'ChannelFeed' => __DIR__ . '/includes/changes/ChannelFeed.php',
'CheckBadRedirects' => __DIR__ . '/maintenance/checkBadRedirects.php',
'CheckComposerLockUpToDate' => __DIR__ . '/maintenance/checkComposerLockUpToDate.php',
+ 'CheckDependencies' => __DIR__ . '/maintenance/checkDependencies.php',
'CheckExtensionsCLI' => __DIR__ . '/maintenance/language/checkLanguage.inc',
'CheckImages' => __DIR__ . '/maintenance/checkImages.php',
'CheckLanguageCLI' => __DIR__ . '/maintenance/language/checkLanguage.inc',
// that starts with "#". Before PHP 7 (and still on HHVM) substr() would
// return false if the start offset is the end of the string.
// On PHP 7+, it gracefully returns empty string instead.
- if ( $section === false ) {
- $section = '';
- }
- if ( $local ) {
- $sectionTitle = new TitleValue( NS_MAIN, '', $section );
- } else {
- $sectionTitle = $title->createFragmentTarget( $section );
- }
- if ( $sectionTitle ) {
+ if ( $section !== '' && $section !== false ) {
+ if ( $local ) {
+ $sectionTitle = new TitleValue( NS_MAIN, '', $section );
+ } else {
+ $sectionTitle = $title->createFragmentTarget( $section );
+ }
$auto = Linker::makeCommentLink(
- $sectionTitle, $wgLang->getArrow() . $wgLang->getDirMark() . $sectionText,
- $wikiId, 'noclasses'
+ $sectionTitle,
+ $wgLang->getArrow() . $wgLang->getDirMark() . $sectionText,
+ $wikiId,
+ 'noclasses'
);
}
}
use Action;
use Exception;
+use FatalError;
use Hooks;
use MediaWiki\Linker\LinkTarget;
-use MediaWiki\Session\SessionManager;
use MediaWiki\Special\SpecialPageFactory;
-use MediaWiki\User\UserIdentity;
use MessageSpecifier;
+use MWException;
use NamespaceInfo;
use RequestContext;
use SpecialPage;
/** @var NamespaceInfo */
private $nsInfo;
- /** @var string[][] Access rights for groups and users in these groups */
- private $groupPermissions;
-
- /** @var string[][] Permission keys revoked from users in each group */
- private $revokePermissions;
-
- /** @var string[] A list of available rights, in addition to the ones defined by the core */
- private $availableRights;
-
- /** @var string[] Cached results of getAllRights() */
- private $allRights = false;
-
- /** @var string[][] Cached user rights */
- private $usersRights = null;
-
- /** @var string[] Cached rights for isEveryoneAllowed */
- private $cachedRights = [];
-
- /**
- * Array of Strings Core rights.
- * Each of these should have a corresponding message of the form
- * "right-$right".
- * @showinitializer
- */
- private $coreRights = [
- 'apihighlimits',
- 'applychangetags',
- 'autoconfirmed',
- 'autocreateaccount',
- 'autopatrol',
- 'bigdelete',
- 'block',
- 'blockemail',
- 'bot',
- 'browsearchive',
- 'changetags',
- 'createaccount',
- 'createpage',
- 'createtalk',
- 'delete',
- 'deletechangetags',
- 'deletedhistory',
- 'deletedtext',
- 'deletelogentry',
- 'deleterevision',
- 'edit',
- 'editcontentmodel',
- 'editinterface',
- 'editprotected',
- 'editmyoptions',
- 'editmyprivateinfo',
- 'editmyusercss',
- 'editmyuserjson',
- 'editmyuserjs',
- 'editmywatchlist',
- 'editsemiprotected',
- 'editsitecss',
- 'editsitejson',
- 'editsitejs',
- 'editusercss',
- 'edituserjson',
- 'edituserjs',
- 'hideuser',
- 'import',
- 'importupload',
- 'ipblock-exempt',
- 'managechangetags',
- 'markbotedits',
- 'mergehistory',
- 'minoredit',
- 'move',
- 'movefile',
- 'move-categorypages',
- 'move-rootuserpages',
- 'move-subpages',
- 'nominornewtalk',
- 'noratelimit',
- 'override-export-depth',
- 'pagelang',
- 'patrol',
- 'patrolmarks',
- 'protect',
- 'purge',
- 'read',
- 'reupload',
- 'reupload-own',
- 'reupload-shared',
- 'rollback',
- 'sendemail',
- 'siteadmin',
- 'suppressionlog',
- 'suppressredirect',
- 'suppressrevision',
- 'unblockself',
- 'undelete',
- 'unwatchedpages',
- 'upload',
- 'upload_by_url',
- 'userrights',
- 'userrights-interwiki',
- 'viewmyprivateinfo',
- 'viewmywatchlist',
- 'viewsuppressed',
- 'writeapi',
- ];
-
/**
* @param SpecialPageFactory $specialPageFactory
* @param string[] $whitelistRead
* @param string[] $whitelistReadRegexp
* @param bool $emailConfirmToEdit
* @param bool $blockDisablesLogin
- * @param string[][] $groupPermissions
- * @param string[][] $revokePermissions
- * @param string[] $availableRights
* @param NamespaceInfo $nsInfo
*/
public function __construct(
$whitelistReadRegexp,
$emailConfirmToEdit,
$blockDisablesLogin,
- $groupPermissions,
- $revokePermissions,
- $availableRights,
NamespaceInfo $nsInfo
) {
$this->specialPageFactory = $specialPageFactory;
$this->whitelistReadRegexp = $whitelistReadRegexp;
$this->emailConfirmToEdit = $emailConfirmToEdit;
$this->blockDisablesLogin = $blockDisablesLogin;
- $this->groupPermissions = $groupPermissions;
- $this->revokePermissions = $revokePermissions;
- $this->availableRights = $availableRights;
$this->nsInfo = $nsInfo;
}
* - RIGOR_SECURE : does cheap and expensive checks, using the master as needed
*
* @return bool
+ * @throws Exception
*/
public function userCan( $action, User $user, LinkTarget $page, $rigor = self::RIGOR_SECURE ) {
return !count( $this->getPermissionErrorsInternal( $action, $user, $page, $rigor, true ) );
* whose corresponding errors may be ignored.
*
* @return array Array of arrays of the arguments to wfMessage to explain permissions problems.
+ * @throws Exception
*/
public function getPermissionErrors(
$action,
* @param bool $fromReplica Whether to check the replica DB instead of the master
*
* @return bool
+ * @throws FatalError
+ * @throws MWException
*/
public function isBlockedFrom( User $user, LinkTarget $page, $fromReplica = false ) {
$blocked = $user->isHidden();
* @param LinkTarget $page
*
* @return array List of errors
+ * @throws FatalError
+ * @throws MWException
*/
private function checkPermissionHooks(
$action,
* @param LinkTarget $page
*
* @return array List of errors
+ * @throws FatalError
+ * @throws MWException
*/
private function checkReadPermissions(
$action,
* @param LinkTarget $page
*
* @return array List of errors
+ * @throws MWException
*/
private function checkUserBlock(
$action,
* @param LinkTarget $page
*
* @return array List of errors
+ * @throws FatalError
+ * @throws MWException
*/
private function checkQuickPermissions(
$action,
}
if ( $right != '' && !$user->isAllowedAll( 'protect', $right ) ) {
$wikiPages = '';
- /** @var Title $wikiPage */
foreach ( $cascadingSources as $wikiPage ) {
$wikiPages .= '* [[:' . $wikiPage->getPrefixedText() . "]]\n";
}
* @param LinkTarget $page
*
* @return array List of errors
+ * @throws Exception
*/
private function checkActionPermissions(
$action,
return $errors;
}
- /**
- * Testing a permission
- *
- * @since 1.34
- *
- * @param UserIdentity $user
- * @param string $action
- *
- * @return bool
- */
- public function userHasRight( UserIdentity $user, $action = '' ) {
- if ( $action === '' ) {
- return true; // In the spirit of DWIM
- }
- // Use strict parameter to avoid matching numeric 0 accidentally inserted
- // by misconfiguration: 0 == 'foo'
- return in_array( $action, $this->getUserPermissions( $user ), true );
- }
-
- /**
- * Get the permissions this user has.
- *
- * @since 1.34
- *
- * @param UserIdentity $user
- *
- * @return string[] permission names
- */
- public function getUserPermissions( UserIdentity $user ) {
- $user = User::newFromIdentity( $user );
- if ( !isset( $this->usersRights[ $user->getId() ] ) ) {
- $this->usersRights[ $user->getId() ] = $this->getGroupPermissions(
- $user->getEffectiveGroups()
- );
- Hooks::run( 'UserGetRights', [ $user, &$this->usersRights[ $user->getId() ] ] );
-
- // Deny any rights denied by the user's session, unless this
- // endpoint has no sessions.
- if ( !defined( 'MW_NO_SESSION' ) ) {
- // FIXME: $user->getRequest().. need to be replaced with something else
- $allowedRights = $user->getRequest()->getSession()->getAllowedUserRights();
- if ( $allowedRights !== null ) {
- $this->usersRights[ $user->getId() ] = array_intersect(
- $this->usersRights[ $user->getId() ],
- $allowedRights
- );
- }
- }
-
- Hooks::run( 'UserGetRightsRemove', [ $user, &$this->usersRights[ $user->getId() ] ] );
- // Force reindexation of rights when a hook has unset one of them
- $this->usersRights[ $user->getId() ] = array_values(
- array_unique( $this->usersRights[ $user->getId() ] )
- );
-
- if (
- $user->isLoggedIn() &&
- $this->blockDisablesLogin &&
- $user->getBlock()
- ) {
- $anon = new User;
- $this->usersRights[ $user->getId() ] = array_intersect(
- $this->usersRights[ $user->getId() ],
- $this->getUserPermissions( $anon )
- );
- }
- }
- return $this->usersRights[ $user->getId() ];
- }
-
- /**
- * Clears users permissions cache, if specific user is provided it tries to clear
- * permissions cache only for provided user.
- *
- * @since 1.34
- *
- * @param User|null $user
- */
- public function invalidateUsersRightsCache( $user = null ) {
- if ( $user !== null ) {
- if ( isset( $this->usersRights[ $user->getId() ] ) ) {
- unset( $this->usersRights[$user->getId()] );
- }
- } else {
- $this->usersRights = null;
- }
- }
-
- /**
- * Check, if the given group has the given permission
- *
- * If you're wanting to check whether all users have a permission, use
- * PermissionManager::isEveryoneAllowed() instead. That properly checks if it's revoked
- * from anyone.
