tests/phpunit/includes/auth/CheckBlocksSecondaryAuthenticationProviderTest.php

   1 <?php
   2
   3 namespace MediaWiki\Auth;
   4
   5 /**
   6  * @group AuthManager
   7  * @group Database
   8  * @covers MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider
   9  */
  10 class CheckBlocksSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
  11         public function testConstructor() {
  12                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  13                 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
  14                 $config = new \HashConfig( [
  15                         'BlockDisablesLogin' => false
  16                 ] );
  17                 $provider->setConfig( $config );
  18                 $this->assertSame( false, $providerPriv->blockDisablesLogin );
  19
  20                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  21                         [ 'blockDisablesLogin' => true ]
  22                 );
  23                 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
  24                 $config = new \HashConfig( [
  25                         'BlockDisablesLogin' => false
  26                 ] );
  27                 $provider->setConfig( $config );
  28                 $this->assertSame( true, $providerPriv->blockDisablesLogin );
  29         }
  30
  31         public function testBasics() {
  32                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  33                 $user = \User::newFromName( 'UTSysop' );
  34
  35                 $this->assertEquals(
  36                         AuthenticationResponse::newAbstain(),
  37                         $provider->beginSecondaryAccountCreation( $user, $user, [] )
  38                 );
  39         }
  40
  41         /**
  42          * @dataProvider provideGetAuthenticationRequests
  43          * @param string $action
  44          * @param array $response
  45          */
  46         public function testGetAuthenticationRequests( $action, $response ) {
  47                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  48
  49                 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
  50         }
  51
  52         public static function provideGetAuthenticationRequests() {
  53                 return [
  54                         [ AuthManager::ACTION_LOGIN, [] ],
  55                         [ AuthManager::ACTION_CREATE, [] ],
  56                         [ AuthManager::ACTION_LINK, [] ],
  57                         [ AuthManager::ACTION_CHANGE, [] ],
  58                         [ AuthManager::ACTION_REMOVE, [] ],
  59                 ];
  60         }
  61
  62         private function getBlockedUser() {
  63                 $user = \User::newFromName( 'UTBlockee' );
  64                 if ( $user->getID() == 0 ) {
  65                         $user->addToDatabase();
  66                         \TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
  67                         $user->saveSettings();
  68                 }
  69                 $oldBlock = \Block::newFromTarget( 'UTBlockee' );
  70                 if ( $oldBlock ) {
  71                         // An old block will prevent our new one from saving.
  72                         $oldBlock->delete();
  73                 }
  74                 $blockOptions = [
  75                         'address' => 'UTBlockee',
  76                         'user' => $user->getID(),
  77                         'reason' => __METHOD__,
  78                         'expiry' => time() + 100500,
  79                         'createAccount' => true,
  80                 ];
  81                 $block = new \Block( $blockOptions );
  82                 $block->insert();
  83                 return $user;
  84         }
  85
  86         public function testBeginSecondaryAuthentication() {
  87                 $unblockedUser = \User::newFromName( 'UTSysop' );
  88                 $blockedUser = $this->getBlockedUser();
  89
  90                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  91                         [ 'blockDisablesLogin' => false ]
  92                 );
  93                 $this->assertEquals(
  94                         AuthenticationResponse::newAbstain(),
  95                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
  96                 );
  97                 $this->assertEquals(
  98                         AuthenticationResponse::newAbstain(),
  99                         $provider->beginSecondaryAuthentication( $blockedUser, [] )
 100                 );
 101
 102                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 103                         [ 'blockDisablesLogin' => true ]
 104                 );
 105                 $this->assertEquals(
 106                         AuthenticationResponse::newPass(),
 107                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 108                 );
 109                 $ret = $provider->beginSecondaryAuthentication( $blockedUser, [] );
 110                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 111         }
 112
 113         public function testTestUserForCreation() {
 114                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 115                         [ 'blockDisablesLogin' => false ]
 116                 );
 117                 $provider->setLogger( new \Psr\Log\NullLogger() );
 118                 $provider->setConfig( new \HashConfig() );
 119                 $provider->setManager( AuthManager::singleton() );
 120
 121                 $unblockedUser = \User::newFromName( 'UTSysop' );
 122                 $blockedUser = $this->getBlockedUser();
 123
 124                 $user = \User::newFromName( 'RandomUser' );
 125
 126                 $this->assertEquals(
 127                         \StatusValue::newGood(),
 128                         $provider->testUserForCreation( $unblockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION )
 129                 );
 130                 $this->assertEquals(
 131                         \StatusValue::newGood(),
 132                         $provider->testUserForCreation( $unblockedUser, false )
 133                 );
 134
 135                 $status = $provider->testUserForCreation( $blockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 136                 $this->assertInstanceOf( 'StatusValue', $status );
 137                 $this->assertFalse( $status->isOK() );
 138                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 139
 140                 $status = $provider->testUserForCreation( $blockedUser, false );
 141                 $this->assertInstanceOf( 'StatusValue', $status );
 142                 $this->assertFalse( $status->isOK() );
 143                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 144         }
 145
 146         public function testRangeBlock() {
 147                 $blockOptions = [
 148                         'address' => '127.0.0.0/24',
 149                         'reason' => __METHOD__,
 150                         'expiry' => time() + 100500,
 151                         'createAccount' => true,
 152                 ];
 153                 $block = new \Block( $blockOptions );
 154                 $block->insert();
 155                 $scopeVariable = new \Wikimedia\ScopedCallback( [ $block, 'delete' ] );
 156
 157                 $user = \User::newFromName( 'UTNormalUser' );
 158                 if ( $user->getID() == 0 ) {
 159                         $user->addToDatabase();
 160                         \TestUser::setPasswordForUser( $user, 'UTNormalUserPassword' );
 161                         $user->saveSettings();
 162                 }
 163                 $this->setMwGlobals( [ 'wgUser' => $user ] );
 164                 $newuser = \User::newFromName( 'RandomUser' );
 165
 166                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 167                         [ 'blockDisablesLogin' => true ]
 168                 );
 169                 $provider->setLogger( new \Psr\Log\NullLogger() );
 170                 $provider->setConfig( new \HashConfig() );
 171                 $provider->setManager( AuthManager::singleton() );
 172
 173                 $ret = $provider->beginSecondaryAuthentication( $user, [] );
 174                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 175
 176                 $status = $provider->testUserForCreation( $newuser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 177                 $this->assertInstanceOf( 'StatusValue', $status );
 178                 $this->assertFalse( $status->isOK() );
 179                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 180
 181                 $status = $provider->testUserForCreation( $newuser, false );
 182                 $this->assertInstanceOf( 'StatusValue', $status );
 183                 $this->assertFalse( $status->isOK() );
 184                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 185         }
 186 }