
435  $this->overrideUserPermissions( $this->user, $action );
436  $this->assertEquals( $check[$action][2],
437  MediaWikiServices::getInstance()->getPermissionManager()
438  ->getPermissionErrors( $action, $this->user, $this->title, true ) );
439  $this->assertEquals( $check[$action][2],
440  MediaWikiServices::getInstance()->getPermissionManager()
441  ->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
442  $this->assertEquals( $check[$action][2],
443  MediaWikiServices::getInstance()->getPermissionManager()
444  ->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
445 
446  $this->overrideUserPermissions( $this->user, $action );
447  $this->assertEquals( $check[$action][3],
448  MediaWikiServices::getInstance()->getPermissionManager()
449  ->userCan( $action, $this->user, $this->title, true ) );
450  $this->assertEquals( $check[$action][3],
451  MediaWikiServices::getInstance()->getPermissionManager()
452  ->userCan( $action, $this->user, $this->title,
453  PermissionManager::RIGOR_QUICK ) );
454  # count( User::getGroupsWithPermissions( $action ) ) < 1
455  }
456  }
457 
458  protected function runGroupPermissions( $perm, $action, $result, $result2 = null ) {
459  global $wgGroupPermissions;
460 
461  if ( $result2 === null ) {
462  $result2 = $result;
463  }
464 
465  $wgGroupPermissions['autoconfirmed']['move'] = false;
466  $wgGroupPermissions['user']['move'] = false;
467  $this->resetServices();
468  $this->overrideUserPermissions( $this->user, $perm );
469  $res = MediaWikiServices::getInstance()->getPermissionManager()
470  ->getPermissionErrors( $action, $this->user, $this->title );
471  $this->assertEquals( $result, $res );
472 
473  $wgGroupPermissions['autoconfirmed']['move'] = true;
474  $wgGroupPermissions['user']['move'] = false;
475  $this->resetServices();
476  $this->overrideUserPermissions( $this->user, $perm );
477  $res = MediaWikiServices::getInstance()->getPermissionManager()
478  ->getPermissionErrors( $action, $this->user, $this->title );
479  $this->assertEquals( $result2, $res );
480 
481  $wgGroupPermissions['autoconfirmed']['move'] = true;
482  $wgGroupPermissions['user']['move'] = true;
483  $this->resetServices();
484  $this->overrideUserPermissions( $this->user, $perm );
485  $res = MediaWikiServices::getInstance()->getPermissionManager()
486  ->getPermissionErrors( $action, $this->user, $this->title );
487  $this->assertEquals( $result2, $res );
488 
489  $wgGroupPermissions['autoconfirmed']['move'] = false;
490  $wgGroupPermissions['user']['move'] = true;
491  $this->resetServices();
492  $this->overrideUserPermissions( $this->user, $perm );
493  $res = MediaWikiServices::getInstance()->getPermissionManager()
494  ->getPermissionErrors( $action, $this->user, $this->title );
495  $this->assertEquals( $result2, $res );
496  }
497 
503  public function testSpecialsAndNSPermissions() {
504  global $wgNamespaceProtection;
505  $this->setUser( $this->userName );
506 
507  $this->setTitle( NS_SPECIAL );
508 
509  $this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
510  MediaWikiServices::getInstance()->getPermissionManager()
511  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
512 
513  $this->setTitle( NS_MAIN );
514  $this->overrideUserPermissions( $this->user, 'bogus' );
515  $this->assertEquals( [],
516  MediaWikiServices::getInstance()->getPermissionManager()
517  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
518 
519  $this->setTitle( NS_MAIN );
520  $this->overrideUserPermissions( $this->user, '' );
521  $this->assertEquals( [ [ 'badaccess-group0' ] ],
522  MediaWikiServices::getInstance()->getPermissionManager()
523  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
524 
525  $wgNamespaceProtection[NS_USER] = [ 'bogus' ];
526 
527  $this->setTitle( NS_USER );
528  $this->overrideUserPermissions( $this->user, '' );
529  $this->assertEquals( [ [ 'badaccess-group0' ],
530  [ 'namespaceprotected', 'User', 'bogus' ] ],
531  MediaWikiServices::getInstance()->getPermissionManager()
532  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
533 
534  $this->setTitle( NS_MEDIAWIKI );
535  $this->overrideUserPermissions( $this->user, 'bogus' );
536  $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
537  MediaWikiServices::getInstance()->getPermissionManager()
538  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
539 
540  $this->setTitle( NS_MEDIAWIKI );
541  $this->overrideUserPermissions( $this->user, 'bogus' );
542  $this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
543  MediaWikiServices::getInstance()->getPermissionManager()
544  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
545 
546  $wgNamespaceProtection = null;
547 
548  $this->overrideUserPermissions( $this->user, 'bogus' );
549  $this->assertEquals( [],
550  MediaWikiServices::getInstance()->getPermissionManager()
551  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
552  $this->assertEquals( true,
553  MediaWikiServices::getInstance()->getPermissionManager()
554  ->userCan( 'bogus', $this->user, $this->title ) );
555 
556  $this->overrideUserPermissions( $this->user, '' );
557  $this->assertEquals( [ [ 'badaccess-group0' ] ],
558  MediaWikiServices::getInstance()->getPermissionManager()
559  ->getPermissionErrors( 'bogus', $this->user, $this->title ) );
560  $this->assertEquals( false,
561  MediaWikiServices::getInstance()->getPermissionManager()
562  ->userCan( 'bogus', $this->user, $this->title ) );
563  }
564 
570  public function testJsConfigEditPermissions() {
571  $this->setUser( $this->userName );
572 
573  $this->setTitle( NS_USER, $this->userName . '/test.js' );
575  [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
576 
577  [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
578  [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
579  [ [ 'badaccess-group0' ] ],
580 
581  [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
582  [ [ 'badaccess-group0' ], [ 'mycustomjsprotected', 'bogus' ] ],
583  [ [ 'badaccess-group0' ] ],
584  [ [ 'badaccess-groups' ] ]
585  );
586  }
587 
593  public function testJsonConfigEditPermissions() {
594  $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
595  getFormattedNsText( NS_PROJECT );
596  $this->setUser( $this->userName );
597 
598  $this->setTitle( NS_USER, $this->userName . '/test.json' );
600  [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
601 
602  [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
603  [ [ 'badaccess-group0' ] ],
604  [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
605 
606  [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
607  [ [ 'badaccess-group0' ] ],
608  [ [ 'badaccess-group0' ], [ 'mycustomjsonprotected', 'bogus' ] ],
609  [ [ 'badaccess-groups' ] ]
610  );
611  }
612 
618  public function testCssConfigEditPermissions() {
619  $this->setUser( $this->userName );
620 
621  $this->setTitle( NS_USER, $this->userName . '/test.css' );
623  [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
624 
625  [ [ 'badaccess-group0' ] ],
626  [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
627  [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
628 
629  [ [ 'badaccess-group0' ] ],
630  [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
631  [ [ 'badaccess-group0' ], [ 'mycustomcssprotected', 'bogus' ] ],
632  [ [ 'badaccess-groups' ] ]
633  );
634  }
635 
642  $this->setUser( $this->userName );
643 
644  $this->setTitle( NS_USER, $this->altUserName . '/test.js' );
646  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
647 
648  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
