+ public function testApiNoParam() {
+ $api = new ApiMain();
+ $api->execute();
+ $data = $api->getResult()->getResultData();
+ $this->assertInternalType( 'array', $data );
+ }
+
+ /**
+ * ApiMain behaves differently if passed a FauxRequest (mInternalMode set
+ * to true) or a proper WebRequest (mInternalMode false). For most tests
+ * we can just set mInternalMode to false using TestingAccessWrapper, but
+ * this doesn't work for the constructor. This method returns an ApiMain
+ * that's been set up in non-internal mode.
+ *
+ * Note that calling execute() will print to the console. Wrap it in
+ * ob_start()/ob_end_clean() to prevent this.
+ *
+ * @param array $requestData Query parameters for the WebRequest
+ * @param array $headers Headers for the WebRequest
+ */
+ private function getNonInternalApiMain( array $requestData, array $headers = [] ) {
+ $req = $this->getMockBuilder( WebRequest::class )
+ ->setMethods( [ 'response', 'getIP' ] )
+ ->getMock();
+ $response = new FauxResponse();
+ $req->method( 'response' )->willReturn( $response );
+ $req->method( 'getRawIP' )->willReturn( '127.0.0.1' );
+
+ $wrapper = TestingAccessWrapper::newFromObject( $req );
+ $wrapper->data = $requestData;
+ if ( $headers ) {
+ $wrapper->headers = $headers;
+ }
+
+ return new ApiMain( $req );
+ }
+
+ public function testUselang() {
+ global $wgLang;
+
+ $api = $this->getNonInternalApiMain( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ 'uselang' => 'fr',
+ ] );
+
+ ob_start();
+ $api->execute();
+ ob_end_clean();
+
+ $this->assertSame( 'fr', $wgLang->getCode() );
+ }
+
+ public function testNonWhitelistedCorsWithCookies() {
+ $logFile = $this->getNewTempFile();
+
+ $this->mergeMwGlobalArrayValue( '_COOKIE', [ 'forceHTTPS' => '1' ] );
+ $logger = new TestLogger( true );
+ $this->setLogger( 'cors', $logger );
+
+ $api = $this->getNonInternalApiMain( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ // For some reason multiple origins (which are not allowed in the
+ // WHATWG Fetch spec that supersedes the RFC) are always considered to
+ // be problematic.
+ ], [ 'ORIGIN' => 'https://www.example.com https://www.com.example' ] );
+
+ $this->assertSame(
+ [ [ Psr\Log\LogLevel::WARNING, 'Non-whitelisted CORS request with session cookies' ] ],
+ $logger->getBuffer()
+ );
+ }
+
+ public function testSuppressedLogin() {
+ global $wgUser;
+ $origUser = $wgUser;
+
+ $api = $this->getNonInternalApiMain( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ 'origin' => '*',
+ ] );
+
+ ob_start();
+ $api->execute();
+ ob_end_clean();
+
+ $this->assertNotSame( $origUser, $wgUser );
+ $this->assertSame( 'true', $api->getContext()->getRequest()->response()
+ ->getHeader( 'MediaWiki-Login-Suppressed' ) );
+ }
+
+ public function testSetContinuationManager() {
+ $api = new ApiMain();
+ $manager = $this->createMock( ApiContinuationManager::class );
+ $api->setContinuationManager( $manager );
+ $this->assertTrue( true, 'No exception' );
+ return [ $api, $manager ];
+ }
+
+ /**
+ * @depends testSetContinuationManager
+ */
+ public function testSetContinuationManagerTwice( $args ) {
+ $this->setExpectedException( UnexpectedValueException::class,
+ 'ApiMain::setContinuationManager: tried to set manager from ' .
