search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import: Handle uploads with sha1 starting with 0 properly
[mediawiki.git] / tests / phpunit / includes / user / UserTest.php
blob45c4b8c5fa4b8815ce0eb23f86bc63708a4e3fd9
1 <?php
2
3 define( 'NS_UNITTEST', 5600 );
4 define( 'NS_UNITTEST_TALK', 5601 );
5
6 /**
7 * @group Database
8 */
9 class UserTest extends MediaWikiTestCase {
10 /**
11 * @var User
12 */
13 protected $user;
14
15 protected function setUp() {
16 parent::setUp();
17
18 $this->setMwGlobals( array(
19 'wgGroupPermissions' => array(),
20 'wgRevokePermissions' => array(),
21 ) );
22
23 $this->setUpPermissionGlobals();
24
25 $this->user = new User;
26 $this->user->addGroup( 'unittesters' );
27 }
28
29 private function setUpPermissionGlobals() {
30 global $wgGroupPermissions, $wgRevokePermissions;
31
32 # Data for regular $wgGroupPermissions test
33 $wgGroupPermissions['unittesters'] = array(
34 'test' => true,
35 'runtest' => true,
36 'writetest' => false,
37 'nukeworld' => false,
38 );
39 $wgGroupPermissions['testwriters'] = array(
40 'test' => true,
41 'writetest' => true,
42 'modifytest' => true,
43 );
44
45 # Data for regular $wgRevokePermissions test
46 $wgRevokePermissions['formertesters'] = array(
47 'runtest' => true,
48 );
49
50 # For the options test
51 $wgGroupPermissions['*'] = array(
52 'editmyoptions' => true,
53 );
54 }
55
56 /**
57 * @covers User::getGroupPermissions
58 */
59 public function testGroupPermissions() {
60 $rights = User::getGroupPermissions( array( 'unittesters' ) );
61 $this->assertContains( 'runtest', $rights );
62 $this->assertNotContains( 'writetest', $rights );
63 $this->assertNotContains( 'modifytest', $rights );
64 $this->assertNotContains( 'nukeworld', $rights );
65
66 $rights = User::getGroupPermissions( array( 'unittesters', 'testwriters' ) );
67 $this->assertContains( 'runtest', $rights );
68 $this->assertContains( 'writetest', $rights );
69 $this->assertContains( 'modifytest', $rights );
70 $this->assertNotContains( 'nukeworld', $rights );
71 }
72
73 /**
74 * @covers User::getGroupPermissions
75 */
76 public function testRevokePermissions() {
77 $rights = User::getGroupPermissions( array( 'unittesters', 'formertesters' ) );
78 $this->assertNotContains( 'runtest', $rights );
79 $this->assertNotContains( 'writetest', $rights );
80 $this->assertNotContains( 'modifytest', $rights );
81 $this->assertNotContains( 'nukeworld', $rights );
82 }
83
84 /**
85 * @covers User::getRights
86 */
87 public function testUserPermissions() {
88 $rights = $this->user->getRights();
89 $this->assertContains( 'runtest', $rights );
90 $this->assertNotContains( 'writetest', $rights );
91 $this->assertNotContains( 'modifytest', $rights );
92 $this->assertNotContains( 'nukeworld', $rights );
93 }
94
95 /**
96 * @dataProvider provideGetGroupsWithPermission
97 * @covers User::getGroupsWithPermission
98 */
99 public function testGetGroupsWithPermission( $expected, $right ) {
100 $result = User::getGroupsWithPermission( $right );
101 sort( $result );
102 sort( $expected );
103
104 $this->assertEquals( $expected, $result, "Groups with permission $right" );
105 }
106
107 public static function provideGetGroupsWithPermission() {
108 return array(
109 array(
110 array( 'unittesters', 'testwriters' ),
111 'test'
112 ),
113 array(
114 array( 'unittesters' ),
115 'runtest'
116 ),
117 array(
118 array( 'testwriters' ),
119 'writetest'
120 ),
121 array(
122 array( 'testwriters' ),
123 'modifytest'
124 ),
125 );
126 }
127
128 /**
129 * @dataProvider provideIPs
130 * @covers User::isIP
131 */
132 public function testIsIP( $value, $result, $message ) {
133 $this->assertEquals( $this->user->isIP( $value ), $result, $message );
134 }
135
136 public static function provideIPs() {
137 return array(
138 array( '', false, 'Empty string' ),
139 array( ' ', false, 'Blank space' ),
140 array( '10.0.0.0', true, 'IPv4 private 10/8' ),
141 array( '10.255.255.255', true, 'IPv4 private 10/8' ),
142 array( '192.168.1.1', true, 'IPv4 private 192.168/16' ),
143 array( '203.0.113.0', true, 'IPv4 example' ),
144 array( '2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff', true, 'IPv6 example' ),
145 // Not valid IPs but classified as such by MediaWiki for negated asserting
146 // of whether this might be the identifier of a logged-out user or whether
147 // to allow usernames like it.