- *
- * @since 1.34
- *
- * @param string $group Group to check
- * @param string $role Role to check
- *
- * @return bool
- */
- public function groupHasPermission( $group, $role ) {
- return isset( $this->groupPermissions[$group][$role] ) &&
- $this->groupPermissions[$group][$role] &&
- !( isset( $this->revokePermissions[$group][$role] ) &&
- $this->revokePermissions[$group][$role] );
- }
-
- /**
- * Get the permissions associated with a given list of groups
- *
- * @since 1.34
- *
- * @param array $groups Array of Strings List of internal group names
- * @return array Array of Strings List of permission key names for given groups combined
- */
- public function getGroupPermissions( $groups ) {
- $rights = [];
- // grant every granted permission first
- foreach ( $groups as $group ) {
- if ( isset( $this->groupPermissions[$group] ) ) {
- $rights = array_merge( $rights,
- // array_filter removes empty items
- array_keys( array_filter( $this->groupPermissions[$group] ) ) );
- }
- }
- // now revoke the revoked permissions
- foreach ( $groups as $group ) {
- if ( isset( $this->revokePermissions[$group] ) ) {
- $rights = array_diff( $rights,
- array_keys( array_filter( $this->revokePermissions[$group] ) ) );
- }
- }
- return array_unique( $rights );
- }
-
- /**
- * Get all the groups who have a given permission
- *
- * @since 1.34
- *
- * @param string $role Role to check
- * @return array Array of Strings List of internal group names with the given permission
- */
- public function getGroupsWithPermission( $role ) {
- $allowedGroups = [];
- foreach ( array_keys( $this->groupPermissions ) as $group ) {
- if ( $this->groupHasPermission( $group, $role ) ) {
- $allowedGroups[] = $group;
- }
- }
- return $allowedGroups;
- }
-
- /**
- * Check if all users may be assumed to have the given permission
- *
- * We generally assume so if the right is granted to '*' and isn't revoked
- * on any group. It doesn't attempt to take grants or other extension
- * limitations on rights into account in the general case, though, as that
- * would require it to always return false and defeat the purpose.
- * Specifically, session-based rights restrictions (such as OAuth or bot
- * passwords) are applied based on the current session.
- *
- * @param string $right Right to check
- *
- * @return bool
- * @since 1.34
- */
- public function isEveryoneAllowed( $right ) {
- // Use the cached results, except in unit tests which rely on
- // being able change the permission mid-request
- if ( isset( $this->cachedRights[$right] ) ) {
- return $this->cachedRights[$right];
- }
-
- if ( !isset( $this->groupPermissions['*'][$right] )
- || !$this->groupPermissions['*'][$right] ) {
- $this->cachedRights[$right] = false;
- return false;
- }
-
- // If it's revoked anywhere, then everyone doesn't have it
- foreach ( $this->revokePermissions as $rights ) {
- if ( isset( $rights[$right] ) && $rights[$right] ) {
- $this->cachedRights[$right] = false;
- return false;
- }
- }
-
- // Remove any rights that aren't allowed to the global-session user,
- // unless there are no sessions for this endpoint.
- if ( !defined( 'MW_NO_SESSION' ) ) {
-
- // XXX: think what could be done with the below
- $allowedRights = SessionManager::getGlobalSession()->getAllowedUserRights();
- if ( $allowedRights !== null && !in_array( $right, $allowedRights, true ) ) {
- $this->cachedRights[$right] = false;
- return false;
- }
- }
-
- // Allow extensions to say false
- if ( !Hooks::run( 'UserIsEveryoneAllowed', [ $right ] ) ) {
- $this->cachedRights[$right] = false;
- return false;
- }
-
- $this->cachedRights[$right] = true;
- return true;
- }
-
- /**
- * Get a list of all available permissions.
- *
- * @since 1.34
- *
- * @return string[] Array of permission names
- */
- public function getAllPermissions() {
- if ( $this->allRights === false ) {
- if ( count( $this->availableRights ) ) {
- $this->allRights = array_unique( array_merge(
- $this->coreRights,
- $this->availableRights
- ) );
- } else {
- $this->allRights = $this->coreRights;
- }
- Hooks::run( 'UserGetAllRights', [ &$this->allRights ] );
- }
- return $this->allRights;
- }
-
- /**
- * Overrides user permissions cache
- *
- * @since 1.34
- *
- * @param User $user
- * @param string[]|string $rights
- *
- * @throws Exception
- */
- public function overrideUserRightsForTesting( $user, $rights = [] ) {
- if ( !defined( 'MW_PHPUNIT_TEST' ) ) {
- throw new Exception( __METHOD__ . ' can not be called outside of tests' );
- }
- $this->usersRights[ $user->getId() ] = is_array( $rights ) ? $rights : [ $rights ];
- }
-
}
$config->get( 'WhitelistReadRegexp' ),
$config->get( 'EmailConfirmToEdit' ),
$config->get( 'BlockDisablesLogin' ),
- $config->get( 'GroupPermissions' ),
- $config->get( 'RevokePermissions' ),
- $config->get( 'AvailableRights' ),
$services->getNamespaceInfo()
);
},
// Connection was made but later unrecoverably lost for some reason.
// Do not return a handle that will just throw exceptions on use,
// but let the calling code (e.g. getReaderIndex) try another server.
- // See DatabaseMyslBase::ping() for how this can happen.
+ // See DatabaseMysqlBase::ping() for how this can happen.
$this->errorConnection = $conn;
$conn = false;
}
$limitReport .= 'Dynamic content: ' .
( $this->mOutput->hasDynamicContent() ? 'true' : 'false' ) .
"\n";
+ $limitReport .= 'Complications: [' . implode( ', ', $this->mOutput->getAllFlags() ) . "]\n";
foreach ( $this->mOutput->getLimitReportData() as $key => $value ) {
if ( Hooks::run( 'ParserLimitReportFormat',
}
/**
- * Fairly generic flag setter thingy.
+ * Attach a flag to the output so that it can be checked later to handle special cases
+ *
* @param string $flag
*/
public function setFlag( $flag ) {
$this->mFlags[$flag] = true;
}
+ /**
+ * @param string $flag
+ * @return bool Whether the given flag was set to signify a special case
+ */
public function getFlag( $flag ) {
return isset( $this->mFlags[$flag] );
}
+ /**
+ * @return string[] List of flags signifying special cases
+ * @since 1.34
+ */
+ public function getAllFlags() {
+ return array_keys( $this->mFlags );
+ }
+
/**
* Set a property to be stored in the page_props database table.
*
'mActorId',
];
+ /**
+ * Array of Strings Core rights.
+ * Each of these should have a corresponding message of the form
+ * "right-$right".
+ * @showinitializer
+ */
+ protected static $mCoreRights = [
+ 'apihighlimits',
+ 'applychangetags',
+ 'autoconfirmed',
+ 'autocreateaccount',
+ 'autopatrol',
+ 'bigdelete',
+ 'block',
+ 'blockemail',
+ 'bot',
+ 'browsearchive',
+ 'changetags',
+ 'createaccount',
+ 'createpage',
+ 'createtalk',
+ 'delete',
+ 'deletechangetags',
+ 'deletedhistory',
+ 'deletedtext',
+ 'deletelogentry',
+ 'deleterevision',
+ 'edit',
+ 'editcontentmodel',
+ 'editinterface',
+ 'editprotected',
+ 'editmyoptions',
+ 'editmyprivateinfo',
+ 'editmyusercss',
+ 'editmyuserjson',
+ 'editmyuserjs',
+ 'editmywatchlist',
+ 'editsemiprotected',
+ 'editsitecss',
+ 'editsitejson',
+ 'editsitejs',
+ 'editusercss',
+ 'edituserjson',
+ 'edituserjs',
+ 'hideuser',
+ 'import',
+ 'importupload',
+ 'ipblock-exempt',
+ 'managechangetags',
+ 'markbotedits',
+ 'mergehistory',
+ 'minoredit',
+ 'move',
+ 'movefile',
+ 'move-categorypages',
+ 'move-rootuserpages',
+ 'move-subpages',
+ 'nominornewtalk',
+ 'noratelimit',
+ 'override-export-depth',
+ 'pagelang',
+ 'patrol',
+ 'patrolmarks',
+ 'protect',
+ 'purge',
+ 'read',
+ 'reupload',
+ 'reupload-own',
+ 'reupload-shared',
+ 'rollback',
+ 'sendemail',
+ 'siteadmin',
+ 'suppressionlog',
+ 'suppressredirect',
+ 'suppressrevision',
+ 'unblockself',
+ 'undelete',
+ 'unwatchedpages',
+ 'upload',
+ 'upload_by_url',
+ 'userrights',
+ 'userrights-interwiki',
+ 'viewmyprivateinfo',
+ 'viewmywatchlist',
+ 'viewsuppressed',
+ 'writeapi',
+ ];
+
/**
* String Cached results of getAllRights()
*/
public $mBlockedby;
/** @var string */
protected $mHash;
+ /** @var array */
+ public $mRights;
/** @var string */
protected $mBlockreason;
/** @var array */
return (string)$this->getName();
}
- public function __get( $name ) {
- // A shortcut for $mRights deprecation phase
- if ( $name === 'mRights' ) {
- return $this->getRights();
- }
- }
-
- public function __set( $name, $value ) {
- // A shortcut for $mRights deprecation phase, only known legitimate use was for
- // testing purposes, other uses seem bad in principle
- if ( $name === 'mRights' ) {
- MediaWikiServices::getInstance()->getPermissionManager()->overrideUserRightsForTesting(
- $this,
- is_null( $value ) ? [] : $value
- );
- }
- }
-
/**
* Test if it's safe to load this User object.
*
* given source. May be "name", "id", "actor", "defaults", "session", or false for no reload.
*/
public function clearInstanceCache( $reloadFrom = false ) {
- global $wgFullyInitialised;
-
$this->mNewtalk = -1;
$this->mDatePreference = null;
$this->mBlockedby = -1; # Unset
$this->mHash = false;
+ $this->mRights = null;
$this->mEffectiveGroups = null;
$this->mImplicitGroups = null;
$this->mGroupMemberships = null;
$this->mOptionsLoaded = false;
$this->mEditCount = null;
- // Replacement of former `$this->mRights = null` line
- if ( $wgFullyInitialised && $this->mFrom ) {
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache(
- $this
- );
- }
-
if ( $reloadFrom ) {
$this->mLoadedItems = [];
$this->mFrom = $reloadFrom;
* @param Title $title Title to check
* @param bool $fromReplica Whether to check the replica DB instead of the master
* @return bool
+ * @throws MWException
*
* @deprecated since 1.33,
* use MediaWikiServices::getInstance()->getPermissionManager()->isBlockedFrom(..)
/**
* Get the permissions this user has.
* @return string[] permission names
- *
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->getUserPermissions(..) instead
- *
*/
public function getRights() {
- return MediaWikiServices::getInstance()->getPermissionManager()->getUserPermissions( $this );
+ if ( is_null( $this->mRights ) ) {
+ $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
+ Hooks::run( 'UserGetRights', [ $this, &$this->mRights ] );
+
+ // Deny any rights denied by the user's session, unless this
+ // endpoint has no sessions.
+ if ( !defined( 'MW_NO_SESSION' ) ) {
+ $allowedRights = $this->getRequest()->getSession()->getAllowedUserRights();
+ if ( $allowedRights !== null ) {
+ $this->mRights = array_intersect( $this->mRights, $allowedRights );
+ }
+ }
+
+ Hooks::run( 'UserGetRightsRemove', [ $this, &$this->mRights ] );
+ // Force reindexation of rights when a hook has unset one of them
+ $this->mRights = array_values( array_unique( $this->mRights ) );
+
+ // If block disables login, we should also remove any
+ // extra rights blocked users might have, in case the
+ // blocked user has a pre-existing session (T129738).
+ // This is checked here for cases where people only call
+ // $user->isAllowed(). It is also checked in Title::checkUserBlock()
+ // to give a better error message in the common case.
+ $config = RequestContext::getMain()->getConfig();
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
+ if (
+ $this->isLoggedIn() &&
+ $config->get( 'BlockDisablesLogin' ) &&
+ $this->getBlock()
+ ) {
+ $anon = new User;
+ $this->mRights = array_intersect( $this->mRights, $anon->getRights() );
+ }
+ }
+ return $this->mRights;
}
/**
// Refresh the groups caches, and clear the rights cache so it will be
// refreshed on the next call to $this->getRights().