649  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
650  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
651 
652  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
653  [ [ 'badaccess-group0' ], [ 'customjsprotected', 'bogus' ] ],
654  [ [ 'badaccess-group0' ] ],
655  [ [ 'badaccess-groups' ] ]
656  );
657  }
658 
665  $this->setUser( $this->userName );
666 
667  $this->setTitle( NS_USER, $this->altUserName . '/test.json' );
669  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
670 
671  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
672  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
673  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
674 
675  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
676  [ [ 'badaccess-group0' ] ],
677  [ [ 'badaccess-group0' ], [ 'customjsonprotected', 'bogus' ] ],
678  [ [ 'badaccess-groups' ] ]
679  );
680  }
681 
688  $this->setUser( $this->userName );
689 
690  $this->setTitle( NS_USER, $this->altUserName . '/test.css' );
692  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
693 
694  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
695  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
696  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
697 
698  [ [ 'badaccess-group0' ] ],
699  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
700  [ [ 'badaccess-group0' ], [ 'customcssprotected', 'bogus' ] ],
701  [ [ 'badaccess-groups' ] ]
702  );
703  }
704 
711  $this->setUser( $this->userName );
712 
713  $this->setTitle( NS_USER, $this->altUserName . '/tempo' );
715  [ [ 'badaccess-group0' ] ],
716 
717  [ [ 'badaccess-group0' ] ],
718  [ [ 'badaccess-group0' ] ],
719  [ [ 'badaccess-group0' ] ],
720 
721  [ [ 'badaccess-group0' ] ],
722  [ [ 'badaccess-group0' ] ],
723  [ [ 'badaccess-group0' ] ],
724  [ [ 'badaccess-groups' ] ]
725  );
726  }
727 
733  $this->setUser( 'anon' );
734  $this->setTitle( NS_USER, 'ToPatrolOrNotToPatrol' );
736  [ [ 'badaccess-group0' ] ],
737 
738  [ [ 'badaccess-group0' ] ],
739  [ [ 'badaccess-group0' ] ],
740  [ [ 'badaccess-group0' ] ],
741 
742  [ [ 'badaccess-group0' ] ],
743  [ [ 'badaccess-group0' ] ],
744  [ [ 'badaccess-group0' ] ],
745  [ [ 'badaccess-groups' ] ]
746  );
747  }
748 
749  protected function runConfigEditPermissions(
750  $resultNone,
751  $resultMyCss,
752  $resultMyJson,
753  $resultMyJs,
754  $resultUserCss,
755  $resultUserJson,
756  $resultUserJs,
757  $resultPatrol
758  ) {
759  $this->overrideUserPermissions( $this->user );
760  $result = MediaWikiServices::getInstance()->getPermissionManager()
761  ->getPermissionErrors( 'bogus', $this->user, $this->title );
762  $this->assertEquals( $resultNone, $result );
763 
764  $this->overrideUserPermissions( $this->user, 'editmyusercss' );
765  $result = MediaWikiServices::getInstance()->getPermissionManager()
766  ->getPermissionErrors( 'bogus', $this->user, $this->title );
767  $this->assertEquals( $resultMyCss, $result );
768 
769  $this->overrideUserPermissions( $this->user, 'editmyuserjson' );
770  $result = MediaWikiServices::getInstance()->getPermissionManager()
771  ->getPermissionErrors( 'bogus', $this->user, $this->title );
772  $this->assertEquals( $resultMyJson, $result );
773 
774  $this->overrideUserPermissions( $this->user, 'editmyuserjs' );
775  $result = MediaWikiServices::getInstance()->getPermissionManager()
776  ->getPermissionErrors( 'bogus', $this->user, $this->title );
777  $this->assertEquals( $resultMyJs, $result );
778 
779  $this->overrideUserPermissions( $this->user, 'editusercss' );
780  $result = MediaWikiServices::getInstance()->getPermissionManager()
781  ->getPermissionErrors( 'bogus', $this->user, $this->title );
782  $this->assertEquals( $resultUserCss, $result );
783 
784  $this->overrideUserPermissions( $this->user, 'edituserjson' );
785  $result = MediaWikiServices::getInstance()->getPermissionManager()
786  ->getPermissionErrors( 'bogus', $this->user, $this->title );
787  $this->assertEquals( $resultUserJson, $result );
788 
789  $this->overrideUserPermissions( $this->user, 'edituserjs' );
790  $result = MediaWikiServices::getInstance()->getPermissionManager()
791  ->getPermissionErrors( 'bogus', $this->user, $this->title );
792  $this->assertEquals( $resultUserJs, $result );
793 
794  $this->overrideUserPermissions( $this->user );
795  $result = MediaWikiServices::getInstance()->getPermissionManager()
796  ->getPermissionErrors( 'patrol', $this->user, $this->title );
797  $this->assertEquals( reset( $resultPatrol[0] ), reset( $result[0] ) );
798 
799  $this->overrideUserPermissions( $this->user, [ 'edituserjs', 'edituserjson', 'editusercss' ] );
800  $result = MediaWikiServices::getInstance()->getPermissionManager()
801  ->getPermissionErrors( 'bogus', $this->user, $this->title );
802  $this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
803  }
804 
814  public function testPageRestrictions() {
815  $prefix = MediaWikiServices::getInstance()->getContentLanguage()->
816  getFormattedNsText( NS_PROJECT );
817 
818  $this->setTitle( NS_MAIN );
819  $this->title->mRestrictionsLoaded = true;
820  $this->overrideUserPermissions( $this->user, "edit" );
821  $this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
822 
823  $this->assertEquals( [],
824  MediaWikiServices::getInstance()->getPermissionManager()
825  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
826 
827  $this->assertEquals( true,
828  MediaWikiServices::getInstance()->getPermissionManager()
829  ->userCan( 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
830 
831  $this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
832  "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
833 
834  $this->assertEquals( [ [ 'badaccess-group0' ],
835  [ 'protectedpagetext', 'bogus', 'bogus' ],
836  [ 'protectedpagetext', 'editprotected', 'bogus' ],
837  [ 'protectedpagetext', 'protect', 'bogus' ] ],
838  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
839  'bogus', $this->user, $this->title ) );
840  $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
841  [ 'protectedpagetext', 'editprotected', 'edit' ],
842  [ 'protectedpagetext', 'protect', 'edit' ] ],
843  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
844  'edit', $this->user, $this->title ) );
845  $this->overrideUserPermissions( $this->user );
846  $this->assertEquals( [ [ 'badaccess-group0' ],
847  [ 'protectedpagetext', 'bogus', 'bogus' ],
848  [ 'protectedpagetext', 'editprotected', 'bogus' ],
849  [ 'protectedpagetext', 'protect', 'bogus' ] ],
850  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
851  'bogus', $this->user, $this->title ) );
852  $this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
853  [ 'protectedpagetext', 'bogus', 'edit' ],
854  [ 'protectedpagetext', 'editprotected', 'edit' ],
855  [ 'protectedpagetext', 'protect', 'edit' ] ],
856  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
857  'edit', $this->user, $this->title ) );
858  $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
859  $this->assertEquals( [ [ 'badaccess-group0' ],
860  [ 'protectedpagetext', 'bogus', 'bogus' ],
861  [ 'protectedpagetext', 'protect', 'bogus' ] ],
862  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
863  'bogus', $this->user, $this->title ) );
864  $this->assertEquals( [
865  [ 'protectedpagetext', 'bogus', 'edit' ],
866  [ 'protectedpagetext', 'protect', 'edit' ] ],
867  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
868  'edit', $this->user, $this->title ) );
869 
870  $this->title->mCascadeRestriction = true;
871  $this->overrideUserPermissions( $this->user, "edit" );
872 