148 array( '300.300.300.300', true, 'Looks too much like an IPv4 address' ),
149 array( '203.0.113.xxx', true, 'Assigned by UseMod to cloaked logged-out users' ),
150 );
151 }
152
153 /**
154 * @dataProvider provideUserNames
155 * @covers User::isValidUserName
156 */
157 public function testIsValidUserName( $username, $result, $message ) {
158 $this->assertEquals( $this->user->isValidUserName( $username ), $result, $message );
159 }
160
161 public static function provideUserNames() {
162 return array(
163 array( '', false, 'Empty string' ),
164 array( ' ', false, 'Blank space' ),
165 array( 'abcd', false, 'Starts with small letter' ),
166 array( 'Ab/cd', false, 'Contains slash' ),
167 array( 'Ab cd', true, 'Whitespace' ),
168 array( '192.168.1.1', false, 'IP' ),
169 array( 'User:Abcd', false, 'Reserved Namespace' ),
170 array( '12abcd232', true, 'Starts with Numbers' ),
171 array( '?abcd', true, 'Start with ? mark' ),
172 array( '#abcd', false, 'Start with #' ),
173 array( 'Abcdകഖഗഘ', true, ' Mixed scripts' ),
174 array( 'ജോസ്‌തോമസ്', false, 'ZWNJ- Format control character' ),
175 array( 'Ab cd', false, ' Ideographic space' ),
176 array( '300.300.300.300', false, 'Looks too much like an IPv4 address' ),
177 array( '302.113.311.900', false, 'Looks too much like an IPv4 address' ),
178 array( '203.0.113.xxx', false, 'Reserved for usage by UseMod for cloaked logged-out users' ),
179 );
180 }
181
182 /**
183 * Test, if for all rights a right- message exist,
184 * which is used on Special:ListGroupRights as help text
185 * Extensions and core
186 */
187 public function testAllRightsWithMessage() {
188 // Getting all user rights, for core: User::$mCoreRights, for extensions: $wgAvailableRights
189 $allRights = User::getAllRights();
190 $allMessageKeys = Language::getMessageKeysFor( 'en' );
191
192 $rightsWithMessage = array();
193 foreach ( $allMessageKeys as $message ) {
194 // === 0: must be at beginning of string (position 0)
195 if ( strpos( $message, 'right-' ) === 0 ) {
196 $rightsWithMessage[] = substr( $message, strlen( 'right-' ) );
197 }
198 }
199
200 sort( $allRights );
201 sort( $rightsWithMessage );
202
203 $this->assertEquals(
204 $allRights,
205 $rightsWithMessage,
206 'Each user rights (core/extensions) has a corresponding right- message.'
207 );
208 }
209
210 /**
211 * Test User::editCount
212 * @group medium
213 * @covers User::getEditCount
214 */
215 public function testEditCount() {
216 $user = User::newFromName( 'UnitTestUser' );
217
218 if ( !$user->getId() ) {
219 $user->addToDatabase();
220 }
221
222 // let the user have a few (3) edits
223 $page = WikiPage::factory( Title::newFromText( 'Help:UserTest_EditCount' ) );
224 for ( $i = 0; $i < 3; $i++ ) {
225 $page->doEdit( (string)$i, 'test', 0, false, $user );
226 }
227
228 $user->clearInstanceCache();
229 $this->assertEquals(
230 3,
231 $user->getEditCount(),
232 'After three edits, the user edit count should be 3'
233 );
234
235 // increase the edit count and clear the cache
236 $user->incEditCount();
237
238 $user->clearInstanceCache();
239 $this->assertEquals(
240 4,
241 $user->getEditCount(),
242 'After increasing the edit count manually, the user edit count should be 4'
243 );
244 }
245
246 /**
247 * Test changing user options.