$this->getEffectiveGroups( true );
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache( $this );
+ $this->mRights = null;
+
$this->invalidateCache();
return true;
// Refresh the groups caches, and clear the rights cache so it will be
// refreshed on the next call to $this->getRights().
$this->getEffectiveGroups( true );
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache( $this );
+ $this->mRights = null;
+
$this->invalidateCache();
return true;
/**
* Internal mechanics of testing a permission
- *
- * @deprecated since 1.34, use MediaWikiServices::getInstance()
- * ->getPermissionManager()->userHasRight(...) instead
- *
* @param string $action
- *
* @return bool
*/
public function isAllowed( $action = '' ) {
- return MediaWikiServices::getInstance()->getPermissionManager()
- ->userHasRight( $this, $action );
+ if ( $action === '' ) {
+ return true; // In the spirit of DWIM
+ }
+ // Use strict parameter to avoid matching numeric 0 accidentally inserted
+ // by misconfiguration: 0 == 'foo'
+ return in_array( $action, $this->getRights(), true );
}
/**
/**
* Get the permissions associated with a given list of groups
*
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->getGroupPermissions() instead
- *
* @param array $groups Array of Strings List of internal group names
* @return array Array of Strings List of permission key names for given groups combined
*/
public static function getGroupPermissions( $groups ) {
- return MediaWikiServices::getInstance()->getPermissionManager()->getGroupPermissions( $groups );
+ global $wgGroupPermissions, $wgRevokePermissions;
+ $rights = [];
+ // grant every granted permission first
+ foreach ( $groups as $group ) {
+ if ( isset( $wgGroupPermissions[$group] ) ) {
+ $rights = array_merge( $rights,
+ // array_filter removes empty items
+ array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
+ }
+ }
+ // now revoke the revoked permissions
+ foreach ( $groups as $group ) {
+ if ( isset( $wgRevokePermissions[$group] ) ) {
+ $rights = array_diff( $rights,
+ array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
+ }
+ }
+ return array_unique( $rights );
}
/**
* Get all the groups who have a given permission
*
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->getGroupsWithPermission() instead
- *
* @param string $role Role to check
* @return array Array of Strings List of internal group names with the given permission
*/
public static function getGroupsWithPermission( $role ) {
- return MediaWikiServices::getInstance()->getPermissionManager()->getGroupsWithPermission( $role );
+ global $wgGroupPermissions;
+ $allowedGroups = [];
+ foreach ( array_keys( $wgGroupPermissions ) as $group ) {
+ if ( self::groupHasPermission( $group, $role ) ) {
+ $allowedGroups[] = $group;
+ }
+ }
+ return $allowedGroups;
}
/**
* User::isEveryoneAllowed() instead. That properly checks if it's revoked
* from anyone.
*
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->groupHasPermission(..) instead
- *
* @since 1.21
* @param string $group Group to check
* @param string $role Role to check
* @return bool
*/
public static function groupHasPermission( $group, $role ) {
- return MediaWikiServices::getInstance()->getPermissionManager()
- ->groupHasPermission( $group, $role );
+ global $wgGroupPermissions, $wgRevokePermissions;
+ return isset( $wgGroupPermissions[$group][$role] ) && $wgGroupPermissions[$group][$role]
+ && !( isset( $wgRevokePermissions[$group][$role] ) && $wgRevokePermissions[$group][$role] );
}
/**
* Specifically, session-based rights restrictions (such as OAuth or bot
* passwords) are applied based on the current session.
*
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->isEveryoneAllowed() instead
- *
+ * @since 1.22
* @param string $right Right to check
- *
* @return bool
- * @since 1.22
*/
public static function isEveryoneAllowed( $right ) {
- return MediaWikiServices::getInstance()->getPermissionManager()->isEveryoneAllowed( $right );
+ global $wgGroupPermissions, $wgRevokePermissions;
+ static $cache = [];
+
+ // Use the cached results, except in unit tests which rely on
+ // being able change the permission mid-request
+ if ( isset( $cache[$right] ) && !defined( 'MW_PHPUNIT_TEST' ) ) {
+ return $cache[$right];
+ }
+
+ if ( !isset( $wgGroupPermissions['*'][$right] ) || !$wgGroupPermissions['*'][$right] ) {
+ $cache[$right] = false;
+ return false;
+ }
+
+ // If it's revoked anywhere, then everyone doesn't have it
+ foreach ( $wgRevokePermissions as $rights ) {
+ if ( isset( $rights[$right] ) && $rights[$right] ) {
+ $cache[$right] = false;
+ return false;
+ }
+ }
+
+ // Remove any rights that aren't allowed to the global-session user,
+ // unless there are no sessions for this endpoint.
+ if ( !defined( 'MW_NO_SESSION' ) ) {
+ $allowedRights = SessionManager::getGlobalSession()->getAllowedUserRights();
+ if ( $allowedRights !== null && !in_array( $right, $allowedRights, true ) ) {
+ $cache[$right] = false;
+ return false;
+ }
+ }
+
+ // Allow extensions to say false
+ if ( !Hooks::run( 'UserIsEveryoneAllowed', [ $right ] ) ) {
+ $cache[$right] = false;
+ return false;
+ }
+
+ $cache[$right] = true;
+ return true;
}
/**
/**
* Get a list of all available permissions.
- *
- * @deprecated since 1.34, use MediaWikiServices::getInstance()->getPermissionManager()
- * ->getAllPermissions() instead
- *
* @return string[] Array of permission names
*/
public static function getAllRights() {
- return MediaWikiServices::getInstance()->getPermissionManager()->getAllPermissions();
+ if ( self::$mAllRights === false ) {
+ global $wgAvailableRights;
+ if ( count( $wgAvailableRights ) ) {
+ self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
+ } else {
+ self::$mAllRights = self::$mCoreRights;
+ }
+ Hooks::run( 'UserGetAllRights', [ &self::$mAllRights ] );
+ }
+ return self::$mAllRights;
}
/**
--- /dev/null
+<?php
+/**
+ * (C) 2019 Kunal Mehta <legoktm@member.fsf.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ */
+
+require_once __DIR__ . '/Maintenance.php';
+
+/**
+ * Checks dependencies for extensions, mostly without loading them
+ *
+ * @since 1.34
+ */
+class CheckDependencies extends Maintenance {
+
+ private $checkDev;
+
+ public function __construct() {
+ parent::__construct();
+ $this->addDescription( 'Check dependencies for extensions' );
+ $this->addOption( 'extensions', 'Comma separated list of extensions to check', false, true );
+ $this->addOption( 'skins', 'Comma separated list of skins to check', false, true );
+ $this->addOption( 'json', 'Output in JSON' );
+ $this->addOption( 'dev', 'Check development dependencies too' );
+ }
+
+ public function execute() {
+ $this->checkDev = $this->hasOption( 'dev' );
+ $extensions = $this->hasOption( 'extensions' )
+ ? explode( ',', $this->getOption( 'extensions' ) )
+ : [];
+ $skins = $this->hasOption( 'skins' )
+ ? explode( ',', $this->getOption( 'skins' ) )
+ : [];
+
+ $dependencies = [];
+ // Note that we can only use the main registry if we are
+ // not checking development dependencies.
+ $registry = ExtensionRegistry::getInstance();
+ foreach ( $extensions as $extension ) {
+ if ( !$this->checkDev && $registry->isLoaded( $extension ) ) {
+ // If it's already loaded, we know all the dependencies resolved.
+ $this->addToDependencies( $dependencies, [ $extension ], [] );
+ continue;
+ }
+ $this->loadThing( $dependencies, $extension, [ $extension ], [] );
+ }
+
+ foreach ( $skins as $skin ) {
+ if ( !$this->checkDev && $registry->isLoaded( $skin ) ) {
+ // If it's already loaded, we know all the dependencies resolved.
+ $this->addToDependencies( $dependencies, [], [ $skin ] );
+ continue;
+ }
+ $this->loadThing( $dependencies, $skin, [], [ $skin ] );
+ }
+
+ if ( $this->hasOption( 'json' ) ) {
+ $this->output( json_encode( $dependencies ) . "\n" );
+ } else {
+ $this->output( $this->formatForHumans( $dependencies ) . "\n" );
+ }
+ }
+
+ private function loadThing( &$dependencies, $name, $extensions, $skins ) {
+ global $wgExtensionDirectory, $wgStyleDirectory;
+ $queue = [];
+ $missing = false;
+ foreach ( $extensions as $extension ) {
+ $path = "$wgExtensionDirectory/$extension/extension.json";
+ if ( file_exists( $path ) ) {
+ // 1 is ignored
+ $queue[$path] = 1;
+ $this->addToDependencies( $dependencies, [ $extension ], [], $name );
+ } else {
+ $missing = true;
+ $this->addToDependencies( $dependencies, [ $extension ], [], $name, 'missing' );
+ }
+ }
+
+ foreach ( $skins as $skin ) {
+ $path = "$wgStyleDirectory/$skin/skin.json";
+ if ( file_exists( $path ) ) {
+ $queue[$path] = 1;
+ $this->addToDependencies( $dependencies, [], [ $skin ], $name );
+ } else {
+ $missing = true;
+ $this->addToDependencies( $dependencies, [], [ $skin ], $name, 'missing' );
+ }
+ }
+
+ if ( $missing ) {
+ // Stuff is missing, give up
+ return;
+ }
+
+ $registry = new ExtensionRegistry();
+ $registry->setCheckDevRequires( $this->checkDev );
+ try {
+ $registry->readFromQueue( $queue );
+ } catch ( ExtensionDependencyError $e ) {
+ $reason = false;
+ if ( $e->incompatibleCore ) {
+ $reason = 'incompatible-core';
+ } elseif ( $e->incompatibleSkins ) {
+ $reason = 'incompatible-skins';
+ } elseif ( $e->incompatibleExtensions ) {
+ $reason = 'incompatible-extensions';
+ } elseif ( $e->missingExtensions || $e->missingSkins ) {
+ // There's an extension missing in the dependency tree,
+ // so add those to the dependency list and try again
+ return $this->loadThing(
+ $dependencies,
+ $name,
+ array_merge( $extensions, $e->missingExtensions ),
+ array_merge( $skins, $e->missingSkins )
+ );
+ } else {
+ // missing-phpExtension
+ // missing-ability
+ // XXX: ???
