public function testUnsaved()
{
$user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved(['user' => $user, 'appId' => 'DoesNotExist']);
$this->assertInstanceOf('BotPassword', $bp);
$this->assertFalse($bp->isSaved());
$this->assertSame(42, $bp->getUserCentralId());
$this->assertSame('DoesNotExist', $bp->getAppId());
$this->assertEquals(MWRestrictions::newDefault(), $bp->getRestrictions());
$this->assertSame([], $bp->getGrants());
$bp = BotPassword::newUnsaved(['username' => 'UTDummy', 'appId' => 'DoesNotExist2', 'restrictions' => MWRestrictions::newFromJson('{"IPAddresses":["127.0.0.0/8"]}'), 'grants' => ['test']]);
$this->assertInstanceOf('BotPassword', $bp);
$this->assertFalse($bp->isSaved());
$this->assertSame(43, $bp->getUserCentralId());
$this->assertSame('DoesNotExist2', $bp->getAppId());
$this->assertEquals('{"IPAddresses":["127.0.0.0/8"]}', $bp->getRestrictions()->toJson());
$this->assertSame(['test'], $bp->getGrants());
$user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved(['centralId' => 45, 'appId' => 'DoesNotExist']);
$this->assertInstanceOf('BotPassword', $bp);
$this->assertFalse($bp->isSaved());
$this->assertSame(45, $bp->getUserCentralId());
$this->assertSame('DoesNotExist', $bp->getAppId());
$user = $this->testUser->getUser();
$bp = BotPassword::newUnsaved(['user' => $user, 'appId' => 'BotPassword']);
$this->assertInstanceOf('BotPassword', $bp);
$this->assertFalse($bp->isSaved());
$this->assertNull(BotPassword::newUnsaved(['user' => $user, 'appId' => '']));
$this->assertNull(BotPassword::newUnsaved(['user' => $user, 'appId' => str_repeat('X', BotPassword::APPID_MAXLENGTH + 1)]));
$this->assertNull(BotPassword::newUnsaved(['user' => $this->testUserName, 'appId' => 'Ok']));
$this->assertNull(BotPassword::newUnsaved(['username' => 'UTInvalid', 'appId' => 'Ok']));
$this->assertNull(BotPassword::newUnsaved(['appId' => 'Ok']));
}
/**
* @return MWRestrictions
*/
public function getDefault()
{
$default = parent::getDefault();
if ($default === null) {
$default = MWRestrictions::newDefault();
}
return $default;
}
public function testConstruct()
{
$field = new HTMLRestrictionsField(['fieldname' => 'restrictions']);
$this->assertNotEmpty($field->getLabel(), 'has a default label');
$this->assertNotEmpty($field->getHelpText(), 'has a default help text');
$this->assertEquals(MWRestrictions::newDefault(), $field->getDefault(), 'defaults to the default MWRestrictions object');
$field = new HTMLRestrictionsField(['fieldname' => 'restrictions', 'label' => 'foo', 'help' => 'bar', 'default' => 'baz']);
$this->assertEquals('foo', $field->getLabel(), 'label can be customized');
$this->assertEquals('bar', $field->getHelpText(), 'help text can be customized');
$this->assertEquals('baz', $field->getDefault(), 'default can be customized');
}
public function testBotPassword()
{
global $wgServer, $wgSessionProviders;
if (!isset($wgServer)) {
$this->markTestIncomplete('This test needs $wgServer to be set in LocalSettings.php');
}
$this->setMwGlobals(array('wgSessionProviders' => array_merge($wgSessionProviders, array(array('class' => 'MediaWiki\\Session\\BotPasswordSessionProvider', 'args' => array(array('priority' => 40))))), 'wgEnableBotPasswords' => true, 'wgBotPasswordsDatabase' => false, 'wgCentralIdLookupProvider' => 'local', 'wgGrantPermissions' => array('test' => array('read' => true))));
// Make sure our session provider is present
$manager = TestingAccessWrapper::newFromObject(MediaWiki\Session\SessionManager::singleton());
if (!isset($manager->sessionProviders['MediaWiki\\Session\\BotPasswordSessionProvider'])) {
$tmp = $manager->sessionProviders;