248 * @covers User::setOption
249 * @covers User::getOption
250 */
251 public function testOptions() {
252 $user = User::newFromName( 'UnitTestUser' );
253
254 if ( !$user->getId() ) {
255 $user->addToDatabase();
256 }
257
258 $user->setOption( 'userjs-someoption', 'test' );
259 $user->setOption( 'cols', 200 );
260 $user->saveSettings();
261
262 $user = User::newFromName( 'UnitTestUser' );
263 $this->assertEquals( 'test', $user->getOption( 'userjs-someoption' ) );
264 $this->assertEquals( 200, $user->getOption( 'cols' ) );
265 }
266
267 /**
268 * Bug 37963
269 * Make sure defaults are loaded when setOption is called.
270 * @covers User::loadOptions
271 */
272 public function testAnonOptions() {
273 global $wgDefaultUserOptions;
274 $this->user->setOption( 'userjs-someoption', 'test' );
275 $this->assertEquals( $wgDefaultUserOptions['cols'], $this->user->getOption( 'cols' ) );
276 $this->assertEquals( 'test', $this->user->getOption( 'userjs-someoption' ) );
277 }
278
279 /**
280 * Test password validity checks. There are 3 checks in core,
281 * - ensure the password meets the minimal length
282 * - ensure the password is not the same as the username
283 * - ensure the username/password combo isn't forbidden
284 * @covers User::checkPasswordValidity()
285 * @covers User::getPasswordValidity()
286 * @covers User::isValidPassword()
287 */
288 public function testCheckPasswordValidity() {
289 $this->setMwGlobals( array(
290 'wgPasswordPolicy' => array(
291 'policies' => array(
292 'sysop' => array(
293 'MinimalPasswordLength' => 8,
294 'MinimumPasswordLengthToLogin' => 1,
295 'PasswordCannotMatchUsername' => 1,
296 ),
297 'default' => array(
298 'MinimalPasswordLength' => 6,
299 'PasswordCannotMatchUsername' => true,
300 'PasswordCannotMatchBlacklist' => true,
301 'MaximalPasswordLength' => 30,
302 ),
303 ),
304 'checks' => array(
305 'MinimalPasswordLength' => 'PasswordPolicyChecks::checkMinimalPasswordLength',
306 'MinimumPasswordLengthToLogin' => 'PasswordPolicyChecks::checkMinimumPasswordLengthToLogin',
307 'PasswordCannotMatchUsername' => 'PasswordPolicyChecks::checkPasswordCannotMatchUsername',
308 'PasswordCannotMatchBlacklist' => 'PasswordPolicyChecks::checkPasswordCannotMatchBlacklist',
309 'MaximalPasswordLength' => 'PasswordPolicyChecks::checkMaximalPasswordLength',
310 ),
311 ),
312 ) );
313
314 $user = User::newFromName( 'Useruser' );
315 // Sanity
316 $this->assertTrue( $user->isValidPassword( 'Password1234' ) );
317
318 // Minimum length
319 $this->assertFalse( $user->isValidPassword( 'a' ) );
320 $this->assertFalse( $user->checkPasswordValidity( 'a' )->isGood() );
321 $this->assertTrue( $user->checkPasswordValidity( 'a' )->isOK() );
322 $this->assertEquals( 'passwordtooshort', $user->getPasswordValidity( 'a' ) );
323
324 // Maximum length
325 $longPass = str_repeat( 'a', 31 );
326 $this->assertFalse( $user->isValidPassword( $longPass ) );
327 $this->assertFalse( $user->checkPasswordValidity( $longPass )->isGood() );
328 $this->assertFalse( $user->checkPasswordValidity( $longPass )->isOK() );
329 $this->assertEquals( 'passwordtoolong', $user->getPasswordValidity( $longPass ) );
330
331 // Matches username
332 $this->assertFalse( $user->checkPasswordValidity( 'Useruser' )->isGood() );
333 $this->assertTrue( $user->checkPasswordValidity( 'Useruser' )->isOK() );