+ throw $e;
+ }
+
+ $this->addToDependencies( $dependencies, $extensions, $skins, $name, $reason, $e->getMessage() );
+ }
+
+ $this->addToDependencies( $dependencies, $extensions, $skins, $name );
+ }
+
+ private function addToDependencies( &$dependencies, $extensions, $skins,
+ $why = null, $status = null, $message = null
+ ) {
+ $mainRegistry = ExtensionRegistry::getInstance();
+ $iter = [ 'extensions' => $extensions, 'skins' => $skins ];
+ foreach ( $iter as $type => $things ) {
+ foreach ( $things as $thing ) {
+ $preStatus = $dependencies[$type][$thing]['status'] ?? false;
+ if ( $preStatus !== 'loaded' ) {
+ // OK to overwrite
+ if ( $status ) {
+ $tStatus = $status;
+ } else {
+ $tStatus = $mainRegistry->isLoaded( $thing ) ? 'loaded' : 'present';
+ }
+ $dependencies[$type][$thing]['status'] = $tStatus;
+ }
+ if ( $why !== null ) {
+ $dependencies[$type][$thing]['why'][] = $why;
+ // XXX: this is a bit messy
+ $dependencies[$type][$thing]['why'] = array_unique(
+ $dependencies[$type][$thing]['why'] );
+ }
+
+ if ( $message !== null ) {
+ $dependencies[$type][$thing]['message'] = trim( $message );
+ }
+
+ }
+ }
+ }
+
+ private function formatForHumans( $dependencies ) {
+ $text = '';
+ foreach ( $dependencies as $type => $things ) {
+ $text .= ucfirst( $type ) . "\n" . str_repeat( '=', strlen( $type ) ) . "\n";
+ foreach ( $things as $thing => $info ) {
+ $why = $info['why'] ?? [];
+ if ( $why ) {
+ $whyText = '(because: ' . implode( ',', $why ) . ') ';
+ } else {
+ $whyText = '';
+ }
+ $msg = isset( $info['message'] ) ? ", {$info['message']}" : '';
+
+ $text .= "$thing: {$info['status']}{$msg} $whyText\n";
+ }
+ $text .= "\n";
+ }
+
+ return trim( $text );
+ }
+}
+
+$maintClass = CheckDependencies::class;
+require_once RUN_MAINTENANCE_IF_MAIN;
$maintenance->validateParamsAndArgs();
// Do the work
-$success = $maintenance->execute();
+try {
+ $success = $maintenance->execute();
+} catch ( Exception $ex ) {
+ $success = false;
+ while ( $ex ) {
+ $cls = get_class( $ex );
+ print "$cls from line {$ex->getLine()} of {$ex->getFile()}: {$ex->getMessage()}\n";
+ print $ex->getTraceAsString() . "\n";
+ $ex = $ex->getPrevious();
+ }
+}
// Potentially debug globals
$maintenance->globals();
}
$.suggestions.hide( context );
$.suggestions.cancel( context );
- } )
- // Simulate a keypress on load. This loads the search suggestions when there are already
- // typed characters before the JavaScript is loaded.
- .trigger( 'keypress' );
+ } );
+ // Load suggestions if the value is changed because there are already
+ // typed characters before the JavaScript is loaded.
+ if ( this.value !== this.defaultValue ) {
+ $.suggestions.update( context, false );
+ }
}
// Store the context for next time
$this->setMwGlobals( 'wgGroupPermissions', $newPermissions );
}
- /**
- * Overrides specific user permissions until services are reloaded
- *
- * @param User $user
- * @param string[]|string $permissions
- *
- * @throws Exception
- */
- public function overrideUserPermissions( $user, $permissions = [] ) {
- MediaWikiServices::getInstance()->getPermissionManager()->overrideUserRightsForTesting(
- $user,
- $permissions
- );
- }
-
/**
* Sets the logger for a specified channel, for the duration of the test.
* @since 1.27
"/* [[linkie?]] */",
],
[
- '<span dir="auto"><span class="autocomment"><a href="/wiki/Special:BlankPage" title="Special:BlankPage">→</a>: </span> // Edit via via</span>',
+ '<span dir="auto"><span class="autocomment">: </span> // Edit via via</span>',
// Regression test for T222857
"/* */ // Edit via via",
],
"/* autocomment */",
null
],
+ [
+ '',
+ "/* */",
+ false, true
+ ],
+ [
+ '',
+ "/* */",
+ null
+ ],
+ [
+ '<span dir="auto"><span class="autocomment">[[</span></span>',
+ "/* [[ */",
+ false, true
+ ],
+ [
+ '<span dir="auto"><span class="autocomment">[[</span></span>',
+ "/* [[ */",
+ null
+ ],
+ [
+ "foo <span dir=\"auto\"><span class=\"autocomment\"><a href=\"#.23\">→[[#_\t_]]</a></span></span>",
+ "foo /* [[#_\t_]] */",
+ false, true
+ ],
+ [
+ "foo <span dir=\"auto\"><span class=\"autocomment\"><a href=\"#_.09\">#_\t_</a></span></span>",
+ "foo /* [[#_\t_]] */",
+ null
+ ],
[
'<span dir="auto"><span class="autocomment"><a href="/wiki/Special:BlankPage#autocomment" title="Special:BlankPage">→autocomment</a></span></span>',
"/* autocomment */",
namespace MediaWiki\Tests\Permissions;
use Action;
-use FauxRequest;
-use MediaWiki\Session\SessionId;
-use MediaWiki\Session\TestUtils;
use MediaWikiLangTestCase;
use RequestContext;
-use stdClass;
use Title;
use User;
use MediaWiki\Block\DatabaseBlock;
use MediaWiki\Block\SystemBlock;
use MediaWiki\MediaWikiServices;
use MediaWiki\Permissions\PermissionManager;
-use Wikimedia\TestingAccessWrapper;
/**
* @group Database
'wgNamespaceProtection' => [
NS_MEDIAWIKI => 'editinterface',
],
- 'wgRevokePermissions' => [
- 'formertesters' => [
- 'runtest' => true
- ]
- ],
- 'wgAvailableRights' => [
- 'test',
- 'runtest',
- 'writetest',
- 'nukeworld',
- 'modifytest',
- 'editmyoptions'
- ]
] );
-
- $this->setGroupPermissions( 'unittesters', 'test', true );
- $this->setGroupPermissions( 'unittesters', 'runtest', true );
- $this->setGroupPermissions( 'unittesters', 'writetest', false );
- $this->setGroupPermissions( 'unittesters', 'nukeworld', false );
-
- $this->setGroupPermissions( 'testwriters', 'test', true );
- $this->setGroupPermissions( 'testwriters', 'writetest', true );
- $this->setGroupPermissions( 'testwriters', 'modifytest', true );
-
- $this->setGroupPermissions( '*', 'editmyoptions', true );
-
// Without this testUserBlock will use a non-English context on non-English MediaWiki
// installations (because of how Title::checkUserBlock is implemented) and fail.
RequestContext::resetMain();
$this->user = $this->userUser;
}
+ $this->permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+
$this->overrideMwServices();
}
- public function tearDown() {
- parent::tearDown();
- $this->restoreMwServices();
+ protected function setUserPerm( $perm ) {
+ // Setting member variables is evil!!!
+
+ if ( is_array( $perm ) ) {
+ $this->user->mRights = $perm;
+ } else {
+ $this->user->mRights = [ $perm ];
+ }
}
protected function setTitle( $ns, $title = "Main_Page" ) {
} else {
$this->user = $this->altUser;
}
- $this->overrideMwServices();
}
/**
$this->setUser( 'anon' );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createtalk" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createtalk" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createpage" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createpage" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ "nocreatetext" ] ], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreatetext' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createpage" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createpage" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createtalk" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createtalk" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreatetext' ] ], $res );
$this->setUser( $this->userName );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createtalk" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createtalk" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createpage" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createpage" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createpage" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createpage" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createtalk" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "createtalk" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setUser( 'anon' );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move-rootuserpages" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move-rootuserpages" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move-rootuserpages" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move-rootuserpages" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setUser( $this->userName );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "movefile" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "movefile" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenotallowed' ] ], $res );
$this->setUser( 'anon' );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "movefile" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "movefile" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setUser( $this->userName );
- // $this->setUserPerm( "move" );
- $this->runGroupPermissions( 'move', 'move', [ [ 'movenotallowedfile' ] ] );
+ $this->setUserPerm( "move" );
+ $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
- // $this->setUserPerm( "" );
+ $this->setUserPerm( "" );
$this->runGroupPermissions(
- '',
'move',
[ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
);
$this->setUser( 'anon' );
- //$this->setUserPerm( "move" );
- $this->runGroupPermissions( 'move', 'move', [ [ 'movenotallowedfile' ] ] );
+ $this->setUserPerm( "move" );
+ $this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
- // $this->setUserPerm( "" );
+ $this->setUserPerm( "" );
$this->runGroupPermissions(
- '',
'move',
[ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
[ [ 'movenotallowedfile' ], [ 'movenologintext' ] ]
$this->setTitle( NS_MAIN );
$this->setUser( 'anon' );
- // $this->setUserPerm( "move" );
- $this->runGroupPermissions( 'move', 'move', [] );
+ $this->setUserPerm( "move" );
+ $this->runGroupPermissions( 'move', [] );
- // $this->setUserPerm( "" );
- $this->runGroupPermissions( '', 'move', [ [ 'movenotallowed' ] ],
+ $this->setUserPerm( "" );
+ $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
[ [ 'movenologintext' ] ] );
$this->setUser( $this->userName );
- // $this->setUserPerm( "" );
- $this->runGroupPermissions( '', 'move', [ [ 'movenotallowed' ] ] );
+ $this->setUserPerm( "" );
+ $this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
- //$this->setUserPerm( "move" );
- $this->runGroupPermissions( 'move', 'move', [] );
+ $this->setUserPerm( "move" );
+ $this->runGroupPermissions( 'move', [] );
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, 'move' );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'move' );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user, '' );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( '' );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [ [ 'movenotallowed' ] ], $res );
}
$this->setTitle( NS_USER );
$this->setUser( $this->userName );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user, "move" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [], $res );
$this->setTitle( NS_USER, "User/subpage" );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user, "move" );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( "move" );
+ $res = $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title );
$this->assertEquals( [], $res );
];
foreach ( [ "edit", "protect", "" ] as $action ) {
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( null );
$this->assertEquals( $check[$action][0],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, true ) );
$this->assertEquals( $check[$action][0],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
$this->assertEquals( $check[$action][0],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
global $wgGroupPermissions;
$old = $wgGroupPermissions;
$wgGroupPermissions = [];
- $this->overrideMwServices();
$this->assertEquals( $check[$action][1],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, true ) );
$this->assertEquals( $check[$action][1],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
$this->assertEquals( $check[$action][1],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
$wgGroupPermissions = $old;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $action );
+ $this->setUserPerm( $action );
$this->assertEquals( $check[$action][2],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, true ) );
$this->assertEquals( $check[$action][2],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'full' ) );
$this->assertEquals( $check[$action][2],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title, 'secure' ) );
- $this->overrideUserPermissions( $this->user, $action );
+ $this->setUserPerm( $action );
$this->assertEquals( $check[$action][3],
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( $action, $this->user, $this->title, true ) );
+ $this->permissionManager->userCan( $action, $this->user, $this->title, true ) );
$this->assertEquals( $check[$action][3],
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( $action, $this->user, $this->title,
+ $this->permissionManager->userCan( $action, $this->user, $this->title,
PermissionManager::RIGOR_QUICK ) );
# count( User::getGroupsWithPermissions( $action ) ) < 1
}
}
- protected function runGroupPermissions( $perm, $action, $result, $result2 = null ) {
+ protected function runGroupPermissions( $action, $result, $result2 = null ) {
global $wgGroupPermissions;
if ( $result2 === null ) {
$wgGroupPermissions['autoconfirmed']['move'] = false;
$wgGroupPermissions['user']['move'] = false;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $perm );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $res = $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title );
$this->assertEquals( $result, $res );
$wgGroupPermissions['autoconfirmed']['move'] = true;
$wgGroupPermissions['user']['move'] = false;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $perm );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $res = $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title );
$this->assertEquals( $result2, $res );
$wgGroupPermissions['autoconfirmed']['move'] = true;
$wgGroupPermissions['user']['move'] = true;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $perm );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $res = $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title );
