}
}
- if ( $this->requiresUnblock() && $user->isBlocked() ) {
+ // If the action requires an unblock, explicitly check the user's block.
+ if ( $this->requiresUnblock() && $user->isBlockedFrom( $this->getTitle() ) ) {
$block = $user->getBlock();
- throw new UserBlockedError( $block );
+ if ( $block ) {
+ throw new UserBlockedError( $block );
+ }
+
+ throw new PermissionsError( $this->getName(), [ 'badaccess-group0' ] );
}
// This should be checked at the end so that the user won't think the
<?php
+use MediaWiki\Block\Restriction\PageRestriction;
+
/**
* @covers Action
*
'edit' => true,
'revisiondelete' => SpecialPageAction::class,
'dummy' => true,
+ 'access' => 'ControlledAccessDummyAction',
+ 'unblock' => 'RequiresUnblockDummyAction',
'string' => 'NamedDummyAction',
'declared' => 'NonExistingClassName',
'callable' => [ $this, 'dummyActionCallback' ],
return new CalledDummyAction( $context->getWikiPage(), $context );
}
+ public function testCanExecute() {
+ $user = $this->getTestUser()->getUser();
+ $user->mRights = [ 'access' ];
+ $action = Action::factory( 'access', $this->getPage(), $this->getContext() );
+ $this->assertNull( $action->canExecute( $user ) );
+ }
+
+ public function testCanExecuteNoRight() {
+ $user = $this->getTestUser()->getUser();
+ $user->mRights = [];
+ $action = Action::factory( 'access', $this->getPage(), $this->getContext() );
+
+ try {
+ $action->canExecute( $user );
+ } catch ( Exception $e ) {
+ $this->assertInstanceOf( PermissionsError::class, $e );
+ }
+ }
+
+ public function testCanExecuteRequiresUnblock() {
+ $user = $this->getTestUser()->getUser();
+ $user->mRights = [];
+
+ $page = $this->getExistingTestPage();
+ $action = Action::factory( 'unblock', $page, $this->getContext() );
+
+ $block = new Block( [
+ 'address' => $user,
+ 'by' => $this->getTestSysop()->getUser()->getId(),
+ 'expiry' => 'infinity',
+ 'sitewide' => false,
+ ] );
+ $block->setRestrictions( [
+ new PageRestriction( 0, $page->getTitle()->getArticleID() ),
+ ] );
+
+ $block->insert();
+
+ try {
+ $action->canExecute( $user );
+ } catch ( Exception $e ) {
+ $this->assertInstanceOf( UserBlockedError::class, $e );
+ }
+
+ $block->delete();
+ }
+
}
class DummyAction extends Action {
public function execute() {
}
+
+ public function canExecute( User $user ) {
+ return $this->checkCanExecute( $user );
+ }
}
class NamedDummyAction extends DummyAction {
class InstantiatedDummyAction extends DummyAction {
}
+
+class ControlledAccessDummyAction extends DummyAction {
+ public function getRestriction() {
+ return 'access';
+ }
+}
+
+class RequiresUnblockDummyAction extends DummyAction {
+ public function requiresUnblock() {
+ return true;
+ }
+}