334 $this->assertEquals( 'password-name-match', $user->getPasswordValidity( 'Useruser' ) );
335
336 // On the forbidden list
337 $this->assertFalse( $user->checkPasswordValidity( 'Passpass' )->isGood() );
338 $this->assertEquals( 'password-login-forbidden', $user->getPasswordValidity( 'Passpass' ) );
339 }
340
341 /**
342 * @covers User::getCanonicalName()
343 * @dataProvider provideGetCanonicalName
344 */
345 public function testGetCanonicalName( $name, $expectedArray, $msg ) {
346 foreach ( $expectedArray as $validate => $expected ) {
347 $this->assertEquals(
348 $expected,
349 User::getCanonicalName( $name, $validate === 'false' ? false : $validate ),
350 $msg . ' (' . $validate . ')'
351 );
352 }
353 }
354
355 public static function provideGetCanonicalName() {
356 return array(
357 array( ' Trailing space ', array( 'creatable' => 'Trailing space' ), 'Trailing spaces' ),
358 // @todo FIXME: Maybe the creatable name should be 'Talk:Username' or false to reject?
359 array( 'Talk:Username', array( 'creatable' => 'Username', 'usable' => 'Username',
360 'valid' => 'Username', 'false' => 'Talk:Username' ), 'Namespace prefix' ),
361 array( ' name with # hash', array( 'creatable' => false, 'usable' => false ), 'With hash' ),
362 array( 'Multi spaces', array( 'creatable' => 'Multi spaces',
363 'usable' => 'Multi spaces' ), 'Multi spaces' ),
364 array( 'lowercase', array( 'creatable' => 'Lowercase' ), 'Lowercase' ),
365 array( 'in[]valid', array( 'creatable' => false, 'usable' => false, 'valid' => false,
366 'false' => 'In[]valid' ), 'Invalid' ),
367 array( 'with / slash', array( 'creatable' => false, 'usable' => false, 'valid' => false,
368 'false' => 'With / slash' ), 'With slash' ),
369 );
370 }
371
372 /**
373 * @covers User::equals
374 */
375 public function testEquals() {
376 $first = User::newFromName( 'EqualUser' );
377 $second = User::newFromName( 'EqualUser' );
378
379 $this->assertTrue( $first->equals( $first ) );
380 $this->assertTrue( $first->equals( $second ) );
381 $this->assertTrue( $second->equals( $first ) );
382
383 $third = User::newFromName( '0' );
384 $fourth = User::newFromName( '000' );
385
386 $this->assertFalse( $third->equals( $fourth ) );
387 $this->assertFalse( $fourth->equals( $third ) );
388
389 // Test users loaded from db with id
390 $user = User::newFromName( 'EqualUnitTestUser' );
391 if ( !$user->getId() ) {
392 $user->addToDatabase();
393 }
394
395 $id = $user->getId();
396
397 $fifth = User::newFromId( $id );
398 $sixth = User::newFromName( 'EqualUnitTestUser' );
399 $this->assertTrue( $fifth->equals( $sixth ) );
400 }
401
402 /**
403 * @covers User::getId
404 */
405 public function testGetId() {
406 $user = User::newFromName( 'UTSysop' );
407 $this->assertTrue( $user->getId() > 0 );
408
409 }
410
411 /**
412 * @covers User::isLoggedIn
413 * @covers User::isAnon
414 */
415 public function testLoggedIn() {
416 $user = User::newFromName( 'UTSysop' );
417 $this->assertTrue( $user->isLoggedIn() );
418 $this->assertFalse( $user->isAnon() );
419
420 // Non-existent users are perceived as anonymous
421 $user = User::newFromName( 'UTNonexistent' );
422 $this->assertFalse( $user->isLoggedIn() );
423 $this->assertTrue( $user->isAnon() );
424
425 $user = new User;
426 $this->assertFalse( $user->isLoggedIn() );
427 $this->assertTrue( $user->isAnon() );
428 }
429
430 /**
