]> scripts.mit.edu Git - autoinstallsdev/mediawiki.git/blob - tests/phpunit/includes/user/PasswordResetTest.php
scripts.mit.edu / autoinstallsdev / mediawiki.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
MediaWiki 1.30.2
[autoinstallsdev/mediawiki.git] / tests / phpunit / includes / user / PasswordResetTest.php
1 <?php
2
3 use MediaWiki\Auth\AuthManager;
4
5 /**
6  * @group Database
7  */
8 class PasswordResetTest extends PHPUnit_Framework_TestCase {
9         /**
10          * @dataProvider provideIsAllowed
11          */
12         public function testIsAllowed( $passwordResetRoutes, $enableEmail,
13                 $allowsAuthenticationDataChange, $canEditPrivate, $block, $globalBlock, $isAllowed
14         ) {
15                 $config = new HashConfig( [
16                         'PasswordResetRoutes' => $passwordResetRoutes,
17                         'EnableEmail' => $enableEmail,
18                 ] );
19
20                 $authManager = $this->getMockBuilder( AuthManager::class )->disableOriginalConstructor()
21                         ->getMock();
22                 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
23                         ->willReturn( $allowsAuthenticationDataChange ? Status::newGood() : Status::newFatal( 'foo' ) );
24
25                 $user = $this->getMockBuilder( User::class )->getMock();
26                 $user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
27                 $user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
28                 $user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
29                 $user->expects( $this->any() )->method( 'isAllowed' )
30                         ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
31                                 if ( $perm === 'editmyprivateinfo' ) {
32                                         return $canEditPrivate;
33                                 } else {
34                                         $this->fail( 'Unexpected permission check' );
35                                 }
36                         } ) );
37
38                 $passwordReset = new PasswordReset( $config, $authManager );
39
40                 $this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
41         }
42
43         public function provideIsAllowed() {
44                 return [
45                         'no routes' => [
46                                 'passwordResetRoutes' => [],
47                                 'enableEmail' => true,
48                                 'allowsAuthenticationDataChange' => true,
49                                 'canEditPrivate' => true,
50                                 'block' => null,
51                                 'globalBlock' => null,
52                                 'isAllowed' => false,
53                         ],
54                         'email disabled' => [
55                                 'passwordResetRoutes' => [ 'username' => true ],
56                                 'enableEmail' => false,
57                                 'allowsAuthenticationDataChange' => true,
58                                 'canEditPrivate' => true,
59                                 'block' => null,
60                                 'globalBlock' => null,
61                                 'isAllowed' => false,
62                         ],
63                         'auth data change disabled' => [
64                                 'passwordResetRoutes' => [ 'username' => true ],
65                                 'enableEmail' => true,
66                                 'allowsAuthenticationDataChange' => false,
67                                 'canEditPrivate' => true,
68                                 'block' => null,
69                                 'globalBlock' => null,
70                                 'isAllowed' => false,
71                         ],
72                         'cannot edit private data' => [
73                                 'passwordResetRoutes' => [ 'username' => true ],
74                                 'enableEmail' => true,
75                                 'allowsAuthenticationDataChange' => true,
76                                 'canEditPrivate' => false,
77                                 'block' => null,
78                                 'globalBlock' => null,
79                                 'isAllowed' => false,
80                         ],
81                         'blocked with account creation disabled' => [
82                                 'passwordResetRoutes' => [ 'username' => true ],
83                                 'enableEmail' => true,
84                                 'allowsAuthenticationDataChange' => true,
85                                 'canEditPrivate' => true,
86                                 'block' => new Block( [ 'createAccount' => true ] ),
87                                 'globalBlock' => null,
88                                 'isAllowed' => false,
89                         ],
90                         'blocked w/o account creation disabled' => [
91                                 'passwordResetRoutes' => [ 'username' => true ],
92                                 'enableEmail' => true,
93                                 'allowsAuthenticationDataChange' => true,
94                                 'canEditPrivate' => true,
95                                 'block' => new Block( [] ),
96                                 'globalBlock' => null,
