/**
* Reset internal cache for unit testing
*/
public static function resetCache()
{
if (!defined('MW_PHPUNIT_TEST')) {
throw new MWException(__METHOD__ . ' may only be called from unit tests!');
}
self::$instances = array();
}
public function addDBDataOnce()
{
$passwordFactory = new \PasswordFactory();
$passwordFactory->init(\RequestContext::getMain()->getConfig());
$passwordHash = $passwordFactory->newFromPlaintext('foobaz');
$sysop = static::getTestSysop()->getUser();
$userId = \CentralIdLookup::factory('local')->centralIdFromName($sysop->getName());
$dbw = wfGetDB(DB_MASTER);
$dbw->delete('bot_passwords', ['bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider'], __METHOD__);
$dbw->insert('bot_passwords', ['bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider', 'bp_password' => $passwordHash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]'], __METHOD__);
}
protected function checkExecutePermissions(User $user)
{
parent::checkExecutePermissions($user);
if (!$this->getConfig()->get('EnableBotPasswords')) {
throw new ErrorPageError('botpasswords', 'botpasswords-disabled');
}
$this->userId = CentralIdLookup::factory()->centralIdFromLocalUser($this->getUser());
if (!$this->userId) {
throw new ErrorPageError('botpasswords', 'botpasswords-no-central-id');
}
}
public function addDBData()
{
$passwordFactory = new \PasswordFactory();
$passwordFactory->init(\RequestContext::getMain()->getConfig());
// A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
$passwordFactory->setDefaultType('A');
$pwhash = $passwordFactory->newFromPlaintext('foobaz');
$userId = \CentralIdLookup::factory('local')->centralIdFromName('UTSysop');
$dbw = wfGetDB(DB_MASTER);
$dbw->delete('bot_passwords', array('bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider'), __METHOD__);
$dbw->insert('bot_passwords', array('bp_user' => $userId, 'bp_app_id' => 'BotPasswordSessionProvider', 'bp_password' => $pwhash->toString(), 'bp_token' => 'token!', 'bp_restrictions' => '{"IPAddresses":["127.0.0.0/8"]}', 'bp_grants' => '["test"]'), __METHOD__);
}
protected function setUp()
{
parent::setUp();
$this->setMwGlobals(array('wgEnableBotPasswords' => true, 'wgBotPasswordsDatabase' => false, 'wgCentralIdLookupProvider' => 'BotPasswordTest OkMock', 'wgGrantPermissions' => array('test' => array('read' => true)), 'wgUserrightsInterwikiDelimiter' => '@'));
$mock1 = $this->getMockForAbstractClass('CentralIdLookup');
$mock1->expects($this->any())->method('isAttached')->will($this->returnValue(true));
$mock1->expects($this->any())->method('lookupUserNames')->will($this->returnValue(array('UTSysop' => 42, 'UTDummy' => 43, 'UTInvalid' => 0)));
$mock1->expects($this->never())->method('lookupCentralIds');
$mock2 = $this->getMockForAbstractClass('CentralIdLookup');
$mock2->expects($this->any())->method('isAttached')->will($this->returnValue(false));
$mock2->expects($this->any())->method('lookupUserNames')->will($this->returnArgument(0));
$mock2->expects($this->never())->method('lookupCentralIds');
$this->mergeMwGlobalArrayValue('wgCentralIdLookupProviders', array('BotPasswordTest OkMock' => array('factory' => function () use($mock1) {
return $mock1;
}), 'BotPasswordTest FailMock' => array('factory' => function () use($mock2) {
return $mock2;
})));
CentralIdLookup::resetCache();
}
public function testFactory()
{
$mock = $this->getMockForAbstractClass('CentralIdLookup');
$this->setMwGlobals(['wgCentralIdLookupProviders' => ['local' => ['class' => 'LocalIdLookup'], 'local2' => ['class' => 'LocalIdLookup'], 'mock' => ['factory' => function () use($mock) {
return $mock;
}], 'bad' => ['class' => 'stdClass']], 'wgCentralIdLookupProvider' => 'mock']);
$this->assertSame($mock, CentralIdLookup::factory());
$this->assertSame($mock, CentralIdLookup::factory('mock'));
$this->assertSame('mock', $mock->getProviderId());
$local = CentralIdLookup::factory('local');
$this->assertNotSame($mock, $local);
$this->assertInstanceOf('LocalIdLookup', $local);
$this->assertSame($local, CentralIdLookup::factory('local'));
$this->assertSame('local', $local->getProviderId());
$local2 = CentralIdLookup::factory('local2');
$this->assertNotSame($local, $local2);
$this->assertInstanceOf('LocalIdLookup', $local2);
$this->assertSame('local2', $local2->getProviderId());