873  $this->assertEquals( false,
874  MediaWikiServices::getInstance()->getPermissionManager()
875  ->userCan( 'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
876 
877  $this->assertEquals( false,
878  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
879  'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
880 
881  $this->assertEquals( [ [ 'badaccess-group0' ],
882  [ 'protectedpagetext', 'bogus', 'bogus' ],
883  [ 'protectedpagetext', 'editprotected', 'bogus' ],
884  [ 'protectedpagetext', 'protect', 'bogus' ] ],
885  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
886  'bogus', $this->user, $this->title ) );
887  $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
888  [ 'protectedpagetext', 'editprotected', 'edit' ],
889  [ 'protectedpagetext', 'protect', 'edit' ] ],
890  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
891  'edit', $this->user, $this->title ) );
892 
893  $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
894  $this->assertEquals( false,
895  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
896  'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
897 
898  $this->assertEquals( false,
899  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
900  'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
901 
902  $this->assertEquals( [ [ 'badaccess-group0' ],
903  [ 'protectedpagetext', 'bogus', 'bogus' ],
904  [ 'protectedpagetext', 'protect', 'bogus' ],
905  [ 'protectedpagetext', 'protect', 'bogus' ] ],
906  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
907  'bogus', $this->user, $this->title ) );
908  $this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
909  [ 'protectedpagetext', 'protect', 'edit' ],
910  [ 'protectedpagetext', 'protect', 'edit' ] ],
911  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
912  'edit', $this->user, $this->title ) );
913  }
914 
919  $this->setTitle( NS_MAIN, "test page" );
920  $this->overrideUserPermissions( $this->user, [ "edit", "bogus" ] );
921 
922  $this->title->mCascadeSources = [
923  Title::makeTitle( NS_MAIN, "Bogus" ),
924  Title::makeTitle( NS_MAIN, "UnBogus" )
925  ];
926  $this->title->mCascadingRestrictions = [
927  "bogus" => [ 'bogus', "sysop", "protect", "" ]
928  ];
929 
930  $this->assertEquals( false,
931  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
932  'bogus', $this->user, $this->title ) );
933  $this->assertEquals( [
934  [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
935  [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
936  [ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
937  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
938  'bogus', $this->user, $this->title ) );
939 
940  $this->assertEquals( true,
941  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
942  'edit', $this->user, $this->title ) );
943  $this->assertEquals( [],
944  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
945  'edit', $this->user, $this->title ) );
946  }
947 
953  public function testActionPermissions() {
954  $this->overrideUserPermissions( $this->user, [ "createpage" ] );
955  $this->setTitle( NS_MAIN, "test page" );
956  $this->title->mTitleProtection['permission'] = '';
957  $this->title->mTitleProtection['user'] = $this->user->getId();
958  $this->title->mTitleProtection['expiry'] = 'infinity';
959  $this->title->mTitleProtection['reason'] = 'test';
960  $this->title->mCascadeRestriction = false;
961 
962  $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
963  MediaWikiServices::getInstance()->getPermissionManager()
964  ->getPermissionErrors( 'create', $this->user, $this->title ) );
965  $this->assertEquals( false,
966  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
967  'create', $this->user, $this->title ) );
968 
969  $this->title->mTitleProtection['permission'] = 'editprotected';
970  $this->overrideUserPermissions( $this->user, [ 'createpage', 'protect' ] );
971  $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
972  MediaWikiServices::getInstance()->getPermissionManager()
973  ->getPermissionErrors( 'create', $this->user, $this->title ) );
974  $this->assertEquals( false,
975  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
976  'create', $this->user, $this->title ) );
977 
978  $this->overrideUserPermissions( $this->user, [ 'createpage', 'editprotected' ] );
979  $this->assertEquals( [],
980  MediaWikiServices::getInstance()->getPermissionManager()
981  ->getPermissionErrors( 'create', $this->user, $this->title ) );
982  $this->assertEquals( true,
983  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
984  'create', $this->user, $this->title ) );
985 
986  $this->overrideUserPermissions( $this->user, [ 'createpage' ] );
987  $this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
988  MediaWikiServices::getInstance()->getPermissionManager()
989  ->getPermissionErrors( 'create', $this->user, $this->title ) );
990  $this->assertEquals( false,
991  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
992  'create', $this->user, $this->title ) );
993 
994  $this->setTitle( NS_MEDIA, "test page" );
995  $this->overrideUserPermissions( $this->user, [ "move" ] );
996  $this->assertEquals( false,
997  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
998  'move', $this->user, $this->title ) );
999  $this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
1000  MediaWikiServices::getInstance()->getPermissionManager()
1001  ->getPermissionErrors( 'move', $this->user, $this->title ) );
1002 
1003  $this->setTitle( NS_HELP, "test page" );
1004  $this->assertEquals( [],
1005  MediaWikiServices::getInstance()->getPermissionManager()
1006  ->getPermissionErrors( 'move', $this->user, $this->title ) );
1007  $this->assertEquals( true,
1008  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
1009  'move', $this->user, $this->title ) );
1010 
1011  $this->title->mInterwiki = "no";
1012  $this->assertEquals( [ [ 'immobile-source-page' ] ],
1013  MediaWikiServices::getInstance()->getPermissionManager()
1014  ->getPermissionErrors( 'move', $this->user, $this->title ) );
1015  $this->assertEquals( false,
1016  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
1017  'move', $this->user, $this->title ) );
1018 
1019  $this->setTitle( NS_MEDIA, "test page" );
1020  $this->assertEquals( false,
1021  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
1022  'move-target', $this->user, $this->title ) );
1023  $this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
1024  MediaWikiServices::getInstance()->getPermissionManager()
1025  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1026 
1027  $this->setTitle( NS_HELP, "test page" );
1028  $this->assertEquals( [],
1029  MediaWikiServices::getInstance()->getPermissionManager()
1030  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1031  $this->assertEquals( true,
1032  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
1033  'move-target', $this->user, $this->title ) );
1034 
1035  $this->title->mInterwiki = "no";
1036  $this->assertEquals( [ [ 'immobile-target-page' ] ],
1037  MediaWikiServices::getInstance()->getPermissionManager()
1038  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1039  $this->assertEquals( false,
1040  MediaWikiServices::getInstance()->getPermissionManager()->userCan(
1041  'move-target', $this->user, $this->title ) );
1042  }
1043 
1047  public function testUserBlock() {
1048  $this->setMwGlobals( [
1049  'wgEmailConfirmToEdit' => true,
1050  'wgEmailAuthentication' => true,
1051  'wgBlockDisablesLogin' => false,
1052  ] );
1053 
1054  $this->overrideUserPermissions( $this->user, [
1055  'createpage',