$manager->sessionProviders = null;
$manager->sessionProviders = $tmp + $manager->getProviders();
}
$this->assertNotNull(MediaWiki\Session\SessionManager::singleton()->getProvider('MediaWiki\\Session\\BotPasswordSessionProvider'), 'sanity check');
$user = self::$users['sysop'];
$centralId = CentralIdLookup::factory()->centralIdFromLocalUser($user->getUser());
$this->assertNotEquals(0, $centralId, 'sanity check');
$passwordFactory = new PasswordFactory();
$passwordFactory->init(RequestContext::getMain()->getConfig());
// A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
$passwordFactory->setDefaultType('A');
$pwhash = $passwordFactory->newFromPlaintext('foobaz');
$dbw = wfGetDB(DB_MASTER);
$dbw->insert('bot_passwords', array('bp_user' => $centralId, 'bp_app_id' => 'foo', 'bp_password' => $pwhash->toString(), 'bp_token' => '', 'bp_restrictions' => MWRestrictions::newDefault()->toJson(), 'bp_grants' => '["test"]'), __METHOD__);
$lgName = $user->username . BotPassword::getSeparator() . 'foo';
$ret = $this->doApiRequest(array('action' => 'login', 'lgname' => $lgName, 'lgpassword' => 'foobaz'));
$result = $ret[0];
$this->assertNotInternalType('bool', $result);
$this->assertNotInternalType('null', $result['login']);
$a = $result['login']['result'];
$this->assertEquals('NeedToken', $a);
$token = $result['login']['token'];
$ret = $this->doApiRequest(array('action' => 'login', 'lgtoken' => $token, 'lgname' => $lgName, 'lgpassword' => 'foobaz'), $ret[2]);
$result = $ret[0];
$this->assertNotInternalType('bool', $result);
$a = $result['login']['result'];
$this->assertEquals('Success', $a);
}
/**
* Create an unsaved BotPassword
* @param array $data Data to use to create the bot password. Keys are:
* - user: (User) User object to create the password for. Overrides username and centralId.
* - username: (string) Username to create the password for. Overrides centralId.
* - centralId: (int) User central ID to create the password for.
* - appId: (string) App ID for the password.
* - restrictions: (MWRestrictions, optional) Restrictions.
* - grants: (string[], optional) Grants.
* @param int $flags IDBAccessObject read flags
* @return BotPassword|null
*/
public static function newUnsaved(array $data, $flags = self::READ_NORMAL)
{
$row = (object) array('bp_user' => 0, 'bp_app_id' => isset($data['appId']) ? trim($data['appId']) : '', 'bp_token' => '**unsaved**', 'bp_restrictions' => isset($data['restrictions']) ? $data['restrictions'] : MWRestrictions::newDefault(), 'bp_grants' => isset($data['grants']) ? $data['grants'] : array());
if ($row->bp_app_id === '' || strlen($row->bp_app_id) > self::APPID_MAXLENGTH || !$row->bp_restrictions instanceof MWRestrictions || !is_array($row->bp_grants)) {
return null;
}
$row->bp_restrictions = $row->bp_restrictions->toJson();
$row->bp_grants = FormatJson::encode($row->bp_grants);
if (isset($data['user'])) {
if (!$data['user'] instanceof User) {
return null;
}
$row->bp_user = CentralIdLookup::factory()->centralIdFromLocalUser($data['user'], CentralIdLookup::AUDIENCE_RAW, $flags);
} elseif (isset($data['username'])) {
$row->bp_user = CentralIdLookup::factory()->centralIdFromName($data['username'], CentralIdLookup::AUDIENCE_RAW, $flags);
} elseif (isset($data['centralId'])) {
$row->bp_user = $data['centralId'];
}
if (!$row->bp_user) {
return null;
}
return new self($row, false, $flags);
}
/**
* @covers MWRestrictions::newDefault
* @covers MWRestrictions::__construct
*/
public function testNewDefault()
{
$ret = MWRestrictions::newDefault();
$this->assertInstanceOf('MWRestrictions', $ret);
$this->assertSame('{"IPAddresses":["0.0.0.0/0","::/0"]}', $ret->toJson());
}