431 * @covers User::checkAndSetTouched
432 */
433 public function testCheckAndSetTouched() {
434 $user = TestingAccessWrapper::newFromObject( User::newFromName( 'UTSysop' ) );
435 $this->assertTrue( $user->isLoggedIn() );
436
437 $touched = $user->getDBTouched();
438 $this->assertTrue(
439 $user->checkAndSetTouched(), "checkAndSetTouched() succeded" );
440 $this->assertGreaterThan(
441 $touched, $user->getDBTouched(), "user_touched increased with casOnTouched()" );
442
443 $touched = $user->getDBTouched();
444 $this->assertTrue(
445 $user->checkAndSetTouched(), "checkAndSetTouched() succeded #2" );
446 $this->assertGreaterThan(
447 $touched, $user->getDBTouched(), "user_touched increased with casOnTouched() #2" );
448 }
449
450 public static function setExtendedLoginCookieDataProvider() {
451 $data = array();
452 $now = time();
453
454 $secondsInDay = 86400;
455
456 // Arbitrary durations, in units of days, to ensure it chooses the
457 // right one. There is a 5-minute grace period (see testSetExtendedLoginCookie)
458 // to work around slow tests, since we're not currently mocking time() for PHP.
459
460 $durationOne = $secondsInDay * 5;
461 $durationTwo = $secondsInDay * 29;
462 $durationThree = $secondsInDay * 17;
463
464 // If $wgExtendedLoginCookieExpiration is null, then the expiry passed to
465 // set cookie is time() + $wgCookieExpiration
466 $data[] = array(
467 null,
468 $durationOne,
469 $now + $durationOne,
470 );
471
472 // If $wgExtendedLoginCookieExpiration isn't null, then the expiry passed to
473 // set cookie is $now + $wgExtendedLoginCookieExpiration
474 $data[] = array(
475 $durationTwo,
476 $durationThree,
477 $now + $durationTwo,
478 );
479
480 return $data;
481 }
482
483 /**
484 * @dataProvider setExtendedLoginCookieDataProvider
485 * @covers User::getRequest
486 * @covers User::setCookie
487 * @backupGlobals enabled
488 */
489 public function testSetExtendedLoginCookie(
490 $extendedLoginCookieExpiration,
491 $cookieExpiration,
492 $expectedExpiry
493 ) {
494 $this->setMwGlobals( array(
495 'wgExtendedLoginCookieExpiration' => $extendedLoginCookieExpiration,
496 'wgCookieExpiration' => $cookieExpiration,
497 ) );
498
499 $response = $this->getMock( 'WebResponse' );
500 $setcookieSpy = $this->any();
501 $response->expects( $setcookieSpy )
502 ->method( 'setcookie' );
503
504 $request = new MockWebRequest( $response );
505 $user = new UserProxy( User::newFromSession( $request ) );
506 $user->setExtendedLoginCookie( 'name', 'value', true );
507
508 $setcookieInvocations = $setcookieSpy->getInvocations();
509 $setcookieInvocation = end( $setcookieInvocations );
510 $actualExpiry = $setcookieInvocation->parameters[2];
511
512 // TODO: ± 600 seconds compensates for
513 // slow-running tests. However, the dependency on the time
514 // function should be removed. This requires some way
515 // to mock/isolate User->setExtendedLoginCookie's call to time()
516 $this->assertEquals( $expectedExpiry, $actualExpiry, '', 600 );
517 }
518 }
519
520 class UserProxy extends User {
521
522 /**
523 * @var User
524 */
525 protected $user;
526
527 public function __construct( User $user ) {
528 $this->user = $user;
529 }
530
531 public function setExtendedLoginCookie( $name, $value, $secure ) {
532 $this->user->setExtendedLoginCookie( $name, $value, $secure );
533 }
534 }
MediaWiki Core