$this->assertEquals( $result2, $res );
$wgGroupPermissions['autoconfirmed']['move'] = false;
$wgGroupPermissions['user']['move'] = true;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $perm );
- $res = MediaWikiServices::getInstance()->getPermissionManager()
+ $res = $this->permissionManager
->getPermissionErrors( $action, $this->user, $this->title );
$this->assertEquals( $result2, $res );
}
$this->setTitle( NS_SPECIAL );
$this->assertEquals( [ [ 'badaccess-group0' ], [ 'ns-specialprotected' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, '' );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$wgNamespaceProtection[NS_USER] = [ 'bogus' ];
$this->setTitle( NS_USER );
- $this->overrideUserPermissions( $this->user, '' );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'namespaceprotected', 'User', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->setTitle( NS_MEDIAWIKI );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->setTitle( NS_MEDIAWIKI );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$wgNamespaceProtection = null;
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'bogus', $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user, '' );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'bogus', $this->user, $this->title ) );
}
/**
$resultUserJs,
$resultPatrol
) {
- $this->overrideUserPermissions( $this->user );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( '' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultNone, $result );
- $this->overrideUserPermissions( $this->user, 'editmyusercss' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'editmyusercss' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultMyCss, $result );
- $this->overrideUserPermissions( $this->user, 'editmyuserjson' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'editmyuserjson' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultMyJson, $result );
- $this->overrideUserPermissions( $this->user, 'editmyuserjs' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'editmyuserjs' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultMyJs, $result );
- $this->overrideUserPermissions( $this->user, 'editusercss' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'editusercss' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultUserCss, $result );
- $this->overrideUserPermissions( $this->user, 'edituserjson' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'edituserjson' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultUserJson, $result );
- $this->overrideUserPermissions( $this->user, 'edituserjs' );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( 'edituserjs' );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( $resultUserJs, $result );
- $this->overrideUserPermissions( $this->user );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( '' );
+ $result = $this->permissionManager
->getPermissionErrors( 'patrol', $this->user, $this->title );
$this->assertEquals( reset( $resultPatrol[0] ), reset( $result[0] ) );
- $this->overrideUserPermissions( $this->user, [ 'edituserjs', 'edituserjson', 'editusercss' ] );
- $result = MediaWikiServices::getInstance()->getPermissionManager()
+ $this->setUserPerm( [ 'edituserjs', 'edituserjson', 'editusercss' ] );
+ $result = $this->permissionManager
->getPermissionErrors( 'bogus', $this->user, $this->title );
$this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
}
$this->setTitle( NS_MAIN );
$this->title->mRestrictionsLoaded = true;
- $this->overrideUserPermissions( $this->user, "edit" );
+ $this->setUserPerm( "edit" );
$this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
- ->getPermissionErrors( 'edit', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ $this->permissionManager->userCan( 'edit', $this->user, $this->title,
+ PermissionManager::RIGOR_QUICK ) );
$this->title->mRestrictions = [ "edit" => [ 'bogus', "sysop", "protect", "" ],
"bogus" => [ 'bogus', "sysop", "protect", "" ] ];
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'editprotected', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus',
+ $this->user, $this->title ) );
$this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
[ 'protectedpagetext', 'editprotected', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
+ $this->setUserPerm( "" );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'editprotected', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus',
+ $this->user, $this->title ) );
$this->assertEquals( [ [ 'badaccess-groups', "*, [[$prefix:Users|Users]]", 2 ],
[ 'protectedpagetext', 'bogus', 'edit' ],
[ 'protectedpagetext', 'editprotected', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
+ $this->setUserPerm( [ "edit", "editprotected" ] );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus',
+ $this->user, $this->title ) );
$this->assertEquals( [
[ 'protectedpagetext', 'bogus', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
$this->title->mCascadeRestriction = true;
- $this->overrideUserPermissions( $this->user, "edit" );
+ $this->setUserPerm( "edit" );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()
- ->userCan( 'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ $this->permissionManager->userCan( 'bogus', $this->user, $this->title,
+ PermissionManager::RIGOR_QUICK ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ $this->permissionManager->userCan( 'edit', $this->user, $this->title,
+ PermissionManager::RIGOR_QUICK ) );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'editprotected', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus',
+ $this->user, $this->title ) );
$this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
[ 'protectedpagetext', 'editprotected', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
+ $this->setUserPerm( [ "edit", "editprotected" ] );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'bogus', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ $this->permissionManager->userCan( 'bogus', $this->user, $this->title,
+ PermissionManager::RIGOR_QUICK ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'edit', $this->user, $this->title, PermissionManager::RIGOR_QUICK ) );
+ $this->permissionManager->userCan( 'edit', $this->user, $this->title,
+ PermissionManager::RIGOR_QUICK ) );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus',
+ $this->user, $this->title ) );
$this->assertEquals( [ [ 'protectedpagetext', 'bogus', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'edit',
+ $this->user, $this->title ) );
}
/**
*/
public function testCascadingSourcesRestrictions() {
$this->setTitle( NS_MAIN, "test page" );
- $this->overrideUserPermissions( $this->user, [ "edit", "bogus" ] );
+ $this->setUserPerm( [ "edit", "bogus" ] );
$this->title->mCascadeSources = [
Title::makeTitle( NS_MAIN, "Bogus" ),
];
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'bogus', $this->user, $this->title ) );
$this->assertEquals( [
[ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
[ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ],
[ "cascadeprotected", 2, "* [[:Bogus]]\n* [[:UnBogus]]\n", 'bogus' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'bogus', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'bogus', $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'edit', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'edit', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'edit', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'edit', $this->user, $this->title ) );
}
/**
* @covers \MediaWiki\Permissions\PermissionManager::checkActionPermissions
*/
public function testActionPermissions() {
- $this->overrideUserPermissions( $this->user, [ "createpage" ] );
+ $this->setUserPerm( [ "createpage" ] );
$this->setTitle( NS_MAIN, "test page" );
$this->title->mTitleProtection['permission'] = '';
$this->title->mTitleProtection['user'] = $this->user->getId();
$this->title->mCascadeRestriction = false;
$this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'create', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'create', $this->user, $this->title ) );
$this->title->mTitleProtection['permission'] = 'editprotected';
- $this->overrideUserPermissions( $this->user, [ 'createpage', 'protect' ] );
+ $this->setUserPerm( [ 'createpage', 'protect' ] );
$this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'create', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'create', $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user, [ 'createpage', 'editprotected' ] );
+ $this->setUserPerm( [ 'createpage', 'editprotected' ] );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'create', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'create', $this->user, $this->title ) );
- $this->overrideUserPermissions( $this->user, [ 'createpage' ] );
+ $this->setUserPerm( [ 'createpage' ] );
$this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'create', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'create', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'create', $this->user, $this->title ) );
$this->setTitle( NS_MEDIA, "test page" );
- $this->overrideUserPermissions( $this->user, [ "move" ] );
+ $this->setUserPerm( [ "move" ] );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move', $this->user, $this->title ) );
$this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title ) );
$this->setTitle( NS_HELP, "test page" );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move', $this->user, $this->title ) );
$this->title->mInterwiki = "no";
$this->assertEquals( [ [ 'immobile-source-page' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move', $this->user, $this->title ) );
$this->setTitle( NS_MEDIA, "test page" );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move-target', $this->user, $this->title ) );
$this->assertEquals( [ [ 'immobile-target-namespace', 'Media' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->setTitle( NS_HELP, "test page" );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->assertEquals( true,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move-target', $this->user, $this->title ) );
$this->title->mInterwiki = "no";
$this->assertEquals( [ [ 'immobile-target-page' ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->assertEquals( false,
- MediaWikiServices::getInstance()->getPermissionManager()->userCan(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->userCan( 'move-target', $this->user, $this->title ) );
}
/**
'wgBlockDisablesLogin' => false,
] );
- $this->overrideUserPermissions( $this->user, [
+ $this->overrideMwServices();
+ $this->permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+
+ $this->setUserPerm( [
'createpage',
'edit',
'move',
# $wgEmailConfirmToEdit only applies to 'edit' action
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'move-target',
+ $this->user, $this->title ) );
$this->assertContains( [ 'confirmedittext' ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
$this->setMwGlobals( 'wgEmailConfirmToEdit', false );
$this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, [
- 'createpage',
- 'edit',
- 'move',
- 'rollback',
- 'patrol',
- 'upload',
- 'purge'
- ] );
+ $this->permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
$this->assertNotContains( [ 'confirmedittext' ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
# $wgEmailConfirmToEdit && !$user->isEmailConfirmed() && $action != 'createaccount'
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'move-target',
+ $this->user, $this->title ) );
global $wgLang;
$prev = time();
'[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
'Useruser', null, 'infinite', '127.0.8.1',
$wgLang->timeanddate( wfTimestamp( TS_MW, $prev ), true ) ] ],
- MediaWikiServices::getInstance()->getPermissionManager()->getPermissionErrors(
- 'move-target', $this->user, $this->title ) );
+ $this->permissionManager->getPermissionErrors( 'move-target',
+ $this->user, $this->title ) );
- $this->assertEquals( false, MediaWikiServices::getInstance()->getPermissionManager()
+ $this->assertEquals( false, $this->permissionManager
->userCan( 'move-target', $this->user, $this->title ) );
// quickUserCan should ignore user blocks
- $this->assertEquals( true, MediaWikiServices::getInstance()->getPermissionManager()
+ $this->assertEquals( true, $this->permissionManager
->userCan( 'move-target', $this->user, $this->title,
PermissionManager::RIGOR_QUICK ) );
'[[User:Useruser|Useruser]]', 'no reason given', '127.0.0.1',
'Useruser', null, '23:00, 31 December 1969', '127.0.8.1',
$wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
# $action != 'read' && $action != 'createaccount' && $user->isBlockedFrom( $this )
# $user->blockedFor() == ''
$wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'rollback', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'patrol', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'upload', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'purge', $this->user, $this->title ) );
// partial block message test
] );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'rollback', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'patrol', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'upload', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'purge', $this->user, $this->title ) );
$this->user->mBlock->setRestrictions( [
$wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'move-target', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'rollback', $this->user, $this->title ) );
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'patrol', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'upload', $this->user, $this->title ) );
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'purge', $this->user, $this->title ) );
// Test no block.
