tests/phpunit/includes/auth/CheckBlocksSecondaryAuthenticationProviderTest.php

   1 <?php
   2
   3 namespace MediaWiki\Auth;
   4
   5 /**
   6  * @group AuthManager
   7  * @group Database
   8  * @covers MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider
   9  */
  10 class CheckBlocksSecondaryAuthenticationProviderTest extends \MediaWikiTestCase {
  11         protected function setUp() {
  12                 global $wgDisableAuthManager;
  13
  14                 parent::setUp();
  15                 if ( $wgDisableAuthManager ) {
  16                         $this->markTestSkipped( '$wgDisableAuthManager is set' );
  17                 }
  18         }
  19
  20         public function testConstructor() {
  21                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  22                 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
  23                 $config = new \HashConfig( [
  24                         'BlockDisablesLogin' => false
  25                 ] );
  26                 $provider->setConfig( $config );
  27                 $this->assertSame( false, $providerPriv->blockDisablesLogin );
  28
  29                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
  30                         [ 'blockDisablesLogin' => true ]
  31                 );
  32                 $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
  33                 $config = new \HashConfig( [
  34                         'BlockDisablesLogin' => false
  35                 ] );
  36                 $provider->setConfig( $config );
  37                 $this->assertSame( true, $providerPriv->blockDisablesLogin );
  38         }
  39
  40         public function testBasics() {
  41                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  42                 $user = \User::newFromName( 'UTSysop' );
  43
  44                 $this->assertEquals(
  45                         AuthenticationResponse::newAbstain(),
  46                         $provider->beginSecondaryAccountCreation( $user, $user, [] )
  47                 );
  48         }
  49
  50         /**
  51          * @dataProvider provideGetAuthenticationRequests
  52          * @param string $action
  53          * @param array $response
  54          */
  55         public function testGetAuthenticationRequests( $action, $response ) {
  56                 $provider = new CheckBlocksSecondaryAuthenticationProvider();
  57
  58                 $this->assertEquals( $response, $provider->getAuthenticationRequests( $action, [] ) );
  59         }
  60
  61         public static function provideGetAuthenticationRequests() {
  62                 return [
  63                         [ AuthManager::ACTION_LOGIN, [] ],
  64                         [ AuthManager::ACTION_CREATE, [] ],
  65                         [ AuthManager::ACTION_LINK, [] ],
  66                         [ AuthManager::ACTION_CHANGE, [] ],
  67                         [ AuthManager::ACTION_REMOVE, [] ],
  68                 ];
  69         }
  70
  71         private function getBlockedUser() {
  72                 $user = \User::newFromName( 'UTBlockee' );
  73                 if ( $user->getID() == 0 ) {
  74                         $user->addToDatabase();
  75                         \TestUser::setPasswordForUser( $user, 'UTBlockeePassword' );
  76                         $user->saveSettings();
  77                 }
  78                 $oldBlock = \Block::newFromTarget( 'UTBlockee' );
  79                 if ( $oldBlock ) {
  80                         // An old block will prevent our new one from saving.
