public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = array()) { $this->assertNotReal(); $this->username = $username; $this->password = '******'; $this->user = User::newFromName($this->username); $this->user->load(); // In an ideal world we'd have a new wiki (or mock data store) for every single test. // But for now, we just need to create or update the user with the desired properties. // we particularly need the new password, since we just generated it randomly. // In core MediaWiki, there is no functionality to delete users, so this is the best we can do. if (!$this->user->isLoggedIn()) { // create the user $this->user = User::createNew($this->username, array("email" => $email, "real_name" => $realname)); if (!$this->user) { throw new MWException("Error creating TestUser " . $username); } } // Update the user to use the password and other details $change = $this->setPassword($this->password) || $this->setEmail($email) || $this->setRealName($realname); // Adjust groups by adding any missing ones and removing any extras $currentGroups = $this->user->getGroups(); foreach (array_diff($groups, $currentGroups) as $group) { $this->user->addGroup($group); } foreach (array_diff($currentGroups, $groups) as $group) { $this->user->removeGroup($group); } if ($change) { $this->user->saveSettings(); } }
public function testGroup() { $groupTest = new Group("TEST_GROUP"); $groupTest2 = new Group("TEST_GROUP_2"); $this->assertEmpty($this->user->getGroup()); $this->user->addGroup($groupTest); $this->assertEquals($groupTest, $this->user->getGroup()->first()); $this->user->addGroup($groupTest2); $this->assertEquals(2, $this->user->getGroup()->count()); $this->user->removeGroup($groupTest); $this->assertEquals(1, $this->user->getGroup()->count()); $this->assertEquals($groupTest2, $this->user->getGroup()->first()); }
public function __construct($username, $realname = 'Real Name', $email = '*****@*****.**', $groups = []) { $this->assertNotReal(); $this->username = $username; $this->password = '******'; $this->user = User::newFromName($this->username); $this->user->load(); // In an ideal world we'd have a new wiki (or mock data store) for every single test. // But for now, we just need to create or update the user with the desired properties. // we particularly need the new password, since we just generated it randomly. // In core MediaWiki, there is no functionality to delete users, so this is the best we can do. if (!$this->user->isLoggedIn()) { // create the user $this->user = User::createNew($this->username, ["email" => $email, "real_name" => $realname]); if (!$this->user) { throw new MWException("Error creating TestUser " . $username); } } // Update the user to use the password and other details $this->setPassword($this->password); $change = $this->setEmail($email) || $this->setRealName($realname); // Adjust groups by adding any missing ones and removing any extras $currentGroups = $this->user->getGroups(); foreach (array_diff($groups, $currentGroups) as $group) { $this->user->addGroup($group); } foreach (array_diff($currentGroups, $groups) as $group) { $this->user->removeGroup($group); } if ($change) { // Disable CAS check before saving. The User object may have been initialized from cached // information that may be out of whack with the database during testing. If tests were // perfectly isolated, this would not happen. But if it does happen, let's just ignore the // inconsistency, and just write the data we want - during testing, we are not worried // about data loss. $this->user->mTouched = ''; $this->user->saveSettings(); } }
/** * Add groups based on the existence of attributes in the SAML assertion. * * @param User $user add MediaWiki permissions to this user from the current SAML assertion * * @return void $user is modified on return */ protected static function setGroups(User $user) { global $wgSamlGroupMap; $attr = self::$as->getAttributes(); foreach ($wgSamlGroupMap as $group => $rules) { foreach ($rules as $attrName => $needles) { if (!isset($attr[$attrName])) { continue; } foreach ($needles as $needle) { if (in_array($needle, $attr[$attrName])) { $user->addGroup($group); } else { $user->removeGroup($group); } } } } }