$this->user->mBlock = null;
$this->assertEquals( [],
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'edit', $this->user, $this->title ) );
}
$wgLang->timeanddate( wfTimestamp( TS_MW, $now ), true ) ] ];
$this->assertEquals( $errors,
- MediaWikiServices::getInstance()->getPermissionManager()
+ $this->permissionManager
->getPermissionErrors( 'tester', $this->user, $this->title ) );
}
//$this->assertSame( '', $user->blockedBy(), 'sanity check' );
//$this->assertSame( '', $user->blockedFor(), 'sanity check' );
//$this->assertFalse( (bool)$user->isHidden(), 'sanity check' );
- $this->assertFalse( MediaWikiServices::getInstance()->getPermissionManager()
+ $this->assertFalse( $this->permissionManager
->isBlockedFrom( $user, $ut ), 'sanity check' );
// Block the user
//$this->assertSame( $blocker->getName(), $user->blockedBy() );
//$this->assertSame( 'Because', $user->blockedFor() );
//$this->assertTrue( (bool)$user->isHidden() );
- $this->assertTrue( MediaWikiServices::getInstance()->getPermissionManager()
- ->isBlockedFrom( $user, $ut ) );
+ $this->assertTrue( $this->permissionManager->isBlockedFrom( $user, $ut ) );
// Unblock
$block->delete();
//$this->assertSame( '', $user->blockedBy() );
//$this->assertSame( '', $user->blockedFor() );
//$this->assertFalse( (bool)$user->isHidden() );
- $this->assertFalse( MediaWikiServices::getInstance()->getPermissionManager()
- ->isBlockedFrom( $user, $ut ) );
+ $this->assertFalse( $this->permissionManager->isBlockedFrom( $user, $ut ) );
}
/**
$block->insert();
try {
- $this->assertSame( $expect, MediaWikiServices::getInstance()->getPermissionManager()
- ->isBlockedFrom( $user, $title ) );
+ $this->assertSame( $expect, $this->permissionManager->isBlockedFrom( $user, $title ) );
} finally {
$block->delete();
}
];
}
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::getUserPermissions
- */
- public function testGetUserPermissions() {
- $user = $this->getTestUser( [ 'unittesters' ] )->getUser();
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getUserPermissions( $user );
- $this->assertContains( 'runtest', $rights );
- $this->assertNotContains( 'writetest', $rights );
- $this->assertNotContains( 'modifytest', $rights );
- $this->assertNotContains( 'nukeworld', $rights );
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::getUserPermissions
- */
- public function testGetUserPermissionsHooks() {
- $user = $this->getTestUser( [ 'unittesters', 'testwriters' ] )->getUser();
- $userWrapper = TestingAccessWrapper::newFromObject( $user );
-
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getUserPermissions( $user );
- $this->assertContains( 'test', $rights, 'sanity check' );
- $this->assertContains( 'runtest', $rights, 'sanity check' );
- $this->assertContains( 'writetest', $rights, 'sanity check' );
- $this->assertNotContains( 'nukeworld', $rights, 'sanity check' );
-
- // Add a hook manipluating the rights
- $this->mergeMwGlobalArrayValue( 'wgHooks', [ 'UserGetRights' => [ function ( $user, &$rights ) {
- $rights[] = 'nukeworld';
- $rights = array_diff( $rights, [ 'writetest' ] );
- } ] ] );
-
- $this->overrideMwServices();
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getUserPermissions( $user );
- $this->assertContains( 'test', $rights );
- $this->assertContains( 'runtest', $rights );
- $this->assertNotContains( 'writetest', $rights );
- $this->assertContains( 'nukeworld', $rights );
-
- // Add a Session that limits rights
- $mock = $this->getMockBuilder( stdClass::class )
- ->setMethods( [ 'getAllowedUserRights', 'deregisterSession', 'getSessionId' ] )
- ->getMock();
- $mock->method( 'getAllowedUserRights' )->willReturn( [ 'test', 'writetest' ] );
- $mock->method( 'getSessionId' )->willReturn(
- new SessionId( str_repeat( 'X', 32 ) )
- );
- $session = TestUtils::getDummySession( $mock );
- $mockRequest = $this->getMockBuilder( FauxRequest::class )
- ->setMethods( [ 'getSession' ] )
- ->getMock();
- $mockRequest->method( 'getSession' )->willReturn( $session );
- $userWrapper->mRequest = $mockRequest;
-
- $this->overrideMwServices();
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getUserPermissions( $user );
- $this->assertContains( 'test', $rights );
- $this->assertNotContains( 'runtest', $rights );
- $this->assertNotContains( 'writetest', $rights );
- $this->assertNotContains( 'nukeworld', $rights );
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::getGroupPermissions
- */
- public function testGroupPermissions() {
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getGroupPermissions( [ 'unittesters' ] );
- $this->assertContains( 'runtest', $rights );
- $this->assertNotContains( 'writetest', $rights );
- $this->assertNotContains( 'modifytest', $rights );
- $this->assertNotContains( 'nukeworld', $rights );
-
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getGroupPermissions( [ 'unittesters', 'testwriters' ] );
- $this->assertContains( 'runtest', $rights );
- $this->assertContains( 'writetest', $rights );
- $this->assertContains( 'modifytest', $rights );
- $this->assertNotContains( 'nukeworld', $rights );
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::getGroupPermissions
- */
- public function testRevokePermissions() {
- $rights = MediaWikiServices::getInstance()->getPermissionManager()
- ->getGroupPermissions( [ 'unittesters', 'formertesters' ] );
- $this->assertNotContains( 'runtest', $rights );
- $this->assertNotContains( 'writetest', $rights );
- $this->assertNotContains( 'modifytest', $rights );
- $this->assertNotContains( 'nukeworld', $rights );
- }
-
- /**
- * @dataProvider provideGetGroupsWithPermission
- * @covers \MediaWiki\Permissions\PermissionManager::getGroupsWithPermission
- */
- public function testGetGroupsWithPermission( $expected, $right ) {
- $result = MediaWikiServices::getInstance()->getPermissionManager()
- ->getGroupsWithPermission( $right );
- sort( $result );
- sort( $expected );
-
- $this->assertEquals( $expected, $result, "Groups with permission $right" );
- }
-
- public static function provideGetGroupsWithPermission() {
- return [
- [
- [ 'unittesters', 'testwriters' ],
- 'test'
- ],
- [
- [ 'unittesters' ],
- 'runtest'
- ],
- [
- [ 'testwriters' ],
- 'writetest'
- ],
- [
- [ 'testwriters' ],
- 'modifytest'
- ],
- ];
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::userHasRight
- */
- public function testUserHasRight() {
- $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
- $this->getTestUser( 'unittesters' )->getUser(),
- 'test'
- );
- $this->assertTrue( $result );
-
- $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
- $this->getTestUser( 'formertesters' )->getUser(),
- 'runtest'
- );
- $this->assertFalse( $result );
-
- $result = MediaWikiServices::getInstance()->getPermissionManager()->userHasRight(
- $this->getTestUser( 'formertesters' )->getUser(),
- ''
- );
- $this->assertTrue( $result );
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::groupHasPermission
- */
- public function testGroupHasPermission() {
- $result = MediaWikiServices::getInstance()->getPermissionManager()->groupHasPermission(
- 'unittesters',
- 'test'
- );
- $this->assertTrue( $result );
-
- $result = MediaWikiServices::getInstance()->getPermissionManager()->groupHasPermission(
- 'formertesters',
- 'runtest'
- );
- $this->assertFalse( $result );
- }
-
- /**
- * @covers \MediaWiki\Permissions\PermissionManager::isEveryoneAllowed
- */
- public function testIsEveryoneAllowed() {
- $result = MediaWikiServices::getInstance()->getPermissionManager()
- ->isEveryoneAllowed( 'editmyoptions' );
- $this->assertTrue( $result );
-
- $result = MediaWikiServices::getInstance()->getPermissionManager()
- ->isEveryoneAllowed( 'test' );
- $this->assertFalse( $result );
- }
-
}
],
]
);
- // TODO: this one is necessary to pass globals changes to PermissionManger
- $this->overrideMwServices();
$user = $this->getTestUser( $userGroups )->getUser();
$this->assertSame(
],
]
);
- // TODO: this one is necessary to pass globals changes to PermissionManger
- $this->overrideMwServices();
$user = $this->getTestUser( $userGroups )->getUser();
$revision = new Revision( [ 'deleted' => $bitField ], 0, $this->testPage->getTitle() );
*/
public function testTemplateCategories() {
$user = new User();
- $this->overrideUserPermissions( $user, [ 'createpage', 'edit', 'purge', 'delete' ] );
+ $user->mRights = [ 'createpage', 'edit', 'purge', 'delete' ];
$title = Title::newFromText( "Categorized from template" );
$page = WikiPage::factory( $title );
$this->overrideMwServices();
}
+ protected function setUserPerm( $perm ) {
+ // Setting member variables is evil!!!
+
+ if ( is_array( $perm ) ) {
+ $this->user->mRights = $perm;
+ } else {
+ $this->user->mRights = [ $perm ];
+ }
+ }
+
protected function setTitle( $ns, $title = "Main_Page" ) {
$this->title = Title::makeTitle( $ns, $title );
}
$this->setUser( 'anon' );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createtalk" );
+ $this->setUserPerm( "createtalk" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createpage" );
+ $this->setUserPerm( "createpage" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ "nocreatetext" ] ], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "" );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreatetext' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createpage" );
+ $this->setUserPerm( "createpage" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createtalk" );
+ $this->setUserPerm( "createtalk" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreatetext' ] ], $res );
$this->setUser( $this->userName );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createtalk" );
+ $this->setUserPerm( "createtalk" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user, "createpage" );
+ $this->setUserPerm( "createpage" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_TALK );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createpage" );
+ $this->setUserPerm( "createpage" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, "createtalk" );
+ $this->setUserPerm( "createtalk" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'create', $this->user );
$this->assertEquals( [ [ 'nocreate-loggedin' ] ], $res );
$this->setUser( 'anon' );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
+ $this->setUserPerm( "move-rootuserpages" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
+ $this->setUserPerm( "move-rootuserpages" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "" );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'cant-move-user-page' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "" );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
+ $this->setUserPerm( "move-rootuserpages" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setTitle( NS_USER, $this->userName . '/subpage' );
- $this->overrideUserPermissions( $this->user, "move-rootuserpages" );
+ $this->setUserPerm( "move-rootuserpages" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setUser( $this->userName );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ], $res );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "movefile" );
+ $this->setUserPerm( "movefile" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenotallowed' ] ], $res );
$this->setUser( 'anon' );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenotallowedfile' ], [ 'movenologintext' ] ], $res );
$this->setTitle( NS_FILE, "img.png" );
- $this->overrideUserPermissions( $this->user, "movefile" );
+ $this->setUserPerm( "movefile" );
$res = $this->title->getUserPermissionsErrors( 'move', $this->user );