1056  'edit',
1057  'move',
1058  'rollback',
1059  'patrol',
1060  'upload',
1061  'purge'
1062  ] );
1063  $this->setTitle( NS_HELP, "test page" );
1064 
1065  # $wgEmailConfirmToEdit only applies to 'edit' action
1066  $this->assertEquals( [],
1067  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
1068  'move-target', $this->user, $this->title ) );
1069  $this->assertContains( [ 'confirmedittext' ],
1070  MediaWikiServices::getInstance()->getPermissionManager()
1071  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1072 
1073  $this->setMwGlobals( 'wgEmailConfirmToEdit', false );
1074  $this->resetServices();
1075  $this->overrideUserPermissions( $this->user, [
1076  'createpage',
1077  'edit',
1078  'move',
1079  'rollback',
1080  'patrol',
1081  'upload',
1082  'purge'
1083  ] );
1084 
1085  $this->assertNotContains( [ 'confirmedittext' ],
1086  MediaWikiServices::getInstance()->getPermissionManager()
1087  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1088 
1089  # $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
1090  $this->assertEquals( [],
1091  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
1092  'move-target', $this->user, $this->title ) );
1093 
1094  global $wgLang;
1095  $prev = time();
1096  $now = time() + 120;
1097  $this->user->mBlockedby = $this->user->getId();
1098  $this->user->mBlock = new DatabaseBlock( [
1099  'address' => '127.0.8.1',
1100  'by' => $this->user->getId(),
1101  'reason' => 'no reason given',
1102  'timestamp' => $prev + 3600,
1103  'auto' => true,
1104  'expiry' => 0
1105  ] );
1106  $this->user->mBlock->mTimestamp = 0;
1107  $this->assertEquals( [ [ 'autoblockedtext',
1108  "[[User:Useruser|\u{202A}Useruser\u{202C}]]", 'no reason given', '127.0.0.1',
1109  "\u{202A}Useruser\u{202C}", null, 'infinite', '127.0.8.1',
1110  $wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
1111  MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
1112  'move-target', $this->user, $this->title ) );
1113 
1114  $this->assertEquals( false, MediaWikiServices::getInstance()->getPermissionManager()
1115  ->userCan( 'move-target', $this->user, $this->title ) );
1116  // quickUserCan should ignore user blocks
1117  $this->assertEquals( true, MediaWikiServices::getInstance()->getPermissionManager()
1118  ->userCan( 'move-target', $this->user, $this->title,
1119  PermissionManager::RIGOR_QUICK ) );
1120 
1121  global $wgLocalTZoffset;
1122  $wgLocalTZoffset = -60;
1123  $this->user->mBlockedby = $this->user->getName();
1124  $this->user->mBlock = new DatabaseBlock( [
1125  'address' => '127.0.8.1',
1126  'by' => $this->user->getId(),
1127  'reason' => 'no reason given',
1128  'timestamp' => $now,
1129  'auto' => false,
1130  'expiry' => 10,
1131  ] );
1132  $this->assertEquals( [ [ 'blockedtext',
1133  "[[User:Useruser|\u{202A}Useruser\u{202C}]]", 'no reason given', '127.0.0.1',
1134  "\u{202A}Useruser\u{202C}", null, '23:00, 31 December 1969', '127.0.8.1',
1135  $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
1136  MediaWikiServices::getInstance()->getPermissionManager()
1137  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1138  # $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
1139  # $user->blockedFor() == ''
1140  # $user->mBlock->mExpiry == 'infinity'
1141 
1142  $this->user->mBlockedby = $this->user->getName();
1143  $this->user->mBlock = new SystemBlock( [
1144  'address' => '127.0.8.1',
1145  'by' => $this->user->getId(),
1146  'reason' => 'no reason given',
1147  'timestamp' => $now,
1148  'auto' => false,
1149  'systemBlock' => 'test',
1150  ] );
1151 
1152  $errors = [ [ 'systemblockedtext',
1153  "[[User:Useruser|\u{202A}Useruser\u{202C}]]", 'no reason given', '127.0.0.1',
1154  "\u{202A}Useruser\u{202C}", 'test', 'infinite', '127.0.8.1',
1155  $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
1156 
1157  $this->assertEquals( $errors,
1158  MediaWikiServices::getInstance()->getPermissionManager()
1159  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1160  $this->assertEquals( $errors,
1161  MediaWikiServices::getInstance()->getPermissionManager()
1162  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1163  $this->assertEquals( $errors,
1164  MediaWikiServices::getInstance()->getPermissionManager()
1165  ->getPermissionErrors( 'rollback', $this->user, $this->title ) );
1166  $this->assertEquals( $errors,
1167  MediaWikiServices::getInstance()->getPermissionManager()
1168  ->getPermissionErrors( 'patrol', $this->user, $this->title ) );
1169  $this->assertEquals( $errors,
1170  MediaWikiServices::getInstance()->getPermissionManager()
1171  ->getPermissionErrors( 'upload', $this->user, $this->title ) );
1172  $this->assertEquals( [],
1173  MediaWikiServices::getInstance()->getPermissionManager()
1174  ->getPermissionErrors( 'purge', $this->user, $this->title ) );
1175 
1176  // partial block message test
1177  $this->user->mBlockedby = $this->user->getName();
1178  $this->user->mBlock = new DatabaseBlock( [
1179  'address' => '127.0.8.1',
1180  'by' => $this->user->getId(),
1181  'reason' => 'no reason given',
1182  'timestamp' => $now,
1183  'sitewide' => false,
1184  'expiry' => 10,
1185  ] );
1186 
1187  $this->assertEquals( [],
1188  MediaWikiServices::getInstance()->getPermissionManager()
1189  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1190  $this->assertEquals( [],
1191  MediaWikiServices::getInstance()->getPermissionManager()
1192  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1193  $this->assertEquals( [],
1194  MediaWikiServices::getInstance()->getPermissionManager()
1195  ->getPermissionErrors( 'rollback', $this->user, $this->title ) );
1196  $this->assertEquals( [],
1197  MediaWikiServices::getInstance()->getPermissionManager()
1198  ->getPermissionErrors( 'patrol', $this->user, $this->title ) );
1199  $this->assertEquals( [],
1200  MediaWikiServices::getInstance()->getPermissionManager()
1201  ->getPermissionErrors( 'upload', $this->user, $this->title ) );
1202  $this->assertEquals( [],
1203  MediaWikiServices::getInstance()->getPermissionManager()
1204  ->getPermissionErrors( 'purge', $this->user, $this->title ) );
1205 
1206  $this->user->mBlock->setRestrictions( [
1207  ( new PageRestriction( 0, $this->title->getArticleID() ) )->setTitle( $this->title ),
1208  ] );
1209 
1210  $errors = [ [ 'blockedtext-partial',
1211  "[[User:Useruser|\u{202A}Useruser\u{202C}]]", 'no reason given', '127.0.0.1',
1212  "\u{202A}Useruser\u{202C}", null, '23:00, 31 December 1969', '127.0.8.1',
1213  $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
1214 
1215  $this->assertEquals( $errors,
1216  MediaWikiServices::getInstance()->getPermissionManager()
1217  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1218  $this->assertEquals( $errors,
1219  MediaWikiServices::getInstance()->getPermissionManager()
1220  ->getPermissionErrors( 'move-target', $this->user, $this->title ) );
1221  $this->assertEquals( $errors,
1222  MediaWikiServices::getInstance()->getPermissionManager()
1223  ->getPermissionErrors( 'rollback', $this->user, $this->title ) );
1224  $this->assertEquals( $errors,
1225  MediaWikiServices::getInstance()->getPermissionManager()
1226  ->getPermissionErrors( 'patrol', $this->user, $this->title ) );
1227  $this->assertEquals( [],
1228  MediaWikiServices::getInstance()->getPermissionManager()
1229  ->getPermissionErrors( 'upload', $this->user, $this->title ) );
1230  $this->assertEquals( [],
1231  MediaWikiServices::getInstance()->getPermissionManager()
1232  ->getPermissionErrors( 'purge', $this->user, $this->title ) );
1233 
1234  // Test no block.