/** * Helper function for updateUser() and initUser(). Adds users into MediaWiki security groups * based upon groups retreived from LDAP. * * @param User $user * @access private */ function setGroups(&$user) { global $wgGroupPermissions; // TODO: this is *really* ugly code. clean it up! $this->printDebug("Entering setGroups.", NONSENSITIVE); # Add ldap groups as local groups if ($this->getConf('GroupsPrevail')) { $this->printDebug("Adding all groups to wgGroupPermissions: ", SENSITIVE, $this->allLDAPGroups); foreach ($this->allLDAPGroups["short"] as $ldapgroup) { if (!array_key_exists($ldapgroup, $wgGroupPermissions)) { $wgGroupPermissions[$ldapgroup] = array(); } } } # add groups permissions $localAvailGrps = $user->getAllGroups(); $localUserGrps = $user->getEffectiveGroups(); $defaultLocallyManagedGrps = array('bot', 'sysop', 'bureaucrat'); $locallyManagedGrps = $this->getConf('LocallyManagedGroups'); if ($locallyManagedGrps) { $locallyManagedGrps = array_unique(array_merge($defaultLocallyManagedGrps, $locallyManagedGrps)); $this->printDebug("Locally managed groups: ", SENSITIVE, $locallyManagedGrps); } else { $locallyManagedGrps = $defaultLocallyManagedGrps; $this->printDebug("Locally managed groups is unset, using defaults: ", SENSITIVE, $locallyManagedGrps); } $this->printDebug("Available groups are: ", NONSENSITIVE, $localAvailGrps); $this->printDebug("Effective groups are: ", NONSENSITIVE, $localUserGrps); # note: $localUserGrps does not need to be updated with $cGroup added, # as $localAvailGrps contains $cGroup only once. foreach ($localAvailGrps as $cGroup) { # did we once add the user to the group? if (in_array($cGroup, $localUserGrps)) { $this->printDebug("Checking to see if we need to remove user from: {$cGroup}", NONSENSITIVE); if (!$this->hasLDAPGroup($cGroup) && !in_array($cGroup, $locallyManagedGrps)) { $this->printDebug("Removing user from: {$cGroup}", NONSENSITIVE); # the ldap group overrides the local group # so as the user is currently not a member of the ldap group, he shall be removed from the local group $user->removeGroup($cGroup); } } else { # no, but maybe the user has recently been added to the ldap group? $this->printDebug("Checking to see if user is in: {$cGroup}", NONSENSITIVE); if ($this->hasLDAPGroup($cGroup)) { $this->printDebug("Adding user to: {$cGroup}", NONSENSITIVE); $user->addGroup($cGroup); } } } }
/** * Save user groups changes in the database. * * @param User|UserRightsProxy $user * @param array $add Array of groups to add * @param array $remove Array of groups to remove * @param string $reason Reason for group change * @return array Tuple of added, then removed groups */ function doSaveUserGroups($user, $add, $remove, $reason = '') { global $wgAuth; // Validate input set... $isself = $user->getName() == $this->getUser()->getName(); $groups = $user->getGroups(); $changeable = $this->changeableGroups(); $addable = array_merge($changeable['add'], $isself ? $changeable['add-self'] : array()); $removable = array_merge($changeable['remove'], $isself ? $changeable['remove-self'] : array()); $remove = array_unique(array_intersect((array) $remove, $removable, $groups)); $add = array_unique(array_diff(array_intersect((array) $add, $addable), $groups)); $oldGroups = $user->getGroups(); $newGroups = $oldGroups; // Remove then add groups if ($remove) { foreach ($remove as $index => $group) { if (!$user->removeGroup($group)) { unset($remove[$index]); } } $newGroups = array_diff($newGroups, $remove); } if ($add) { foreach ($add as $index => $group) { if (!$user->addGroup($group)) { unset($add[$index]); } } $newGroups = array_merge($newGroups, $add); } $newGroups = array_unique($newGroups); // Ensure that caches are cleared $user->invalidateCache(); // update groups in external authentication database Hooks::run('UserGroupsChanged', array($user, $add, $remove, $this->getUser())); $wgAuth->updateExternalDBGroups($user, $add, $remove); wfDebug('oldGroups: ' . print_r($oldGroups, true) . "\n"); wfDebug('newGroups: ' . print_r($newGroups, true) . "\n"); // Deprecated in favor of UserGroupsChanged hook Hooks::run('UserRights', array(&$user, $add, $remove), '1.26'); if ($newGroups != $oldGroups) { $this->addLogEntry($user, $oldGroups, $newGroups, $reason); } return array($add, $remove); }