$this->assertEquals( [ [ 'movenologintext' ] ], $res );
$this->setUser( $this->userName );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$this->runGroupPermissions(
'move',
[ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ]
);
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$this->runGroupPermissions( 'move', [ [ 'movenotallowedfile' ] ] );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$this->runGroupPermissions(
'move',
[ [ 'movenotallowedfile' ], [ 'movenotallowed' ] ],
$this->setTitle( NS_MAIN );
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$this->runGroupPermissions( 'move', [] );
- $this->overrideUserPermissions( $this->user, "" );
+ $this->setUserPerm( "" );
$this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ],
[ [ 'movenologintext' ] ] );
$this->setUser( $this->userName );
- $this->overrideUserPermissions( $this->user, "" );
+ $this->setUserPerm( "" );
$this->runGroupPermissions( 'move', [ [ 'movenotallowed' ] ] );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$this->runGroupPermissions( 'move', [] );
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, 'move' );
+ $this->setUserPerm( 'move' );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [ [ 'movenotallowed' ] ], $res );
}
$this->setTitle( NS_USER );
$this->setUser( $this->userName );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [ [ 'cant-move-to-user-page' ] ], $res );
$this->setUser( 'anon' );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [], $res );
$this->setTitle( NS_USER, "User/subpage" );
- $this->overrideUserPermissions( $this->user, [ "move", "move-rootuserpages" ] );
+ $this->setUserPerm( [ "move", "move-rootuserpages" ] );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [], $res );
- $this->overrideUserPermissions( $this->user, "move" );
+ $this->setUserPerm( "move" );
$res = $this->title->getUserPermissionsErrors( 'move-target', $this->user );
$this->assertEquals( [], $res );
];
foreach ( [ "edit", "protect", "" ] as $action ) {
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( null );
$this->assertEquals( $check[$action][0],
$this->title->getUserPermissionsErrors( $action, $this->user, true ) );
$this->assertEquals( $check[$action][0],
$old = $wgGroupPermissions;
$wgGroupPermissions = [];
- $this->overrideMwServices();
-
$this->assertEquals( $check[$action][1],
$this->title->getUserPermissionsErrors( $action, $this->user, true ) );
$this->assertEquals( $check[$action][1],
$this->title->getUserPermissionsErrors( $action, $this->user, 'full' ) );
$this->assertEquals( $check[$action][1],
$this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
-
$wgGroupPermissions = $old;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $action );
+ $this->setUserPerm( $action );
$this->assertEquals( $check[$action][2],
$this->title->getUserPermissionsErrors( $action, $this->user, true ) );
$this->assertEquals( $check[$action][2],
$this->assertEquals( $check[$action][2],
$this->title->getUserPermissionsErrors( $action, $this->user, 'secure' ) );
- $this->overrideUserPermissions( $this->user, $action );
+ $this->setUserPerm( $action );
$this->assertEquals( $check[$action][3],
$this->title->userCan( $action, $this->user, true ) );
$this->assertEquals( $check[$action][3],
$result2 = $result;
}
- // XXX: there could be a better way to handle this, but since we need to
- // override PermissionManager service each time globals are changed
- // and in the same time we need to keep user permissions overrides from the outside
- // the best we can do inside this method is to save & restore faked user perms
-
- $userPermsOverrides = MediaWikiServices::getInstance()->getPermissionManager()
- ->getUserPermissions( $this->user );
-
$wgGroupPermissions['autoconfirmed']['move'] = false;
$wgGroupPermissions['user']['move'] = false;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $userPermsOverrides );
$res = $this->title->getUserPermissionsErrors( $action, $this->user );
$this->assertEquals( $result, $res );
$wgGroupPermissions['autoconfirmed']['move'] = true;
$wgGroupPermissions['user']['move'] = false;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $userPermsOverrides );
$res = $this->title->getUserPermissionsErrors( $action, $this->user );
$this->assertEquals( $result2, $res );
$wgGroupPermissions['autoconfirmed']['move'] = true;
$wgGroupPermissions['user']['move'] = true;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $userPermsOverrides );
$res = $this->title->getUserPermissionsErrors( $action, $this->user );
$this->assertEquals( $result2, $res );
$wgGroupPermissions['autoconfirmed']['move'] = false;
$wgGroupPermissions['user']['move'] = true;
- $this->overrideMwServices();
- $this->overrideUserPermissions( $this->user, $userPermsOverrides );
$res = $this->title->getUserPermissionsErrors( $action, $this->user );
$this->assertEquals( $result2, $res );
}
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->setTitle( NS_MAIN );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$wgNamespaceProtection[NS_USER] = [ 'bogus' ];
$this->setTitle( NS_USER );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'namespaceprotected', 'User', 'bogus' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->setTitle( NS_MEDIAWIKI );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->setTitle( NS_MEDIAWIKI );
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [ [ 'protectedinterface', 'bogus' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$wgNamespaceProtection = null;
- $this->overrideUserPermissions( $this->user, 'bogus' );
+ $this->setUserPerm( 'bogus' );
$this->assertEquals( [],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->assertEquals( true,
$this->title->userCan( 'bogus', $this->user ) );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$this->assertEquals( [ [ 'badaccess-group0' ] ],
$this->title->getUserPermissionsErrors( 'bogus', $this->user ) );
$this->assertEquals( false,
$resultUserJs,
$resultPatrol
) {
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultNone, $result );
- $this->overrideUserPermissions( $this->user, 'editmyusercss' );
+ $this->setUserPerm( 'editmyusercss' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultMyCss, $result );
- $this->overrideUserPermissions( $this->user, 'editmyuserjson' );
+ $this->setUserPerm( 'editmyuserjson' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultMyJson, $result );
- $this->overrideUserPermissions( $this->user, 'editmyuserjs' );
+ $this->setUserPerm( 'editmyuserjs' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultMyJs, $result );
- $this->overrideUserPermissions( $this->user, 'editusercss' );
+ $this->setUserPerm( 'editusercss' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultUserCss, $result );
- $this->overrideUserPermissions( $this->user, 'edituserjson' );
+ $this->setUserPerm( 'edituserjson' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultUserJson, $result );
- $this->overrideUserPermissions( $this->user, 'edituserjs' );
+ $this->setUserPerm( 'edituserjs' );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( $resultUserJs, $result );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( '' );
$result = $this->title->getUserPermissionsErrors( 'patrol', $this->user );
$this->assertEquals( reset( $resultPatrol[0] ), reset( $result[0] ) );
- $this->overrideUserPermissions( $this->user, [ 'edituserjs', 'edituserjson', 'editusercss' ] );
+ $this->setUserPerm( [ 'edituserjs', 'edituserjson', 'editusercss' ] );
$result = $this->title->getUserPermissionsErrors( 'bogus', $this->user );
$this->assertEquals( [ [ 'badaccess-group0' ] ], $result );
}
$this->setTitle( NS_MAIN );
$this->title->mRestrictionsLoaded = true;
- $this->overrideUserPermissions( $this->user, "edit" );
+ $this->setUserPerm( "edit" );
$this->title->mRestrictions = [ "bogus" => [ 'bogus', "sysop", "protect", "" ] ];
$this->assertEquals( [],
[ 'protectedpagetext', 'protect', 'edit' ] ],
$this->title->getUserPermissionsErrors( 'edit',
$this->user ) );
- $this->overrideUserPermissions( $this->user );
+ $this->setUserPerm( "" );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'editprotected', 'bogus' ],
[ 'protectedpagetext', 'protect', 'edit' ] ],
$this->title->getUserPermissionsErrors( 'edit',
$this->user ) );
- $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
+ $this->setUserPerm( [ "edit", "editprotected" ] );
$this->assertEquals( [ [ 'badaccess-group0' ],
[ 'protectedpagetext', 'bogus', 'bogus' ],
[ 'protectedpagetext', 'protect', 'bogus' ] ],
$this->user ) );
$this->title->mCascadeRestriction = true;
- $this->overrideUserPermissions( $this->user, "edit" );
+ $this->setUserPerm( "edit" );
$this->assertEquals( false,
$this->title->quickUserCan( 'bogus', $this->user ) );
$this->assertEquals( false,
$this->title->getUserPermissionsErrors( 'edit',
$this->user ) );
- $this->overrideUserPermissions( $this->user, [ "edit", "editprotected" ] );
+ $this->setUserPerm( [ "edit", "editprotected" ] );
$this->assertEquals( false,
$this->title->quickUserCan( 'bogus', $this->user ) );
$this->assertEquals( false,
*/
public function testCascadingSourcesRestrictions() {
$this->setTitle( NS_MAIN, "test page" );
- $this->overrideUserPermissions( $this->user, [ "edit", "bogus" ] );
+ $this->setUserPerm( [ "edit", "bogus" ] );
$this->title->mCascadeSources = [
Title::makeTitle( NS_MAIN, "Bogus" ),
* @covers \MediaWiki\Permissions\PermissionManager::checkActionPermissions
*/
public function testActionPermissions() {
- $this->overrideUserPermissions( $this->user, [ "createpage" ] );
+ $this->setUserPerm( [ "createpage" ] );
$this->setTitle( NS_MAIN, "test page" );
$this->title->mTitleProtection['permission'] = '';
$this->title->mTitleProtection['user'] = $this->user->getId();
$this->title->userCan( 'create', $this->user ) );
$this->title->mTitleProtection['permission'] = 'editprotected';
- $this->overrideUserPermissions( $this->user, [ 'createpage', 'protect' ] );
+ $this->setUserPerm( [ 'createpage', 'protect' ] );
$this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
$this->title->getUserPermissionsErrors( 'create', $this->user ) );
$this->assertEquals( false,
$this->title->userCan( 'create', $this->user ) );
- $this->overrideUserPermissions( $this->user, [ 'createpage', 'editprotected' ] );
+ $this->setUserPerm( [ 'createpage', 'editprotected' ] );
$this->assertEquals( [],
$this->title->getUserPermissionsErrors( 'create', $this->user ) );
$this->assertEquals( true,
$this->title->userCan( 'create', $this->user ) );
- $this->overrideUserPermissions( $this->user, [ 'createpage' ] );
+ $this->setUserPerm( [ 'createpage' ] );
$this->assertEquals( [ [ 'titleprotected', 'Useruser', 'test' ] ],
$this->title->getUserPermissionsErrors( 'create', $this->user ) );
$this->assertEquals( false,
$this->title->userCan( 'create', $this->user ) );
$this->setTitle( NS_MEDIA, "test page" );
- $this->overrideUserPermissions( $this->user, [ "move" ] );
+ $this->setUserPerm( [ "move" ] );
$this->assertEquals( false,
$this->title->userCan( 'move', $this->user ) );
$this->assertEquals( [ [ 'immobile-source-namespace', 'Media' ] ],
] );
$this->overrideMwServices();
- $this->overrideUserPermissions(
- $this->user,
- [ 'createpage', 'edit', 'move', 'rollback', 'patrol', 'upload', 'purge' ]
- );
+ $this->setUserPerm( [ 'createpage', 'edit', 'move', 'rollback', 'patrol', 'upload', 'purge' ] );
$this->setTitle( NS_HELP, "test page" );
# $wgEmailConfirmToEdit only applies to 'edit' action
$this->setMwGlobals( 'wgEmailConfirmToEdit', false );
$this->overrideMwServices();
- $this->overrideUserPermissions(
- $this->user,
