3 namespace MediaWiki\Auth;
5 use Wikimedia\TestingAccessWrapper;
10 * @covers MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider
12 class CheckBlocksSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
13 public function testConstructor() {
14 $provider = new CheckBlocksSecondaryAuthenticationProvider();
15 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
16 $config = new \HashConfig( [
17 'BlockDisablesLogin' => false
19 $provider->setConfig( $config );
20 $this->assertSame( false, $providerPriv->blockDisablesLogin );
22 $provider = new CheckBlocksSecondaryAuthenticationProvider(
23 [ 'blockDisablesLogin' => true ]
25 $providerPriv = TestingAccessWrapper::newFromObject( $provider );
26 $config = new \HashConfig( [
27 'BlockDisablesLogin' => false
29 $provider->setConfig( $config );
30 $this->assertSame( true, $providerPriv->blockDisablesLogin );
33 public function testBasics() {
34 $provider = new CheckBlocksSecondaryAuthenticationProvider();
35 $user = \User::newFromName( 'UTSysop' );
38 AuthenticationResponse::newAbstain(),
39 $provider->beginSecondaryAccountCreation( $user, $user, [] )
44 * @dataProvider provideGetAuthenticationRequests
45 * @param string $action
46 * @param array $response
48 public function testGetAuthenticationRequests( $action, $response ) {
49 $provider = new CheckBlocksSecondaryAuthenticationProvider();
51 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
54 public static function provideGetAuthenticationRequests() {
56 [ AuthManager::ACTION_LOGIN, [] ],
57 [ AuthManager::ACTION_CREATE, [] ],
58 [ AuthManager::ACTION_LINK, [] ],
59 [ AuthManager::ACTION_CHANGE, [] ],
60 [ AuthManager::ACTION_REMOVE, [] ],
64 private function getBlockedUser() {
65 $user = \User::newFromName( 'UTBlockee' );
66 if ( $user->getID() == 0 ) {
67 $user->addToDatabase();
68 \TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
69 $user->saveSettings();
71 $oldBlock = \Block::newFromTarget( 'UTBlockee' );
73 // An old block will prevent our new one from saving.
77 'address' => 'UTBlockee',
78 'user' => $user->getID(),
79 'reason' => __METHOD__,
80 'expiry' => time() + 100500,
81 'createAccount' => true,
83 $block = new \Block( $blockOptions );
88 public function testBeginSecondaryAuthentication() {
89 $unblockedUser = \User::newFromName( 'UTSysop' );
90 $blockedUser = $this->getBlockedUser();
92 $provider = new CheckBlocksSecondaryAuthenticationProvider(
93 [ 'blockDisablesLogin' => false ]
96 AuthenticationResponse::newAbstain(),
97 $provider->beginSecondaryAuthentication( $unblockedUser, [] )
100 AuthenticationResponse::newAbstain(),
101 $provider->beginSecondaryAuthentication( $blockedUser, [] )
104 $provider = new CheckBlocksSecondaryAuthenticationProvider(
105 [ 'blockDisablesLogin' => true ]
108 AuthenticationResponse::newPass(),
109 $provider->beginSecondaryAuthentication( $unblockedUser, [] )
111 $ret = $provider->beginSecondaryAuthentication( $blockedUser, [] );
112 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
115 public function testTestUserForCreation() {
116 $provider = new CheckBlocksSecondaryAuthenticationProvider(
117 [ 'blockDisablesLogin' => false ]
119 $provider->setLogger( new \Psr\Log\NullLogger() );
120 $provider->setConfig( new \HashConfig() );
121 $provider->setManager( AuthManager::singleton() );
123 $unblockedUser = \User::newFromName( 'UTSysop' );
124 $blockedUser = $this->getBlockedUser();
126 $user = \User::newFromName( 'RandomUser' );
129 \StatusValue::newGood(),
130 $provider->testUserForCreation( $unblockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION )
133 \StatusValue::newGood(),
134 $provider->testUserForCreation( $unblockedUser, false )
137 $status = $provider->testUserForCreation( $blockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION );
138 $this->assertInstanceOf( 'StatusValue', $status );
139 $this->assertFalse( $status->isOK() );
140 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
142 $status = $provider->testUserForCreation( $blockedUser, false );
143 $this->assertInstanceOf( 'StatusValue', $status );
144 $this->assertFalse( $status->isOK() );
145 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
148 public function testRangeBlock() {
150 'address' => '127.0.0.0/24',
151 'reason' => __METHOD__,
152 'expiry' => time() + 100500,
153 'createAccount' => true,
155 $block = new \Block( $blockOptions );
157 $scopeVariable = new \Wikimedia\ScopedCallback( [ $block, 'delete' ] );
159 $user = \User::newFromName( 'UTNormalUser' );
160 if ( $user->getID() == 0 ) {
161 $user->addToDatabase();
162 \TestUser::setPasswordForUser( $user, 'UTNormalUserPassword' );
163 $user->saveSettings();
165 $this->setMwGlobals( [ 'wgUser' => $user ] );
166 \RequestContext::getMain()->setUser( $user );
167 $newuser = \User::newFromName( 'RandomUser' );
169 $provider = new CheckBlocksSecondaryAuthenticationProvider(
170 [ 'blockDisablesLogin' => true ]
172 $provider->setLogger( new \Psr\Log\NullLogger() );
173 $provider->setConfig( new \HashConfig() );
174 $provider->setManager( AuthManager::singleton() );
176 $ret = $provider->beginSecondaryAuthentication( $user, [] );
177 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
179 $status = $provider->testUserForCreation( $newuser, AuthManager::AUTOCREATE_SOURCE_SESSION );
180 $this->assertInstanceOf( 'StatusValue', $status );
181 $this->assertFalse( $status->isOK() );
182 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
184 $status = $provider->testUserForCreation( $newuser, false );
185 $this->assertInstanceOf( 'StatusValue', $status );
186 $this->assertFalse( $status->isOK() );
187 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );