use MediaWiki\Auth\AuthManager;
use MediaWiki\Block\DatabaseBlock;
+use MediaWiki\Block\CompositeBlock;
use MediaWiki\Block\SystemBlock;
+use MediaWiki\Config\ServiceOptions;
+use MediaWiki\Permissions\PermissionManager;
+use Psr\Log\NullLogger;
+use Wikimedia\Rdbms\ILoadBalancer;
/**
* @covers PasswordReset
* @group Database
*/
class PasswordResetTest extends MediaWikiTestCase {
+ private function makeConfig( $enableEmail, array $passwordResetRoutes = [] ) {
+ $hash = new HashConfig( [
+ 'EnableEmail' => $enableEmail,
+ 'PasswordResetRoutes' => $passwordResetRoutes,
+ ] );
+
+ return new ServiceOptions( PasswordReset::$constructorOptions, $hash );
+ }
+
/**
* @dataProvider provideIsAllowed
*/
public function testIsAllowed( $passwordResetRoutes, $enableEmail,
$allowsAuthenticationDataChange, $canEditPrivate, $block, $globalBlock, $isAllowed
) {
- $config = new HashConfig( [
- 'PasswordResetRoutes' => $passwordResetRoutes,
- 'EnableEmail' => $enableEmail,
- ] );
+ $config = $this->makeConfig( $enableEmail, $passwordResetRoutes );
$authManager = $this->getMockBuilder( AuthManager::class )->disableOriginalConstructor()
->getMock();
$user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
$user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
$user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
- $user->expects( $this->any() )->method( 'isAllowed' )
- ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
- if ( $perm === 'editmyprivateinfo' ) {
- return $canEditPrivate;
- } else {
- $this->fail( 'Unexpected permission check' );
- }
- } ) );
- $passwordReset = new PasswordReset( $config, $authManager );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->method( 'userHasRight' )
+ ->with( $user, 'editmyprivateinfo' )
+ ->willReturn( $canEditPrivate );
+
+ $loadBalancer = $this->getMockBuilder( ILoadBalancer::class )->getMock();
+
+ $passwordReset = new PasswordReset(
+ $config,
+ $authManager,
+ $permissionManager,
+ $loadBalancer,
+ new NullLogger()
+ );
$this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
}
'globalBlock' => null,
'isAllowed' => false,
],
+ 'blocked with multiple blocks, all allowing password reset' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => new CompositeBlock( [
+ 'originalBlocks' => [
+ new SystemBlock( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
+ new Block( [] ),
+ ]
+ ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => true,
+ ],
+ 'blocked with multiple blocks, not all allowing password reset' => [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'block' => new CompositeBlock( [
+ 'originalBlocks' => [
+ new SystemBlock( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
+ new SystemBlock( [ 'systemBlock' => 'proxy' ] ),
+ ]
+ ] ),
+ 'globalBlock' => null,
+ 'isAllowed' => false,
+ ],
'all OK' => [
'passwordResetRoutes' => [ 'username' => true ],
'enableEmail' => true,
}
public function testExecute_email() {
- $config = new HashConfig( [
- 'PasswordResetRoutes' => [ 'username' => true, 'email' => true ],
- 'EnableEmail' => true,
- ] );
+ $config = $this->makeConfig( true, [ 'username' => true, 'email' => true ] );
// Unregister the hooks for proper unit testing
$this->mergeMwGlobalArrayValue( 'wgHooks', [
->willReturn( Status::newGood() );
$authManager->expects( $this->exactly( 2 ) )->method( 'changeAuthenticationData' );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->method( 'userHasRight' )->willReturn( true );
+
+ $loadBalancer = $this->getMockBuilder( ILoadBalancer::class )
+ ->getMock();
+
$request = new FauxRequest();
$request->setIP( '1.2.3.4' );
$performingUser = $this->getMockBuilder( User::class )->getMock();
$performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
- $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
$performingUser->expects( $this->any() )->method( 'getName' )->willReturn( 'Performer' );
+ $permissionManager = $this->getMockBuilder( PermissionManager::class )
+ ->disableOriginalConstructor()
+ ->getMock();
+ $permissionManager->expects( $this->once() )
+ ->method( 'userHasRight' )
+ ->with( $performingUser, 'editmyprivateinfo' )
+ ->willReturn( true );
+
$targetUser1 = $this->getMockBuilder( User::class )->getMock();
$targetUser2 = $this->getMockBuilder( User::class )->getMock();
$targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
$targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
$passwordReset = $this->getMockBuilder( PasswordReset::class )
- ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
+ ->setMethods( [ 'getUsersByEmail' ] )
+ ->setConstructorArgs( [
+ $config,
+ $authManager,
+ $permissionManager,
+ $loadBalancer,
+ new NullLogger()
+ ] )
->getMock();
$passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
->willReturn( [ $targetUser1, $targetUser2 ] );