- [ 'createpage', 'edit', 'move', 'rollback', 'patrol', 'upload', 'purge' ]
- );
$this->assertNotContains( [ 'confirmedittext' ],
$this->title->getUserPermissionsErrors( 'edit', $this->user ) );
// New anonymous user with no rights
$user = new User;
- $this->overrideUserPermissions( $user, [] );
+ $user->mRights = [];
$errors = $title->userCan( $action, $user );
if ( is_bool( $expected ) ) {
public function testCanExecute() {
$user = $this->getTestUser()->getUser();
- $this->overrideUserPermissions( $user, 'access' );
+ $user->mRights = [ 'access' ];
$action = Action::factory( 'access', $this->getPage(), $this->getContext() );
$this->assertNull( $action->canExecute( $user ) );
}
public function testCanExecuteNoRight() {
$user = $this->getTestUser()->getUser();
- $this->overrideUserPermissions( $user, [] );
+ $user->mRights = [];
$action = Action::factory( 'access', $this->getPage(), $this->getContext() );
try {
public function testCanExecuteRequiresUnblock() {
$user = $this->getTestUser()->getUser();
- $this->overrideUserPermissions( $user, [] );
+ $user->mRights = [];
$page = $this->getExistingTestPage();
$action = Action::factory( 'unblock', $page, $this->getContext() );
$this->setMwGlobals( 'wgRevokePermissions',
[ 'user' => [ 'applychangetags' => true ] ] );
- $this->overrideMwServices();
-
$this->doBlock( [ 'tags' => 'custom tag' ] );
}
$this->mergeMwGlobalArrayValue( 'wgGroupPermissions',
[ 'sysop' => $newPermissions ] );
- $this->overrideMwServices();
$res = $this->doBlock( [ 'hidename' => '' ] );
$dbw = wfGetDB( DB_MASTER );
$this->setMwGlobals( 'wgRevokePermissions',
[ 'sysop' => [ 'blockemail' => true ] ] );
- $this->overrideMwServices();
-
$this->doBlock( [ 'noemail' => '' ] );
}
ChangeTags::defineTag( 'custom tag' );
$this->setMwGlobals( 'wgRevokePermissions',
[ 'user' => [ 'applychangetags' => true ] ] );
- $this->overrideMwServices();
$this->editPage( $name, 'Some text' );
$this->tablesUsed,
[ 'change_tag', 'change_tag_def', 'logging' ]
);
- $this->overrideMwServices();
}
public function testEdit() {
ChangeTags::defineTag( 'custom tag' );
$this->setMwGlobals( 'wgRevokePermissions',
[ 'user' => [ 'applychangetags' => true ] ] );
- // Supply services with updated globals
- $this->overrideMwServices();
-
try {
$this->doApiRequestWithToken( [
'action' => 'edit',
$this->setMwGlobals( 'wgRevokePermissions',
[ 'user' => [ 'upload' => true ] ] );
- // Supply services with updated globals
- $this->overrideMwServices();
$this->doApiRequestWithToken( [
'action' => 'edit',
'The content you supplied exceeds the article size limit of 1 kilobyte.' );
$this->setMwGlobals( 'wgMaxArticleSize', 1 );
- // Supply services with updated globals
- $this->overrideMwServices();
$text = str_repeat( '!', 1025 );
'The action you have requested is limited to users in the group: ' );
$this->setMwGlobals( 'wgRevokePermissions', [ '*' => [ 'edit' => true ] ] );
- // Supply services with updated globals
- $this->overrideMwServices();
$this->doApiRequestWithToken( [
'action' => 'edit',
$this->setMwGlobals( 'wgRevokePermissions',
[ 'user' => [ 'editcontentmodel' => true ] ] );
- // Supply services with updated globals
- $this->overrideMwServices();
$this->doApiRequestWithToken( [
'action' => 'edit',
public function testSetCacheModeUnrecognized() {
$api = new ApiMain();
$api->setCacheMode( 'unrecognized' );
- $this->overrideMwServices();
$this->assertSame(
'private',
TestingAccessWrapper::newFromObject( $api )->mCacheMode,
public function testSetCacheModePrivateWiki() {
$this->setGroupPermissions( '*', 'read', false );
- $this->overrideMwServices();
+
$wrappedApi = TestingAccessWrapper::newFromObject( new ApiMain() );
$wrappedApi->setCacheMode( 'public' );
$this->assertSame( 'private', $wrappedApi->mCacheMode );
} else {
$user = new User();
}
- $this->overrideUserPermissions( $user, $rights );
+ $user->mRights = $rights;
try {
$this->doApiRequest( [
'action' => 'query',
$this->assertTrue( self::apiExceptionHasCode( $e, $error ),
"Error '{$e->getMessage()}' matched expected '$error'" );
}
- $this->overrideMwServices();
}
/**
'You need read permission to use this module.' );
$this->setGroupPermissions( '*', 'read', false );
- $this->overrideMwServices();
$main = new ApiMain( new FauxRequest( [ 'action' => 'query', 'meta' => 'siteinfo' ] ) );
$main->execute();
$this->setExpectedException( ApiUsageException::class,
"You're not allowed to edit this wiki through the API." );
$this->setGroupPermissions( '*', 'writeapi', false );
- $this->overrideMwServices();
$main = new ApiMain( new FauxRequest( [
'action' => 'edit',
ChangeTags::defineTag( 'custom tag' );
$this->setGroupPermissions( 'user', 'applychangetags', false );
- $this->overrideMwServices();
$id = $this->createPage( $name );
$name = ucfirst( __FUNCTION__ );
$this->mergeMwGlobalArrayValue( 'wgNamespacesWithSubpages', [ NS_MAIN => true ] );
- $this->overrideMwServices();
$pages = [ $name, "$name/1", "$name/2", "Talk:$name", "Talk:$name/1", "Talk:$name/3" ];
$ids = [];
$name = ucfirst( __FUNCTION__ );
$this->setGroupPermissions( 'sysop', 'suppressredirect', false );
- $this->overrideMwServices();
$id = $this->createPage( $name );
public function testSuppressed() {
$this->setGroupPermissions( 'sysop', 'viewsuppressed', true );
- $this->overrideMwServices();
$res = $this->doApiRequest( [
'action' => 'parse',
// Nor does the original one if they become a bot
$user->addGroup( 'bot' );
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache();
$this->assertFalse(
$this->doCheckCache( $user ),
"We assume bots don't have cache entries"
// But other groups are okay
$user->removeGroup( 'bot' );
$user->addGroup( 'sysop' );
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache();
$this->assertInstanceOf( stdClass::class, $this->doCheckCache( $user ) );
}
$this->setExpectedApiException( 'apierror-permissiondenied-unblock' );
$this->setGroupPermissions( 'sysop', 'block', false );
- $this->overrideMwServices();
$this->doUnblock();
}
ChangeTags::defineTag( 'custom tag' );
$this->setGroupPermissions( 'user', 'applychangetags', false );
- $this->overrideMwServices();
$this->doUnblock( [ 'tags' => 'custom tag' ] );
}
<?php
use MediaWiki\Block\DatabaseBlock;
-use MediaWiki\MediaWikiServices;
/**
* @group API
if ( $remove ) {
$this->mergeMwGlobalArrayValue( 'wgRemoveGroups', [ 'bureaucrat' => $remove ] );
}
-
- $this->overrideMwServices();
}
/**
$res = $this->doApiRequestWithToken( $params );
$user->clearInstanceCache();
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache();
$this->assertSame( $expectedGroups, $user->getGroups() );
$this->assertArrayNotHasKey( 'warnings', $res[0] );
ChangeTags::defineTag( 'custom tag' );
$this->setGroupPermissions( 'user', 'applychangetags', false );
- $this->overrideMwServices();
$this->doFailedRightsChange(
'You do not have permission to apply change tags along with your changes.',
$readOnlyMode->setReason( false );
$this->setGroupPermissions( '*', 'createaccount', false );
- $this->overrideMwServices();
$status = $this->manager->checkAccountCreatePermissions( new \User );
$this->assertFalse( $status->isOK() );
$this->assertTrue( $status->hasMessage( 'badaccess-groups' ) );
];
$block = new DatabaseBlock( $blockOptions );
$block->insert();
- $this->overrideMwServices();
$status = $this->manager->checkAccountCreatePermissions( $user );
$this->assertFalse( $status->isOK() );
$this->assertTrue( $status->hasMessage( 'cantcreateaccount-text' ) );
$this->mergeMwGlobalArrayValue( 'wgObjectCaches',
[ __METHOD__ => [ 'class' => 'HashBagOStuff' ] ] );
$this->setMwGlobals( [ 'wgMainCacheType' => __METHOD__ ] );
- // Supply services with updated globals
- $this->overrideMwServices();
// Set up lots of mocks...
$mocks = [];
// IP unable to create accounts
$this->setGroupPermissions( '*', 'createaccount', false );
$this->setGroupPermissions( '*', 'autocreateaccount', false );
- $this->overrideMwServices();
$session->clear();
$user = \User::newFromName( $username );
$this->hook( 'LocalUserCreated', $this->never() );
$session->clear();
$user = \User::newFromName( $username );
$this->hook( 'LocalUserCreated', $this->never() );
- $this->overrideMwServices();
$ret = $this->manager->autoCreateUser( $user, AuthManager::AUTOCREATE_SOURCE_SESSION, true );
$this->unhook( 'LocalUserCreated' );
$this->assertEquals( \Status::newFatal( 'ok' ), $ret );
* @group Database
*/
class ArticleTablesTest extends MediaWikiLangTestCase {
-
/**
* Make sure that T16404 doesn't strike again. We don't want
* templatelinks based on the user language when {{int:}} is used, only the
$title = Title::newFromText( 'T16404' );
$page = WikiPage::factory( $title );
$user = new User();
- $this->overrideUserPermissions( $user, [ 'createpage', 'edit', 'purge' ] );
+ $user->mRights = [ 'createpage', 'edit', 'purge' ];
$this->setContentLang( 'es' );
$this->setUserLang( 'fr' );
// Now, try the rollback
$admin->addGroup( 'sysop' ); // Make the test user a sysop
- MediaWikiServices::getInstance()->getPermissionManager()->invalidateUsersRightsCache();
$token = $admin->getEditToken( 'rollback' );
$errors = $page->doRollback(
$secondUser->getName(),
'X' . str_repeat( 'x', 251 ) ],
// Test decoding and normalization
[ '"ñ"', NS_MAIN, 'en', new TitleValue( NS_MAIN, '"ñ"' ) ],
+ [ 'X#ñ', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', 'ñ' ) ],
+ // target section parsing
+ 'empty fragment' => [ 'X#', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X' ) ],
+ 'double hash' => [ 'X##', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', '#' ) ],
+ 'fragment with hash' => [ 'X#z#z', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', 'z#z' ) ],
+ 'fragment with space' => [ 'X#z z', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', 'z z' ) ],
+ 'fragment with percent' => [ 'X#z%z', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', 'z%z' ) ],
+ 'fragment with amp' => [ 'X#z&z', NS_MAIN, 'en', new TitleValue( NS_MAIN, 'X', 'z&z' ) ],
];
}
parent::setUp();
$this->setGroupPermissions( 'local-id-lookup-test', 'hideuser', true );
- $this->overrideMwServices();
}
public function addDBData() {
$this->userTester->addGroup( 'unittesters' );
$this->expiryTime = wfTimestamp( TS_MW, time() + 100500 );
$this->userTester->addGroup( 'testwriters', $this->expiryTime );
-
- $this->overrideMwServices();
}
/**
$rights = array_diff( $rights, [ 'writetest' ] );
} ] ] );
- $this->overrideMwServices();
+ $userWrapper->mRights = null;
$rights = $user->getRights();
$this->assertContains( 'test', $rights );
$this->assertContains( 'runtest', $rights );
$mockRequest->method( 'getSession' )->willReturn( $session );
$userWrapper->mRequest = $mockRequest;
- $this->overrideMwServices();
+ $userWrapper->mRights = null;
$rights = $user->getRights();
$this->assertContains( 'test', $rights );
$this->assertNotContains( 'runtest', $rights );
$this->setMwGlobals( 'wgRateLimitsExcludedIPs', [] );
$noRateLimitUser = $this->getMockBuilder( User::class )->disableOriginalConstructor()
- ->setMethods( [ 'getIP', 'getId', 'getGroups' ] )->getMock();
+ ->setMethods( [ 'getIP', 'getRights' ] )->getMock();
$noRateLimitUser->expects( $this->any() )->method( 'getIP' )->willReturn( '1.2.3.4' );
- $noRateLimitUser->expects( $this->any() )->method( 'getId' )->willReturn( 0 );
- $noRateLimitUser->expects( $this->any() )->method( 'getGroups' )->willReturn( [] );
- $this->overrideUserPermissions( $noRateLimitUser, 'noratelimit' );
+ $noRateLimitUser->expects( $this->any() )->method( 'getRights' )->willReturn( [ 'noratelimit' ] );
$this->assertFalse( $noRateLimitUser->isPingLimitable() );
}