1235  $this->user->mBlockedby = null;
1236  $this->user->mBlock = null;
1237 
1238  $this->assertEquals( [],
1239  MediaWikiServices::getInstance()->getPermissionManager()
1240  ->getPermissionErrors( 'edit', $this->user, $this->title ) );
1241  }
1242 
1249  public function testUserBlockAction() {
1250  global $wgLang;
1251 
1252  $tester = $this->getMockBuilder( Action::class )
1253  ->disableOriginalConstructor()
1254  ->getMock();
1255  $tester->method( 'getName' )
1256  ->willReturn( 'tester' );
1257  $tester->method( 'getRestriction' )
1258  ->willReturn( 'test' );
1259  $tester->method( 'requiresUnblock' )
1260  ->willReturn( false );
1261 
1262  $this->setMwGlobals( [
1263  'wgActions' => [
1264  'tester' => $tester,
1265  ],
1266  'wgGroupPermissions' => [
1267  '*' => [
1268  'tester' => true,
1269  ],
1270  ],
1271  ] );
1272 
1273  $now = time();
1274  $this->user->mBlockedby = $this->user->getName();
1275  $this->user->mBlock = new DatabaseBlock( [
1276  'address' => '127.0.8.1',
1277  'by' => $this->user->getId(),
1278  'reason' => 'no reason given',
1279  'timestamp' => $now,
1280  'auto' => false,
1281  'expiry' => 'infinity',
1282  ] );
1283 
1284  $errors = [ [ 'blockedtext',
1285  "[[User:Useruser|\u{202A}Useruser\u{202C}]]", 'no reason given', '127.0.0.1',
1286  "\u{202A}Useruser\u{202C}", null, 'infinite', '127.0.8.1',
1287  $wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
1288 
1289  $this->assertEquals( $errors,
1290  MediaWikiServices::getInstance()->getPermissionManager()
1291  ->getPermissionErrors( 'tester', $this->user, $this->title ) );
1292  }
1293 
1297  public function testBlockInstanceCache() {
1298  // First, check the user isn't blocked
1299  $user = $this->getMutableTestUser()->getUser();
1301  $this->assertNull( $user->getBlock( false ), 'sanity check' );
1302  //$this->assertSame( '', $user->blockedBy(), 'sanity check' );
1303  //$this->assertSame( '', $user->blockedFor(), 'sanity check' );
1304  //$this->assertFalse( (bool)$user->isHidden(), 'sanity check' );
1305  $this->assertFalse( MediaWikiServices::getInstance()->getPermissionManager()
1306  ->isBlockedFrom( $user, $ut ), 'sanity check' );
1307 
1308  // Block the user
1309  $blocker = $this->getTestSysop()->getUser();
1310  $block = new DatabaseBlock( [
1311  'hideName' => true,
1312  'allowUsertalk' => false,
1313  'reason' => 'Because',
1314  ] );
1315  $block->setTarget( $user );
1316  $block->setBlocker( $blocker );
1317  $res = $block->insert();
1318  $this->assertTrue( (bool)$res['id'], 'sanity check: Failed to insert block' );
1319 
1320  // Clear cache and confirm it loaded the block properly
1322  $this->assertInstanceOf( DatabaseBlock::class, $user->getBlock( false ) );
1323  //$this->assertSame( $blocker->getName(), $user->blockedBy() );
1324  //$this->assertSame( 'Because', $user->blockedFor() );
1325  //$this->assertTrue( (bool)$user->isHidden() );
1326  $this->assertTrue( MediaWikiServices::getInstance()->getPermissionManager()
1327  ->isBlockedFrom( $user, $ut ) );
1328 
1329  // Unblock
1330  $block->delete();
1331 
1332  // Clear cache and confirm it loaded the not-blocked properly
1334  $this->assertNull( $user->getBlock( false ) );
1335  //$this->assertSame( '', $user->blockedBy() );
1336  //$this->assertSame( '', $user->blockedFor() );
1337  //$this->assertFalse( (bool)$user->isHidden() );
1338  $this->assertFalse( MediaWikiServices::getInstance()->getPermissionManager()
1339  ->isBlockedFrom( $user, $ut ) );
1340  }
1341 
1352  public function testIsBlockedFrom( $title, $expect, array $options = [] ) {
1353  $this->setMwGlobals( [
1354  'wgBlockAllowsUTEdit' => $options['blockAllowsUTEdit'] ?? true,
1355  ] );
1356 
1357  $user = $this->getTestUser()->getUser();
1358 
1359  if ( $title === self::USER_TALK_PAGE ) {
1360  $title = $user->getTalkPage();
1361  } else {
1363  }
1364 
1365  $restrictions = [];
1366  foreach ( $options['pageRestrictions'] ?? [] as $pagestr ) {
1367  $page = $this->getExistingTestPage(
1368  $pagestr === self::USER_TALK_PAGE ? $user->getTalkPage() : $pagestr
1369  );
1370  $restrictions[] = new PageRestriction( 0, $page->getId() );
1371  }
1372  foreach ( $options['namespaceRestrictions'] ?? [] as $ns ) {
1373  $restrictions[] = new NamespaceRestriction( 0, $ns );
1374  }
1375 
1376  $block = new DatabaseBlock( [
1377  'expiry' => wfTimestamp( TS_MW, wfTimestamp() + ( 40 * 60 * 60 ) ),
1378  'allowUsertalk' => $options['allowUsertalk'] ?? false,
1379  'sitewide' => !$restrictions,
1380  ] );
1381  $block->setTarget( $user );
1382  $block->setBlocker( $this->getTestSysop()->getUser() );
1383  if ( $restrictions ) {
1384  $block->setRestrictions( $restrictions );
1385  }
1386  $block->insert();
1387 
1388  try {
1389  $this->assertSame( $expect, MediaWikiServices::getInstance()->getPermissionManager()
1390  ->isBlockedFrom( $user, $title ) );
1391  } finally {
1392  $block->delete();
1393  }
1394  }
1395 
1396  public static function provideIsBlockedFrom() {
1397  return [
1398  'Sitewide block, basic operation' => [ 'Test page', true ],
1399  'Sitewide block, not allowing user talk' => [
1400  self::USER_TALK_PAGE, true, [
1401  'allowUsertalk' => false,
1402  ]
1403  ],
1404  'Sitewide block, allowing user talk' => [
1405  self::USER_TALK_PAGE, false, [
1406  'allowUsertalk' => true,
1407  ]
1408  ],
1409  'Sitewide block, allowing user talk but $wgBlockAllowsUTEdit is false' => [
1410  self::USER_TALK_PAGE, true, [
1411  'allowUsertalk' => true,
1412  'blockAllowsUTEdit' => false,
1413  ]
1414  ],
1415  'Partial block, blocking the page' => [
1416  'Test page', true, [
1417  'pageRestrictions' => [ 'Test page' ],
1418  ]
1419  ],
1420  'Partial block, not blocking the page' => [
1421  'Test page 2', false, [
1422  'pageRestrictions' => [ 'Test page' ],
1423  ]
1424  ],
1425  'Partial block, not allowing user talk but user talk page is not blocked' => [
1426  self::USER_TALK_PAGE, false, [
1427  'allowUsertalk' => false,
1428  'pageRestrictions' => [ 'Test page' ],
1429  ]
1430  ],
1431  'Partial block, allowing user talk but user talk page is blocked' => [
1432  self::USER_TALK_PAGE, true, [
1433  'allowUsertalk' => true,
1434  'pageRestrictions' => [ self::USER_TALK_PAGE ],
1435  ]
1436  ],