  81                         $oldBlock->delete();
  82                 }
  83                 $blockOptions = [
  84                         'address' => 'UTBlockee',
  85                         'user' => $user->getID(),
  86                         'reason' => __METHOD__,
  87                         'expiry' => time() + 100500,
  88                         'createAccount' => true,
  89                 ];
  90                 $block = new \Block( $blockOptions );
  91                 $block->insert();
  92                 return $user;
  93         }
  94
  95         public function testBeginSecondaryAuthentication() {
  96                 $unblockedUser = \User::newFromName( 'UTSysop' );
  97                 $blockedUser = $this->getBlockedUser();
  98
  99                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 100                         [ 'blockDisablesLogin' => false ]
 101                 );
 102                 $this->assertEquals(
 103                         AuthenticationResponse::newAbstain(),
 104                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 105                 );
 106                 $this->assertEquals(
 107                         AuthenticationResponse::newAbstain(),
 108                         $provider->beginSecondaryAuthentication( $blockedUser, [] )
 109                 );
 110
 111                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 112                         [ 'blockDisablesLogin' => true ]
 113                 );
 114                 $this->assertEquals(
 115                         AuthenticationResponse::newPass(),
 116                         $provider->beginSecondaryAuthentication( $unblockedUser, [] )
 117                 );
 118                 $ret = $provider->beginSecondaryAuthentication( $blockedUser, [] );
 119                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 120         }
 121
 122         public function testTestUserForCreation() {
 123                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 124                         [ 'blockDisablesLogin' => false ]
 125                 );
 126                 $provider->setLogger( new \Psr\Log\NullLogger() );
 127                 $provider->setConfig( new \HashConfig() );
 128                 $provider->setManager( AuthManager::singleton() );
 129
 130                 $unblockedUser = \User::newFromName( 'UTSysop' );
 131                 $blockedUser = $this->getBlockedUser();
 132
 133                 $user = \User::newFromName( 'RandomUser' );
 134
 135                 $this->assertEquals(
 136                         \StatusValue::newGood(),
 137                         $provider->testUserForCreation( $unblockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION )
 138                 );
 139                 $this->assertEquals(
 140                         \StatusValue::newGood(),
 141                         $provider->testUserForCreation( $unblockedUser, false )
 142                 );
 143
 144                 $status = $provider->testUserForCreation( $blockedUser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 145                 $this->assertInstanceOf( 'StatusValue', $status );
 146                 $this->assertFalse( $status->isOK() );
 147                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 148
 149                 $status = $provider->testUserForCreation( $blockedUser, false );
 150                 $this->assertInstanceOf( 'StatusValue', $status );
 151                 $this->assertFalse( $status->isOK() );
 152                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
 153         }
 154
 155         public function testRangeBlock() {
 156                 $blockOptions = [
 157                         'address' => '127.0.0.0/24',
 158                         'reason' => __METHOD__,
 159                         'expiry' => time() + 100500,
 160                         'createAccount' => true,
 161                 ];
 162                 $block = new \Block( $blockOptions );
 163                 $block->insert();
 164                 $scopeVariable = new \ScopedCallback( [ $block, 'delete' ] );
 165
 166                 $user = \User::newFromName( 'UTNormalUser' );
 167                 if ( $user->getID() == 0 ) {
 168                         $user->addToDatabase();
 169                         \TestUser::setPasswordForUser( $user, 'UTNormalUserPassword' );
 170                         $user->saveSettings();
 171                 }
 172                 $this->setMwGlobals( [ 'wgUser' => $user ] );
 173                 $newuser = \User::newFromName( 'RandomUser' );
 174
 175                 $provider = new CheckBlocksSecondaryAuthenticationProvider(
 176                         [ 'blockDisablesLogin' => true ]
 177                 );
 178                 $provider->setLogger( new \Psr\Log\NullLogger() );
 179                 $provider->setConfig( new \HashConfig() );
 180                 $provider->setManager( AuthManager::singleton() );
 181
 182                 $ret = $provider->beginSecondaryAuthentication( $user, [] );
 183                 $this->assertEquals( AuthenticationResponse::FAIL, $ret->status );
 184
 185                 $status = $provider->testUserForCreation( $newuser, AuthManager::AUTOCREATE_SOURCE_SESSION );
 186                 $this->assertInstanceOf( 'StatusValue', $status );
 187                 $this->assertFalse( $status->isOK() );
 188                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 189
 190                 $status = $provider->testUserForCreation( $newuser, false );
 191                 $this->assertInstanceOf( 'StatusValue', $status );
 192                 $this->assertFalse( $status->isOK() );
 193                 $this->assertTrue( $status->hasMessage( 'cantcreateaccount-range-text' ) );
 194         }
 195 }