97                                 'isAllowed' => true,
98                         ],
99                         'using blocked proxy' => [
100                                 'passwordResetRoutes' => [ 'username' => true ],
101                                 'enableEmail' => true,
102                                 'allowsAuthenticationDataChange' => true,
103                                 'canEditPrivate' => true,
104                                 'block' => new Block( [ 'systemBlock' => 'proxy' ] ),
105                                 'globalBlock' => null,
106                                 'isAllowed' => false,
107                         ],
108                         'globally blocked with account creation disabled' => [
109                                 'passwordResetRoutes' => [ 'username' => true ],
110                                 'enableEmail' => true,
111                                 'allowsAuthenticationDataChange' => true,
112                                 'canEditPrivate' => true,
113                                 'block' => null,
114                                 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => true ] ),
115                                 'isAllowed' => false,
116                         ],
117                         'globally blocked with account creation not disabled' => [
118                                 'passwordResetRoutes' => [ 'username' => true ],
119                                 'enableEmail' => true,
120                                 'allowsAuthenticationDataChange' => true,
121                                 'canEditPrivate' => true,
122                                 'block' => null,
123                                 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => false ] ),
124                                 'isAllowed' => true,
125                         ],
126                         'blocked via wgSoftBlockRanges' => [
127                                 'passwordResetRoutes' => [ 'username' => true ],
128                                 'enableEmail' => true,
129                                 'allowsAuthenticationDataChange' => true,
130                                 'canEditPrivate' => true,
131                                 'block' => new Block( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
132                                 'globalBlock' => null,
133                                 'isAllowed' => true,
134                         ],
135                         'all OK' => [
136                                 'passwordResetRoutes' => [ 'username' => true ],
137                                 'enableEmail' => true,
138                                 'allowsAuthenticationDataChange' => true,
139                                 'canEditPrivate' => true,
140                                 'block' => null,
141                                 'globalBlock' => null,
142                                 'isAllowed' => true,
143                         ],
144                 ];
145         }
146
147         public function testExecute_email() {
148                 $config = new HashConfig( [
149                         'PasswordResetRoutes' => [ 'username' => true, 'email' => true ],
150                         'EnableEmail' => true,
151                 ] );
152
153                 $authManager = $this->getMockBuilder( AuthManager::class )->disableOriginalConstructor()
154                         ->getMock();
155                 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
156                         ->willReturn( Status::newGood() );
157                 $authManager->expects( $this->exactly( 2 ) )->method( 'changeAuthenticationData' );
158
159                 $request = new FauxRequest();
160                 $request->setIP( '1.2.3.4' );
161                 $performingUser = $this->getMockBuilder( User::class )->getMock();
162                 $performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
163                 $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
164
165                 $targetUser1 = $this->getMockBuilder( User::class )->getMock();
166                 $targetUser2 = $this->getMockBuilder( User::class )->getMock();
167                 $targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
168                 $targetUser2->expects( $this->any() )->method( 'getName' )->willReturn( 'User2' );
169                 $targetUser1->expects( $this->any() )->method( 'getId' )->willReturn( 1 );
170                 $targetUser2->expects( $this->any() )->method( 'getId' )->willReturn( 2 );
171                 $targetUser1->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
172                 $targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
173
174                 $passwordReset = $this->getMockBuilder( PasswordReset::class )
175                         ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
176                         ->getMock();
177                 $passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
178                         ->willReturn( [ $targetUser1, $targetUser2 ] );
179
180                 $status = $passwordReset->isAllowed( $performingUser );
181                 $this->assertTrue( $status->isGood() );
182
183                 $status = $passwordReset->execute( $performingUser, null, 'foo@bar.baz' );
184                 $this->assertTrue( $status->isGood() );
185         }
186 }
MediaWiki autoinstaller for scripts.mit.edu