search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
gallery: Fix phan annotation for ImageGalleryBase::getImages
[mediawiki.git] / tests / phpunit / includes / upload / UploadFromUrlTest.php
blob7710053bea4d7a2ef2ebdc1653a419546e1ac831
1 <?php
2
3 use MediaWiki\Api\ApiUsageException;
4 use MediaWiki\MainConfigNames;
5 use MediaWiki\Page\File\FileDeleteForm;
6 use MediaWiki\Tests\Api\ApiTestCase;
7 use MediaWiki\Title\Title;
8 use MediaWiki\User\User;
9 use Wikimedia\TestingAccessWrapper;
10
11 /**
12 * @group large
13 * @group Upload
14 * @group Database
15 *
16 * @covers \UploadFromUrl
17 */
18 class UploadFromUrlTest extends ApiTestCase {
19 use MockHttpTrait;
20
21 /** @var User */
22 private $user;
23
24 protected function setUp(): void {
25 parent::setUp();
26 $this->user = $this->getTestSysop()->getUser();
27
28 $this->overrideConfigValues( [
29 MainConfigNames::EnableUploads => true,
30 MainConfigNames::AllowCopyUploads => true,
31 ] );
32 $this->setGroupPermissions( 'sysop', 'upload_by_url', true );
33
34 if ( $this->getServiceContainer()->getRepoGroup()->getLocalRepo()
35 ->newFile( 'UploadFromUrlTest.png' )->exists()
36 ) {
37 $this->deleteFile( 'UploadFromUrlTest.png' );
38 }
39
40 $this->installMockHttp();
41 }
42
43 /**
44 * Ensure that the job queue is empty before continuing
45 */
46 public function testClearQueue() {
47 $jobQueueGroup = $this->getServiceContainer()->getJobQueueGroup();
48 $job = $jobQueueGroup->pop();
49 while ( $job ) {
50 $job = $jobQueueGroup->pop();
51 }
52 $this->assertFalse( $job );
53 }
54
55 public function testIsAllowedHostEmpty() {
56 $this->overrideConfigValues( [
57 MainConfigNames::CopyUploadsDomains => [],
58 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => false,
59 ] );
60
61 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://foo.bar' ) );
62 }
63
64 public function testIsAllowedHostDirectMatch() {
65 $this->overrideConfigValues( [
66 MainConfigNames::CopyUploadsDomains => [
67 'foo.baz',
68 'bar.example.baz',
69 ],
70 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => false,
71 ] );
72
73 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://example.com' ) );
74
75 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://foo.baz' ) );
76 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://.foo.baz' ) );
77
78 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://example.baz' ) );
79 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://bar.example.baz' ) );
80 }
81
82 public function testIsAllowedHostLastWildcard() {
83 $this->overrideConfigValues( [
84 MainConfigNames::CopyUploadsDomains => [
85 '*.baz',
86 ],
87 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => false,
88 ] );
89
90 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://baz' ) );
91 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.example' ) );
92 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.example.baz' ) );
93 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo/bar.baz' ) );
94
95 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://foo.baz' ) );
96 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://subdomain.foo.baz' ) );
97 }
98
99 public function testIsAllowedHostWildcardInMiddle() {
100 $this->overrideConfigValues( [
101 MainConfigNames::CopyUploadsDomains => [
102 'foo.*.baz',
103 ],
104 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => false,
105 ] );
106
107 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.baz' ) );
108 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.bar.bar.baz' ) );
109 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.bar.baz.baz' ) );
110 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.com/.baz' ) );
111
112 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://foo.example.baz' ) );
113 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://foo.bar.baz' ) );
114 }
115
116 public function testOnWikiDomainConfigEnabled() {
117 $this->overrideConfigValues( [
118 MainConfigNames::CopyUploadsDomains => [ 'example.com' ],
119 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => true,
120 ] );
121
122 $messageContent = "example.org # this is a comment\n# this too is commented foo.example.com\nexample.net";
123 $mock = $this->createMock( MessageCache::class );
124 $mock->method( 'get' )->willReturn( $messageContent );
125 $this->setService( 'MessageCache', $mock );
126
127 $this->assertEquals(
128 [ 'example.com', 'example.org', 'example.net' ],
129 TestingAccessWrapper::newFromClass( UploadFromUrl::class )->getAllowedHosts()
130 );
131
132 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://example.com' ) );
133 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://example.org' ) );
134 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://foo.example.com' ) );
135 }
136
137 public function testOnWikiDomainConfigDisabled() {
138 $this->overrideConfigValues( [
139 MainConfigNames::CopyUploadsDomains => [ 'example.com' ],
140 MainConfigNames::CopyUploadAllowOnWikiDomainConfig => false,
141 ] );
142
143 $mock = $this->createMock( MessageCache::class );
144 $mock->expects( $this->never() )->method( 'get' );