1437  'Partial block, user talk page is not blocked but $wgBlockAllowsUTEdit is false' => [
1438  self::USER_TALK_PAGE, false, [
1439  'allowUsertalk' => false,
1440  'pageRestrictions' => [ 'Test page' ],
1441  'blockAllowsUTEdit' => false,
1442  ]
1443  ],
1444  'Partial block, user talk page is blocked and $wgBlockAllowsUTEdit is false' => [
1445  self::USER_TALK_PAGE, true, [
1446  'allowUsertalk' => true,
1447  'pageRestrictions' => [ self::USER_TALK_PAGE ],
1448  'blockAllowsUTEdit' => false,
1449  ]
1450  ],
1451  'Partial user talk namespace block, not allowing user talk' => [
1452  self::USER_TALK_PAGE, true, [
1453  'allowUsertalk' => false,
1454  'namespaceRestrictions' => [ NS_USER_TALK ],
1455  ]
1456  ],
1457  'Partial user talk namespace block, allowing user talk' => [
1458  self::USER_TALK_PAGE, false, [
1459  'allowUsertalk' => true,
1460  'namespaceRestrictions' => [ NS_USER_TALK ],
1461  ]
1462  ],
1463  'Partial user talk namespace block, where $wgBlockAllowsUTEdit is false' => [
1464  self::USER_TALK_PAGE, true, [
1465  'allowUsertalk' => true,
1466  'namespaceRestrictions' => [ NS_USER_TALK ],
1467  'blockAllowsUTEdit' => false,
1468  ]
1469  ],
1470  ];
1471  }
1472 
1476  public function testGetUserPermissions() {
1477  $user = $this->getTestUser( [ 'unittesters' ] )->getUser();
1478  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1479  ->getUserPermissions( $user );
1480  $this->assertContains( 'runtest', $rights );
1481  $this->assertNotContains( 'writetest', $rights );
1482  $this->assertNotContains( 'modifytest', $rights );
1483  $this->assertNotContains( 'nukeworld', $rights );
1484  }
1485 
1489  public function testGetUserPermissionsHooks() {
1490  $user = $this->getTestUser( [ 'unittesters', 'testwriters' ] )->getUser();
1491  $userWrapper = TestingAccessWrapper::newFromObject( $user );
1492 
1493  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1494  ->getUserPermissions( $user );
1495  $this->assertContains( 'test', $rights, 'sanity check' );
1496  $this->assertContains( 'runtest', $rights, 'sanity check' );
1497  $this->assertContains( 'writetest', $rights, 'sanity check' );
1498  $this->assertNotContains( 'nukeworld', $rights, 'sanity check' );
1499 
1500  // Add a hook manipluating the rights
1501  $this->mergeMwGlobalArrayValue( 'wgHooks', [ 'UserGetRights' => [ function ( $user, &$rights ) {
1502  $rights[] = 'nukeworld';
1503  $rights = array_diff( $rights, [ 'writetest' ] );
1504  } ] ] );
1505 
1506  $this->resetServices();
1507  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1508  ->getUserPermissions( $user );
1509  $this->assertContains( 'test', $rights );
1510  $this->assertContains( 'runtest', $rights );
1511  $this->assertNotContains( 'writetest', $rights );
1512  $this->assertContains( 'nukeworld', $rights );
1513 
1514  // Add a Session that limits rights
1515  $mock = $this->getMockBuilder( stdClass::class )
1516  ->setMethods( [ 'getAllowedUserRights', 'deregisterSession', 'getSessionId' ] )
1517  ->getMock();
1518  $mock->method( 'getAllowedUserRights' )->willReturn( [ 'test', 'writetest' ] );
1519  $mock->method( 'getSessionId' )->willReturn(
1520  new SessionId( str_repeat( 'X', 32 ) )
1521  );
1522  $session = TestUtils::getDummySession( $mock );
1523  $mockRequest = $this->getMockBuilder( FauxRequest::class )
1524  ->setMethods( [ 'getSession' ] )
1525  ->getMock();
1526  $mockRequest->method( 'getSession' )->willReturn( $session );
1527  $userWrapper->mRequest = $mockRequest;
1528 
1529  $this->resetServices();
1530  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1531  ->getUserPermissions( $user );
1532  $this->assertContains( 'test', $rights );
1533  $this->assertNotContains( 'runtest', $rights );
1534  $this->assertNotContains( 'writetest', $rights );
1535  $this->assertNotContains( 'nukeworld', $rights );
1536  }
1537 
1541  public function testGroupPermissions() {
1542  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1543  ->getGroupPermissions( [ 'unittesters' ] );
1544  $this->assertContains( 'runtest', $rights );
1545  $this->assertNotContains( 'writetest', $rights );
1546  $this->assertNotContains( 'modifytest', $rights );
1547  $this->assertNotContains( 'nukeworld', $rights );
1548 
1549  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1550  ->getGroupPermissions( [ 'unittesters', 'testwriters' ] );
1551  $this->assertContains( 'runtest', $rights );
1552  $this->assertContains( 'writetest', $rights );
1553  $this->assertContains( 'modifytest', $rights );
1554  $this->assertNotContains( 'nukeworld', $rights );
1555  }
1556 
1560  public function testRevokePermissions() {
1561  $rights = MediaWikiServices::getInstance()->getPermissionManager()
1562  ->getGroupPermissions( [ 'unittesters', 'formertesters' ] );
1563  $this->assertNotContains( 'runtest', $rights );
1564  $this->assertNotContains( 'writetest', $rights );
1565  $this->assertNotContains( 'modifytest', $rights );
1566  $this->assertNotContains( 'nukeworld', $rights );
1567  }
1568 
1573  public function testGetGroupsWithPermission( $expected, $right ) {
1574  $result = MediaWikiServices::getInstance()->getPermissionManager()
1575  ->getGroupsWithPermission( $right );
1576  sort( $result );
1577  sort( $expected );
1578 
1579  $this->assertEquals( $expected, $result, "Groups with permission $right" );
1580  }
1581 
1582  public static function provideGetGroupsWithPermission() {
1583  return [
1584  [
1585  [ 'unittesters', 'testwriters' ],
1586  'test'
1587  ],
1588  [
1589  [ 'unittesters' ],
1590  'runtest'
1591  ],
1592  [
1593  [ 'testwriters' ],
1594  'writetest'
1595  ],
1596  [
1597  [ 'testwriters' ],
1598  'modifytest'
1599  ],
1600  ];
1601  }
1602 
1606  public function testUserHasRight() {
1607  $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
1608  $this->getTestUser( 'unittesters' )->getUser(),
1609  'test'
1610  );
1611  $this->assertTrue( $result );
1612 
1613  $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
1614  $this->getTestUser( 'formertesters' )->getUser(),
1615  'runtest'
1616  );
1617  $this->assertFalse( $result );
1618 
1619  $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
1620  $this->getTestUser( 'formertesters' )->getUser(),
1621  ''
1622  );
1623  $this->assertTrue( $result );
1624  }
1625 