/** * On every page load, the user's permissions are recalculated. They are based * upon the groups to which the user belongs. */ function manageMediawikiGroupsForUser(User $mediawiki_user, PFUser $tuleap_user, Group $group) { $groups_mapper = new MediawikiUserGroupsMapper(new MediawikiDao(), new User_ForgeUserGroupPermissionsDao()); $mediawiki_groups = $groups_mapper->defineUserMediawikiGroups($tuleap_user, $group); foreach ($mediawiki_groups['removed'] as $group_to_remove) { $mediawiki_user->removeGroup($group_to_remove); } foreach ($mediawiki_groups['added'] as $group_to_add) { $mediawiki_user->addGroup($group_to_add); } return $mediawiki_user; }
/** * Helper function for updateUser() and initUser(). Adds users into MediaWiki security groups * based upon groups retreived from LDAP. * * @param User $user * @access private */ function setGroups(&$user) { $this->printDebug("Pulling groups from LDAP.", 1); # add groups permissions $localAvailGrps = $user->getAllGroups(); $localUserGrps = $user->getEffectiveGroups(); $this->printDebug("Available groups are: " . implode(",", $localAvailGrps) . "", 1); $this->printDebug("Effective groups are: " . implode(",", $localUserGrps) . "", 1); # note: $localUserGrps does not need to be updated with $cGroup added, # as $localAvailGrps contains $cGroup only once. foreach ($localAvailGrps as $cGroup) { # did we once add the user to the group? if (in_array($cGroup, $localUserGrps)) { $this->printDebug("Checking to see if we need to remove user from: {$cGroup}", 1); if (!$this->hasLDAPGroup($cGroup) && $this->isLDAPGroup($cGroup)) { $this->printDebug("Removing user from: {$cGroup}", 1); # the ldap group overrides the local group # so as the user is currently not a member of the ldap group, he shall be removed from the local group $user->removeGroup($cGroup); } } else { # no, but maybe the user has recently been added to the ldap group? $this->printDebug("Checking to see if user is in: {$cGroup}", 1); if ($this->hasLDAPGroup($cGroup)) { $this->printDebug("Adding user to: {$cGroup}", 1); # so use the addGroup function $user->addGroup($cGroup); # completedfor $cGroup. } } } }
/** * When a user logs in, optionally fill in preferences and such. * For instance, you might pull the email address or real name from the * external user database. * * The User object is passed by reference so it can be modified; don't * forget the & on your function declaration. * * @param User $user * @access public */ function updateUser(&$user) { if (!is_resource($this->db)) { $this->openDB(); } $query = mysql_query("SELECT username,email,usergroup,additionalgroups FROM {$this->table_prefix}users WHERE username='******'", $this->db); $res = mysql_fetch_array($query); if ($res) { if (in_array($res['usergroup'], $this->admin_usergroups)) { $is_admin = true; } $memberships = explode(",", $res['additionalgroups']); for ($i = 0; $i < count($memberships); $i++) { if (in_array($memberships[$x], $this->admin_usergroups)) { $is_admin = true; } } if ($is_admin == true) { // If a user is not a sysop, make them a sysop if (!in_array("sysop", $user->getEffectiveGroups())) { $user->addGroup('sysop'); } } else { if (in_array("sysop", $user->getEffectiveGroups())) { $user->removeGroup('sysop'); return TRUE; } } $user->setEmail($res['email']); $user->setRealName($res['username']); return TRUE; } return false; }
/** * @covers AppBundle\Entity\User::removeGroup * Implement testRemoveGroup(). */ public function testRemoveGroup() { $this->assertEmpty($this->user->getGroup()); $this->user->removeGroup($this->group); $this->assertEmpty($this->user->getGroup()); }