+ 'when a manager is already set from ' );
+
+ list( $api, $manager ) = $args;
+ $api->setContinuationManager( $manager );
+ }
+
+ public function testSetCacheModeUnrecognized() {
+ $api = new ApiMain();
+ $api->setCacheMode( 'unrecognized' );
+ $this->assertSame(
+ 'private',
+ TestingAccessWrapper::newFromObject( $api )->mCacheMode,
+ 'Unrecognized params must be silently ignored'
+ );
+ }
+
+ public function testSetCacheModePrivateWiki() {
+ $this->setGroupPermissions( '*', 'read', false );
+
+ $wrappedApi = TestingAccessWrapper::newFromObject( new ApiMain() );
+ $wrappedApi->setCacheMode( 'public' );
+ $this->assertSame( 'private', $wrappedApi->mCacheMode );
+ $wrappedApi->setCacheMode( 'anon-public-user-private' );
+ $this->assertSame( 'private', $wrappedApi->mCacheMode );
+ }
+
+ public function testAddRequestedFieldsRequestId() {
+ $req = new FauxRequest( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ 'requestid' => '123456',
+ ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ $this->assertSame( '123456', $api->getResult()->getResultData()['requestid'] );
+ }
+
+ public function testAddRequestedFieldsCurTimestamp() {
+ $req = new FauxRequest( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ 'curtimestamp' => '',
+ ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ $timestamp = $api->getResult()->getResultData()['curtimestamp'];
+ $this->assertLessThanOrEqual( 1, abs( strtotime( $timestamp ) - time() ) );
+ }
+
+ public function testAddRequestedFieldsResponseLangInfo() {
+ $req = new FauxRequest( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ // errorlang is ignored if errorformat is not specified
+ 'errorformat' => 'plaintext',
+ 'uselang' => 'FR',
+ 'errorlang' => 'ja',
+ 'responselanginfo' => '',
+ ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ $data = $api->getResult()->getResultData();
+ $this->assertSame( 'fr', $data['uselang'] );
+ $this->assertSame( 'ja', $data['errorlang'] );
+ }
+
+ public function testSetupModuleUnknown() {
+ $this->setExpectedException( ApiUsageException::class,
+ 'Unrecognized value for parameter "action": unknownaction.' );
+
+ $req = new FauxRequest( [ 'action' => 'unknownaction' ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ }
+
+ public function testSetupModuleNoTokenProvided() {
+ $this->setExpectedException( ApiUsageException::class,
+ 'The "token" parameter must be set.' );
+
+ $req = new FauxRequest( [
+ 'action' => 'edit',
+ 'title' => 'New page',
+ 'text' => 'Some text',
+ ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ }
+
+ public function testSetupModuleInvalidTokenProvided() {
+ $this->setExpectedException( ApiUsageException::class, 'Invalid CSRF token.' );
+
+ $req = new FauxRequest( [
+ 'action' => 'edit',
+ 'title' => 'New page',
+ 'text' => 'Some text',
+ 'token' => "This isn't a real token!",
+ ] );
+ $api = new ApiMain( $req );
+ $api->execute();
+ }
+
+ public function testSetupModuleNeedsTokenTrue() {
+ $this->setExpectedException( MWException::class,
+ "Module 'testmodule' must be updated for the new token handling. " .
+ "See documentation for ApiBase::needsToken for details." );
+
+ $mock = $this->createMock( ApiBase::class );
+ $mock->method( 'getModuleName' )->willReturn( 'testmodule' );
+ $mock->method( 'needsToken' )->willReturn( true );
+
+ $api = new ApiMain( new FauxRequest( [ 'action' => 'testmodule' ] ) );
+ $api->getModuleManager()->addModule( 'testmodule', 'action', get_class( $mock ),
+ function () use ( $mock ) {
+ return $mock;
+ }
+ );
+ $api->execute();
+ }
+
+ public function testSetupModuleNeedsTokenNeedntBePosted() {
+ $this->setExpectedException( MWException::class,
+ "Module 'testmodule' must require POST to use tokens." );
+
+ $mock = $this->createMock( ApiBase::class );
+ $mock->method( 'getModuleName' )->willReturn( 'testmodule' );
+ $mock->method( 'needsToken' )->willReturn( 'csrf' );
+ $mock->method( 'mustBePosted' )->willReturn( false );
+
+ $api = new ApiMain( new FauxRequest( [ 'action' => 'testmodule' ] ) );
+ $api->getModuleManager()->addModule( 'testmodule', 'action', get_class( $mock ),
+ function () use ( $mock ) {
+ return $mock;
+ }
+ );
+ $api->execute();
+ }
+
+ public function testCheckMaxLagFailed() {
+ // It's hard to mock the LoadBalancer properly, so instead we'll mock
+ // checkMaxLag (which is tested directly in other tests below).
