3 use MediaWiki\Auth\AuthManager
;
6 * @covers PasswordReset
9 class PasswordResetTest
extends MediaWikiTestCase
{
11 * @dataProvider provideIsAllowed
13 public function testIsAllowed( $passwordResetRoutes, $enableEmail,
14 $allowsAuthenticationDataChange, $canEditPrivate, $block, $globalBlock, $isAllowed
16 $config = new HashConfig( [
17 'PasswordResetRoutes' => $passwordResetRoutes,
18 'EnableEmail' => $enableEmail,
21 $authManager = $this->getMockBuilder( AuthManager
::class )->disableOriginalConstructor()
23 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
24 ->willReturn( $allowsAuthenticationDataChange ? Status
::newGood() : Status
::newFatal( 'foo' ) );
26 $user = $this->getMockBuilder( User
::class )->getMock();
27 $user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
28 $user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
29 $user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
30 $user->expects( $this->any() )->method( 'isAllowed' )
31 ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
32 if ( $perm === 'editmyprivateinfo' ) {
33 return $canEditPrivate;
35 $this->fail( 'Unexpected permission check' );
39 $passwordReset = new PasswordReset( $config, $authManager );
41 $this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
44 public function provideIsAllowed() {
47 'passwordResetRoutes' => [],
48 'enableEmail' => true,
49 'allowsAuthenticationDataChange' => true,
50 'canEditPrivate' => true,
52 'globalBlock' => null,
56 'passwordResetRoutes' => [ 'username' => true ],
57 'enableEmail' => false,
58 'allowsAuthenticationDataChange' => true,
59 'canEditPrivate' => true,
61 'globalBlock' => null,
64 'auth data change disabled' => [
65 'passwordResetRoutes' => [ 'username' => true ],
66 'enableEmail' => true,
67 'allowsAuthenticationDataChange' => false,
68 'canEditPrivate' => true,
70 'globalBlock' => null,
73 'cannot edit private data' => [
74 'passwordResetRoutes' => [ 'username' => true ],
75 'enableEmail' => true,
76 'allowsAuthenticationDataChange' => true,
77 'canEditPrivate' => false,
79 'globalBlock' => null,
82 'blocked with account creation disabled' => [
83 'passwordResetRoutes' => [ 'username' => true ],
84 'enableEmail' => true,
85 'allowsAuthenticationDataChange' => true,
86 'canEditPrivate' => true,
87 'block' => new Block( [ 'createAccount' => true ] ),
88 'globalBlock' => null,
91 'blocked w/o account creation disabled' => [
92 'passwordResetRoutes' => [ 'username' => true ],
93 'enableEmail' => true,
94 'allowsAuthenticationDataChange' => true,
95 'canEditPrivate' => true,
96 'block' => new Block( [] ),
97 'globalBlock' => null,
100 'using blocked proxy' => [
101 'passwordResetRoutes' => [ 'username' => true ],
102 'enableEmail' => true,
103 'allowsAuthenticationDataChange' => true,
104 'canEditPrivate' => true,
105 'block' => new Block( [ 'systemBlock' => 'proxy' ] ),
106 'globalBlock' => null,
107 'isAllowed' => false,
109 'globally blocked with account creation disabled' => [
110 'passwordResetRoutes' => [ 'username' => true ],
111 'enableEmail' => true,
112 'allowsAuthenticationDataChange' => true,
113 'canEditPrivate' => true,
115 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => true ] ),
116 'isAllowed' => false,
118 'globally blocked with account creation not disabled' => [
119 'passwordResetRoutes' => [ 'username' => true ],
120 'enableEmail' => true,
121 'allowsAuthenticationDataChange' => true,
122 'canEditPrivate' => true,
124 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => false ] ),
127 'blocked via wgSoftBlockRanges' => [
128 'passwordResetRoutes' => [ 'username' => true ],
129 'enableEmail' => true,
130 'allowsAuthenticationDataChange' => true,
131 'canEditPrivate' => true,
132 'block' => new Block( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
133 'globalBlock' => null,
137 'passwordResetRoutes' => [ 'username' => true ],
138 'enableEmail' => true,
139 'allowsAuthenticationDataChange' => true,
140 'canEditPrivate' => true,
142 'globalBlock' => null,
148 public function testExecute_email() {
149 $config = new HashConfig( [
150 'PasswordResetRoutes' => [ 'username' => true, 'email' => true ],
151 'EnableEmail' => true,
154 // Unregister the hooks for proper unit testing
155 $this->mergeMwGlobalArrayValue( 'wgHooks', [
156 'User::mailPasswordInternal' => [],
157 'SpecialPasswordResetOnSubmit' => [],
160 $authManager = $this->getMockBuilder( AuthManager
::class )->disableOriginalConstructor()
162 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
163 ->willReturn( Status
::newGood() );
164 $authManager->expects( $this->exactly( 2 ) )->method( 'changeAuthenticationData' );
166 $request = new FauxRequest();
167 $request->setIP( '1.2.3.4' );
168 $performingUser = $this->getMockBuilder( User
::class )->getMock();
169 $performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
170 $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
172 $targetUser1 = $this->getMockBuilder( User
::class )->getMock();
173 $targetUser2 = $this->getMockBuilder( User
::class )->getMock();
174 $targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
175 $targetUser2->expects( $this->any() )->method( 'getName' )->willReturn( 'User2' );
176 $targetUser1->expects( $this->any() )->method( 'getId' )->willReturn( 1 );
177 $targetUser2->expects( $this->any() )->method( 'getId' )->willReturn( 2 );
178 $targetUser1->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
179 $targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
181 $passwordReset = $this->getMockBuilder( PasswordReset
::class )
182 ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
184 $passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
185 ->willReturn( [ $targetUser1, $targetUser2 ] );
187 $status = $passwordReset->isAllowed( $performingUser );
188 $this->assertTrue( $status->isGood() );
190 $status = $passwordReset->execute( $performingUser, null, 'foo@bar.baz' );
191 $this->assertTrue( $status->isGood() );