$this->assertNull(CentralIdLookup::factory('unconfigured'));
$this->assertNull(CentralIdLookup::factory('bad'));
}
public function testBotPassword()
{
global $wgServer, $wgSessionProviders;
if (!isset($wgServer)) {
$this->markTestIncomplete('This test needs $wgServer to be set in LocalSettings.php');
}
$this->setMwGlobals(array('wgSessionProviders' => array_merge($wgSessionProviders, array(array('class' => 'MediaWiki\\Session\\BotPasswordSessionProvider', 'args' => array(array('priority' => 40))))), 'wgEnableBotPasswords' => true, 'wgBotPasswordsDatabase' => false, 'wgCentralIdLookupProvider' => 'local', 'wgGrantPermissions' => array('test' => array('read' => true))));
// Make sure our session provider is present
$manager = TestingAccessWrapper::newFromObject(MediaWiki\Session\SessionManager::singleton());
if (!isset($manager->sessionProviders['MediaWiki\\Session\\BotPasswordSessionProvider'])) {
$tmp = $manager->sessionProviders;
$manager->sessionProviders = null;
$manager->sessionProviders = $tmp + $manager->getProviders();
}
$this->assertNotNull(MediaWiki\Session\SessionManager::singleton()->getProvider('MediaWiki\\Session\\BotPasswordSessionProvider'), 'sanity check');
$user = self::$users['sysop'];
$centralId = CentralIdLookup::factory()->centralIdFromLocalUser($user->getUser());
$this->assertNotEquals(0, $centralId, 'sanity check');
$passwordFactory = new PasswordFactory();
$passwordFactory->init(RequestContext::getMain()->getConfig());
// A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
$passwordFactory->setDefaultType('A');
$pwhash = $passwordFactory->newFromPlaintext('foobaz');
$dbw = wfGetDB(DB_MASTER);
$dbw->insert('bot_passwords', array('bp_user' => $centralId, 'bp_app_id' => 'foo', 'bp_password' => $pwhash->toString(), 'bp_token' => '', 'bp_restrictions' => MWRestrictions::newDefault()->toJson(), 'bp_grants' => '["test"]'), __METHOD__);
$lgName = $user->username . BotPassword::getSeparator() . 'foo';
$ret = $this->doApiRequest(array('action' => 'login', 'lgname' => $lgName, 'lgpassword' => 'foobaz'));
$result = $ret[0];
$this->assertNotInternalType('bool', $result);
$this->assertNotInternalType('null', $result['login']);
$a = $result['login']['result'];
$this->assertEquals('NeedToken', $a);
$token = $result['login']['token'];
$ret = $this->doApiRequest(array('action' => 'login', 'lgtoken' => $token, 'lgname' => $lgName, 'lgpassword' => 'foobaz'), $ret[2]);
$result = $ret[0];
$this->assertNotInternalType('bool', $result);
$a = $result['login']['result'];
$this->assertEquals('Success', $a);
}
/**
* Remove all passwords for a user, by name
* @param string $username User name
* @return bool Whether any passwords were removed
*/
public static function removeAllPasswordsForUser($username)
{
$centralId = CentralIdLookup::factory()->centralIdFromName($username, CentralIdLookup::AUDIENCE_RAW, CentralIdLookup::READ_LATEST);
return $centralId && self::removeAllPasswordsForCentralId($centralId);
}
/**
* Get central user info
* @param Config $config
* @param User $user
* @param string|null $attachedWiki
* @return array Central user info
* - centralids: Array mapping non-local Central ID provider names to IDs
* - attachedlocal: Array mapping Central ID provider names to booleans
* indicating whether the local user is attached.
* - attachedwiki: Array mapping Central ID provider names to booleans
* indicating whether the user is attached to $attachedWiki.
*/
public static function getCentralUserInfo(Config $config, User $user, $attachedWiki = null)
{
$providerIds = array_keys($config->get('CentralIdLookupProviders'));
$ret = ['centralids' => [], 'attachedlocal' => []];
ApiResult::setArrayType($ret['centralids'], 'assoc');
ApiResult::setArrayType($ret['attachedlocal'], 'assoc');
if ($attachedWiki) {
$ret['attachedwiki'] = [];
ApiResult::setArrayType($ret['attachedwiki'], 'assoc');
}
$name = $user->getName();
foreach ($providerIds as $providerId) {
$provider = CentralIdLookup::factory($providerId);
$ret['centralids'][$providerId] = $provider->centralIdFromName($name);
$ret['attachedlocal'][$providerId] = $provider->isAttached($user);
if ($attachedWiki) {
$ret['attachedwiki'][$providerId] = $provider->isAttached($user, $attachedWiki);
}
}
return $ret;
}