1629  public function testGroupHasPermission() {
1630  $result = MediaWikiServices::getInstance()->getPermissionManager()->groupHasPermission(
1631  'unittesters',
1632  'test'
1633  );
1634  $this->assertTrue( $result );
1635 
1636  $result = MediaWikiServices::getInstance()->getPermissionManager()->groupHasPermission(
1637  'formertesters',
1638  'runtest'
1639  );
1640  $this->assertFalse( $result );
1641  }
1642 
1646  public function testIsEveryoneAllowed() {
1647  $result = MediaWikiServices::getInstance()->getPermissionManager()
1648  ->isEveryoneAllowed( 'editmyoptions' );
1649  $this->assertTrue( $result );
1650 
1651  $result = MediaWikiServices::getInstance()->getPermissionManager()
1652  ->isEveryoneAllowed( 'test' );
1653  $this->assertFalse( $result );
1654  }
1655 
1656 }
testGroupPermissions()
\MediaWiki\Permissions\PermissionManager::getGroupPermissions
clearInstanceCache( $reloadFrom=false)
Clear various cached data stored in this object.
Definition: User.php:1641
const NS_MAIN
Definition: Defines.php:60
processing should stop and the error should be shown to the user * false
Definition: hooks.txt:187
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
getBlock( $fromReplica=true)
Get the block affecting the user, or null if the user is not blocked.
Definition: User.php:2089
testIsEveryoneAllowed()
\MediaWiki\Permissions\PermissionManager::isEveryoneAllowed
const NS_SPECIAL
Definition: Defines.php:49
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency MediaWikiServices
Definition: injection.txt:23
string $action
Cache what action this request is.
Definition: MediaWiki.php:48
A DatabaseBlock (unlike a SystemBlock) is stored in the database, may give rise to autoblocks and may...
testGetUserPermissions()
\MediaWiki\Permissions\PermissionManager::getUserPermissions
static getInstance()
Returns the global default instance of the top level service locator.
title
getName()
Get the user name, or the IP of an anonymous user.
Definition: User.php:2251
The index of the header message $result[1]=The index of the body text message $result[2 through n]=Parameters passed to body text message. Please note the header message cannot receive/use parameters. 'ImgAuthModifyHeaders':Executed just before a file is streamed to a user via img_auth.php, allowing headers to be modified beforehand. $title:LinkTarget object & $headers:HTTP headers(name=> value, names are case insensitive). Two headers get special handling:If-Modified-Since(value must be a valid HTTP date) and Range(must be of the form "bytes=(\*-\*)") will be honored when streaming the file. 'ImportHandleLogItemXMLTag':When parsing a XML tag in a log item. Return false to stop further processing of the tag $reader:XMLReader object $logInfo:Array of information 'ImportHandlePageXMLTag':When parsing a XML tag in a page. Return false to stop further processing of the tag $reader:XMLReader object & $pageInfo:Array of information 'ImportHandleRevisionXMLTag':When parsing a XML tag in a page revision. Return false to stop further processing of the tag $reader:XMLReader object $pageInfo:Array of page information $revisionInfo:Array of revision information 'ImportHandleToplevelXMLTag':When parsing a top level XML tag. Return false to stop further processing of the tag $reader:XMLReader object 'ImportHandleUnknownUser':When a user doesn 't exist locally, this hook is called to give extensions an opportunity to auto-create it. If the auto-creation is successful, return false. $name:User name 'ImportHandleUploadXMLTag':When parsing a XML tag in a file upload. Return false to stop further processing of the tag $reader:XMLReader object $revisionInfo:Array of information 'ImportLogInterwikiLink':Hook to change the interwiki link used in log entries and edit summaries for transwiki imports. & $fullInterwikiPrefix:Interwiki prefix, may contain colons. & $pageTitle:String that contains page title. 'ImportSources':Called when reading from the $wgImportSources configuration variable. Can be used to lazy-load the import sources list. & $importSources:The value of $wgImportSources. Modify as necessary. See the comment in DefaultSettings.php for the detail of how to structure this array. 'InfoAction':When building information to display on the action=info page. $context:IContextSource object & $pageInfo:Array of information 'InitializeArticleMaybeRedirect':MediaWiki check to see if title is a redirect. & $title:Title object for the current page & $request:WebRequest & $ignoreRedirect:boolean to skip redirect check & $target:Title/string of redirect target & $article:Article object 'InternalParseBeforeLinks':during Parser 's internalParse method before links but after nowiki/noinclude/includeonly/onlyinclude and other processings. & $parser:Parser object & $text:string containing partially parsed text & $stripState:Parser 's internal StripState object 'InternalParseBeforeSanitize':during Parser 's internalParse method just before the parser removes unwanted/dangerous HTML tags and after nowiki/noinclude/includeonly/onlyinclude and other processings. Ideal for syntax-extensions after template/parser function execution which respect nowiki and HTML-comments. & $parser:Parser object & $text:string containing partially parsed text & $stripState:Parser 's internal StripState object 'InterwikiLoadPrefix':When resolving if a given prefix is an interwiki or not. Return true without providing an interwiki to continue interwiki search. $prefix:interwiki prefix we are looking for. & $iwData:output array describing the interwiki with keys iw_url, iw_local, iw_trans and optionally iw_api and iw_wikiid. 