145 $this->setService( 'MessageCache', $mock );
146
147 $this->assertEquals(
148 [ 'example.com' ],
149 TestingAccessWrapper::newFromClass( UploadFromUrl::class )->getAllowedHosts()
150 );
151
152 $this->assertTrue( UploadFromUrl::isAllowedHost( 'https://example.com' ) );
153 $this->assertFalse( UploadFromUrl::isAllowedHost( 'https://example.org' ) );
154 }
155
156 /**
157 * @depends testClearQueue
158 */
159 public function testSetupUrlDownload( $data ) {
160 $token = $this->user->getEditToken();
161 $exception = false;
162
163 try {
164 $this->doApiRequest( [
165 'action' => 'upload',
166 ] );
167 } catch ( ApiUsageException $e ) {
168 $exception = true;
169 $this->assertApiErrorCode( 'missingparam', $e );
170 }
171 $this->assertTrue( $exception, "Got exception" );
172
173 $exception = false;
174 try {
175 $this->doApiRequest( [
176 'action' => 'upload',
177 'token' => $token,
178 ], $data );
179 } catch ( ApiUsageException $e ) {
180 $exception = true;
181 $this->assertApiErrorCode( 'missingparam', $e );
182 }
183 $this->assertTrue( $exception, "Got exception" );
184
185 $exception = false;
186 try {
187 $this->doApiRequest( [
188 'action' => 'upload',
189 'url' => 'http://www.example.com/test.png',
190 'token' => $token,
191 ], $data );
192 } catch ( ApiUsageException $e ) {
193 $exception = true;
194 $this->assertApiErrorCode( 'nofilename', $e );
195 }
196 $this->assertTrue( $exception, "Got exception" );
197
198 $this->getServiceContainer()->getUserGroupManager()->removeUserFromGroup( $this->user, 'sysop' );
199 $exception = false;
200 try {
201 $this->doApiRequest( [
202 'action' => 'upload',
203 'url' => 'http://www.example.com/test.png',
204 'filename' => 'UploadFromUrlTest.png',
205 'token' => $token,
206 ], $data );
207 } catch ( ApiUsageException $e ) {
208 $this->assertApiErrorCode( 'permissiondenied', $e );
209 $exception = true;
210 }
211 $this->assertTrue( $exception, "Got exception" );
212 }
213
214 private function assertUploadOk( UploadBase $upload ) {
215 $verificationResult = $upload->verifyUpload();
216
217 if ( $verificationResult['status'] !== UploadBase::OK ) {
218 $this->fail(
219 'Upload verification returned ' . $upload->getVerificationErrorCode(
220 $verificationResult['status']
221 )
222 );
223 }
224 }
225
226 /**
227 * @depends testClearQueue
228 */
229 public function testSyncDownload( $data ) {
230 $file = __DIR__ . '/../../data/upload/png-plain.png';
231 $this->installMockHttp( file_get_contents( $file ) );
232
233 $this->getServiceContainer()->getUserGroupManager()->addUserToGroup( $this->user, 'users' );
234 $data = $this->doApiRequestWithToken( [
235 'action' => 'upload',
236 'filename' => 'UploadFromUrlTest.png',
237 'url' => 'http://upload.wikimedia.org/wikipedia/mediawiki/b/bc/Wiki.png',
238 'ignorewarnings' => true,
239 ], $data );
240
241 $this->assertEquals( 'Success', $data[0]['upload']['result'] );
242 $this->deleteFile( 'UploadFromUrlTest.png' );
243
244 return $data;
245 }
246
247 protected function deleteFile( $name ) {
248 $t = Title::newFromText( $name, NS_FILE );
249 $this->assertTrue( $t->exists(), "File '$name' exists" );
250
251 if ( $t->exists() ) {
252 $file = $this->getServiceContainer()->getRepoGroup()
253 ->findFile( $name, [ 'ignoreRedirect' => true ] );
254 $empty = "";
255 FileDeleteForm::doDelete( $t, $file, $empty, "none", true, $this->user );
256 $page = $this->getServiceContainer()->getWikiPageFactory()->newFromTitle( $t );
257 $this->deletePage( $page );
258 }
259 $t = Title::newFromText( $name, NS_FILE );
260
261 $this->assertFalse( $t->exists(), "File '$name' was deleted" );
262 }
263
264 public function testUploadFromUrl() {
265 $file = __DIR__ . '/../../data/upload/png-plain.png';
266 $this->installMockHttp( file_get_contents( $file ) );
267
268 $upload = new UploadFromUrl();
269 $upload->initialize( 'Test.png', 'http://www.example.com/test.png' );
270 $status = $upload->fetchFile();
271
272 $this->assertStatusOK( $status );
273 $this->assertUploadOk( $upload );
274 }
275
276 public function testUploadFromUrlWithRedirect() {
277 $file = __DIR__ . '/../../data/upload/png-plain.png';
278 $this->installMockHttp( [
279 // First response is a redirect
280 $this->makeFakeHttpRequest(
281 'Blaba',
282 302,
283 [ 'Location' => 'http://static.example.com/files/test.png' ]
284 ),
285 // Second response is a file
286 $this->makeFakeHttpRequest(
287 file_get_contents( $file )
288 ),
289 ] );
290
291 $upload = new UploadFromUrl();
292 $upload->initialize( 'Test.png', 'http://www.example.com/test.png' );
293 $status = $upload->fetchFile();
294
295 $this->assertStatusOK( $status );
296 $this->assertUploadOk( $upload );
297 }
298
299 public function testUploadFromUrlCacheKey() {
300 // Test we get back a properly formatted sha1 key out
301 $key = UploadFromUrl::getCacheKey( [ 'filename' => 'test.png', 'url' => 'https://example.com/example.png' ] );
302 $this->assertNotEmpty( $key );
303 $this->assertMatchesRegularExpression( "/^[0-9a-f]{40}$/", $key );
304 }
305
306 public function testUploadFromUrlCacheKeyMissingParam() {
307 $this->assertSame( "", UploadFromUrl::getCacheKey( [] ) );
308 }
309
310 }
MediaWiki Core