+ $req = new FauxRequest( [
+ 'action' => 'query',
+ 'meta' => 'siteinfo',
+ ] );
+
+ $mock = $this->getMockBuilder( ApiMain::class )
+ ->setConstructorArgs( [ $req ] )
+ ->setMethods( [ 'checkMaxLag' ] )
+ ->getMock();
+ $mock->method( 'checkMaxLag' )->willReturn( false );
+
+ $mock->execute();
+
+ $this->assertArrayNotHasKey( 'query', $mock->getResult()->getResultData() );
+ }
+
+ public function testCheckConditionalRequestHeadersFailed() {
+ // The detailed checking of all cases of checkConditionalRequestHeaders
+ // is below in testCheckConditionalRequestHeaders(), which calls the
+ // method directly. Here we just check that it will stop execution if
+ // it does fail.
+ $now = time();
+
+ $this->setMwGlobals( 'wgCacheEpoch', '20030516000000' );
+
+ $mock = $this->createMock( ApiBase::class );
+ $mock->method( 'getModuleName' )->willReturn( 'testmodule' );
+ $mock->method( 'getConditionalRequestData' )
+ ->willReturn( wfTimestamp( TS_MW, $now - 3600 ) );
+ $mock->expects( $this->exactly( 0 ) )->method( 'execute' );
+
+ $req = new FauxRequest( [
+ 'action' => 'testmodule',
+ ] );
+ $req->setHeader( 'If-Modified-Since', wfTimestamp( TS_RFC2822, $now - 3600 ) );
+ $req->setRequestURL( "http://localhost" );
+
+ $api = new ApiMain( $req );
+ $api->getModuleManager()->addModule( 'testmodule', 'action', get_class( $mock ),
+ function () use ( $mock ) {
+ return $mock;
+ }
+ );
+
+ $wrapper = TestingAccessWrapper::newFromObject( $api );
+ $wrapper->mInternalMode = false;
+
+ ob_start();
+ $api->execute();
+ ob_end_clean();
+ }
+
+ private function doTestCheckMaxLag( $lag ) {
+ $mockLB = $this->getMockBuilder( LoadBalancer::class )
+ ->disableOriginalConstructor()
+ ->setMethods( [ 'getMaxLag', '__destruct' ] )
+ ->getMock();
+ $mockLB->method( 'getMaxLag' )->willReturn( [ 'somehost', $lag ] );
+ $this->setService( 'DBLoadBalancer', $mockLB );
+
+ $req = new FauxRequest();
+
+ $api = new ApiMain( $req );
+ $wrapper = TestingAccessWrapper::newFromObject( $api );
+
+ $mockModule = $this->createMock( ApiBase::class );
+ $mockModule->method( 'shouldCheckMaxLag' )->willReturn( true );
+
+ try {
+ $wrapper->checkMaxLag( $mockModule, [ 'maxlag' => 3 ] );
+ } finally {
+ if ( $lag > 3 ) {
+ $this->assertSame( '5', $req->response()->getHeader( 'Retry-After' ) );
+ $this->assertSame( (string)$lag, $req->response()->getHeader( 'X-Database-Lag' ) );
+ }
+ }
+ }
+
+ public function testCheckMaxLagOkay() {
+ $this->doTestCheckMaxLag( 3 );
+
+ // No exception, we're happy
+ $this->assertTrue( true );
+ }
+
+ public function testCheckMaxLagExceeded() {
+ $this->setExpectedException( ApiUsageException::class,
+ 'Waiting for a database server: 4 seconds lagged.' );
+
+ $this->setMwGlobals( 'wgShowHostnames', false );
+
+ $this->doTestCheckMaxLag( 4 );
+ }
+
+ public function testCheckMaxLagExceededWithHostNames() {
+ $this->setExpectedException( ApiUsageException::class,
+ 'Waiting for somehost: 4 seconds lagged.' );
+
+ $this->setMwGlobals( 'wgShowHostnames', true );
+
+ $this->doTestCheckMaxLag( 4 );
+ }
+