'InvalidateEmailComplete':Called after a user 's email has been invalidated successfully. $user:user(object) whose email is being invalidated 'IRCLineURL':When constructing the URL to use in an IRC notification. Callee may modify $url and $query, URL will be constructed as $url . $query & $url:URL to index.php & $query:Query string $rc:RecentChange object that triggered url generation 'IsFileCacheable':Override the result of Article::isFileCacheable()(if true) & $article:article(object) being checked 'IsTrustedProxy':Override the result of IP::isTrustedProxy() & $ip:IP being check & $result:Change this value to override the result of IP::isTrustedProxy() 'IsUploadAllowedFromUrl':Override the result of UploadFromUrl::isAllowedUrl() $url:URL used to upload from & $allowed:Boolean indicating if uploading is allowed for given URL 'isValidEmailAddr':Override the result of Sanitizer::validateEmail(), for instance to return false if the domain name doesn 't match your organization. $addr:The e-mail address entered by the user & $result:Set this and return false to override the internal checks 'isValidPassword':Override the result of User::isValidPassword() $password:The password entered by the user & $result:Set this and return false to override the internal checks $user:User the password is being validated for 'Language::getMessagesFileName':$code:The language code or the language we 're looking for a messages file for & $file:The messages file path, you can override this to change the location. 'LanguageGetNamespaces':Provide custom ordering for namespaces or remove namespaces. Do not use this hook to add namespaces. Use CanonicalNamespaces for that. & $namespaces:Array of namespaces indexed by their numbers 'LanguageGetTranslatedLanguageNames':Provide translated language names. & $names:array of language code=> language name $code:language of the preferred translations 'LanguageLinks':Manipulate a page 's language links. This is called in various places to allow extensions to define the effective language links for a page. $title:The page 's Title. & $links:Array with elements of the form "language:title" in the order that they will be output. & $linkFlags:Associative array mapping prefixed links to arrays of flags. Currently unused, but planned to provide support for marking individual language links in the UI, e.g. for featured articles. 'LanguageSelector':Hook to change the language selector available on a page. $out:The output page. $cssClassName:CSS class name of the language selector. 'LinkBegin':DEPRECATED since 1.28! Use HtmlPageLinkRendererBegin instead. Used when generating internal and interwiki links in Linker::link(), before processing starts. Return false to skip default processing and return $ret. See documentation for Linker::link() for details on the expected meanings of parameters. $skin:the Skin object $target:the Title that the link is pointing to & $html:the contents that the< a > tag should have(raw HTML) $result
Definition: hooks.txt:1969
$wgGroupPermissions
Permission keys given to users in each group.
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:51
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1971
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
runConfigEditPermissions( $resultNone, $resultMyCss, $resultMyJson, $resultMyJs, $resultUserCss, $resultUserJson, $resultUserJs, $resultPatrol)
const NS_PROJECT
Definition: Defines.php:64
$wgLang
Definition: Setup.php:931
testRevokePermissions()
\MediaWiki\Permissions\PermissionManager::getGroupPermissions
const USER_TALK_PAGE
Constant for self::testIsBlockedFrom.
runGroupPermissions( $perm, $action, $result, $result2=null)
const NS_MEDIA
Definition: Defines.php:48
$res
Definition: database.txt:21
System blocks are temporary blocks that are created on enforcement (e.g.
Definition: SystemBlock.php:35
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such and we might be restricted by PHP settings such as safe mode or open_basedir We cannot assume that the software even has read access anywhere useful Many shared hosts run all users web applications under the same user
Wikitext formatted, in the key only.
Definition: distributors.txt:9
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition: hooks.txt:1971
static resetMain()
Resets singleton returned by getMain().
testUserBlock()
\MediaWiki\Permissions\PermissionManager::checkUserBlock
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
Definition: hooks.txt:767
const NS_FILE
Definition: Defines.php:66
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
const NS_MEDIAWIKI
Definition: Defines.php:68
testGetGroupsWithPermission( $expected, $right)
provideGetGroupsWithPermission \MediaWiki\Permissions\PermissionManager::getGroupsWithPermission ...
testBlockInstanceCache()
\MediaWiki\Permissions\PermissionManager::isBlockedFrom
static makeTitle( $ns, $title, $fragment='', $interwiki='')
Create a new Title from a namespace index and a DB key.
Definition: Title.php:590
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
$wgNamespaceProtection
Set the minimum permissions required to edit pages in each namespace.
static newFromId( $id)
Static factory method for creation from a given user ID.
Definition: User.php:559
testCascadingSourcesRestrictions()
\MediaWiki\Permissions\PermissionManager::checkCascadingSourcesRestrictions
static getDummySession( $backend=null, $index=-1, $logger=null)
If you need a Session for testing but don&#39;t want to create a backend to construct one...
Definition: TestUtils.php:86
const NS_HELP
Definition: Defines.php:72
you have access to all of the normal MediaWiki so you can get a DB use the etc For full docs on the Maintenance class
Definition: maintenance.txt:52
testIsBlockedFrom( $title, $expect, array $options=[])
\MediaWiki\Permissions\PermissionManager::isBlockedFrom provideIsBlockedFrom
Value object holding the session ID in a manner that can be globally updated.
Definition: SessionId.php:38
testGroupHasPermission()
\MediaWiki\Permissions\PermissionManager::groupHasPermission
$wgLocalTZoffset
Set an offset from UTC in minutes to use for the default timezone setting for anonymous users and new...
testUserHasRight()
\MediaWiki\Permissions\PermissionManager::userHasRight
const NS_TALK
Definition: Defines.php:61
static createNew( $name, $params=[])
Add a user to the database, return the user object.
Definition: User.php:4082
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
Definition: User.php:535
testUserBlockAction()
\MediaWiki\Permissions\PermissionManager::checkUserBlock
const NS_USER_TALK
Definition: Defines.php:63
getTalkPage()
Get this user&#39;s talk page title.
Definition: User.php:4340
testGetUserPermissionsHooks()
\MediaWiki\Permissions\PermissionManager::getUserPermissions
static newFromText( $text, $defaultNamespace=NS_MAIN)
Create a new Title from text, such as what one would find in a link.
Definition: Title.php:320