3 use MediaWiki\Auth\AuthManager
;
6 * @covers PasswordReset
9 class PasswordResetTest
extends MediaWikiTestCase
{
11 * @dataProvider provideIsAllowed
13 public function testIsAllowed( $passwordResetRoutes, $enableEmail,
14 $allowsAuthenticationDataChange, $canEditPrivate, $block, $globalBlock, $isAllowed
16 $config = new HashConfig( [
17 'PasswordResetRoutes' => $passwordResetRoutes,
18 'EnableEmail' => $enableEmail,
21 $authManager = $this->getMockBuilder( AuthManager
::class )->disableOriginalConstructor()
23 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
24 ->willReturn( $allowsAuthenticationDataChange ? Status
::newGood() : Status
::newFatal( 'foo' ) );
26 $user = $this->getMockBuilder( User
::class )->getMock();
27 $user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
28 $user->expects( $this->any() )->method( 'getBlock' )->willReturn( $block );
29 $user->expects( $this->any() )->method( 'getGlobalBlock' )->willReturn( $globalBlock );
30 $user->expects( $this->any() )->method( 'isAllowed' )
31 ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate ) {
32 if ( $perm === 'editmyprivateinfo' ) {
33 return $canEditPrivate;
35 $this->fail( 'Unexpected permission check' );
39 $passwordReset = new PasswordReset( $config, $authManager );
41 $this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
44 public function provideIsAllowed() {
47 'passwordResetRoutes' => [],
48 'enableEmail' => true,
49 'allowsAuthenticationDataChange' => true,
50 'canEditPrivate' => true,
52 'globalBlock' => null,
56 'passwordResetRoutes' => [ 'username' => true ],
57 'enableEmail' => false,
58 'allowsAuthenticationDataChange' => true,
59 'canEditPrivate' => true,
61 'globalBlock' => null,
64 'auth data change disabled' => [
65 'passwordResetRoutes' => [ 'username' => true ],
66 'enableEmail' => true,
67 'allowsAuthenticationDataChange' => false,
68 'canEditPrivate' => true,
70 'globalBlock' => null,
73 'cannot edit private data' => [
74 'passwordResetRoutes' => [ 'username' => true ],
75 'enableEmail' => true,
76 'allowsAuthenticationDataChange' => true,
77 'canEditPrivate' => false,
79 'globalBlock' => null,
82 'blocked with account creation disabled' => [
83 'passwordResetRoutes' => [ 'username' => true ],
84 'enableEmail' => true,
85 'allowsAuthenticationDataChange' => true,
86 'canEditPrivate' => true,
87 'block' => new Block( [ 'createAccount' => true ] ),
88 'globalBlock' => null,
91 'blocked w/o account creation disabled' => [
92 'passwordResetRoutes' => [ 'username' => true ],
93 'enableEmail' => true,
94 'allowsAuthenticationDataChange' => true,
95 'canEditPrivate' => true,
96 'block' => new Block( [] ),
97 'globalBlock' => null,
100 'using blocked proxy' => [
101 'passwordResetRoutes' => [ 'username' => true ],
102 'enableEmail' => true,
103 'allowsAuthenticationDataChange' => true,
104 'canEditPrivate' => true,
105 'block' => new Block( [ 'systemBlock' => 'proxy' ] ),
106 'globalBlock' => null,
107 'isAllowed' => false,
109 'globally blocked with account creation disabled' => [
110 'passwordResetRoutes' => [ 'username' => true ],
111 'enableEmail' => true,
112 'allowsAuthenticationDataChange' => true,
113 'canEditPrivate' => true,
115 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => true ] ),
116 'isAllowed' => false,
118 'globally blocked with account creation not disabled' => [
119 'passwordResetRoutes' => [ 'username' => true ],
120 'enableEmail' => true,
121 'allowsAuthenticationDataChange' => true,
122 'canEditPrivate' => true,
124 'globalBlock' => new Block( [ 'systemBlock' => 'global-block', 'createAccount' => false ] ),
127 'blocked via wgSoftBlockRanges' => [
128 'passwordResetRoutes' => [ 'username' => true ],
129 'enableEmail' => true,
130 'allowsAuthenticationDataChange' => true,
131 'canEditPrivate' => true,
132 'block' => new Block( [ 'systemBlock' => 'wgSoftBlockRanges', 'anonOnly' => true ] ),
133 'globalBlock' => null,
136 'blocked with an unknown system block type' => [
137 'passwordResetRoutes' => [ 'username' => true ],
138 'enableEmail' => true,
139 'allowsAuthenticationDataChange' => true,
140 'canEditPrivate' => true,
141 'block' => new Block( [ 'systemBlock' => 'unknown' ] ),
142 'globalBlock' => null,
143 'isAllowed' => false,
146 'passwordResetRoutes' => [ 'username' => true ],
147 'enableEmail' => true,
148 'allowsAuthenticationDataChange' => true,
149 'canEditPrivate' => true,
151 'globalBlock' => null,
157 public function testExecute_email() {
158 $config = new HashConfig( [
159 'PasswordResetRoutes' => [ 'username' => true, 'email' => true ],
160 'EnableEmail' => true,
163 // Unregister the hooks for proper unit testing
164 $this->mergeMwGlobalArrayValue( 'wgHooks', [
165 'User::mailPasswordInternal' => [],
166 'SpecialPasswordResetOnSubmit' => [],
169 $authManager = $this->getMockBuilder( AuthManager
::class )->disableOriginalConstructor()
171 $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
172 ->willReturn( Status
::newGood() );
173 $authManager->expects( $this->exactly( 2 ) )->method( 'changeAuthenticationData' );
175 $request = new FauxRequest();
176 $request->setIP( '1.2.3.4' );
177 $performingUser = $this->getMockBuilder( User
::class )->getMock();
178 $performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
179 $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
180 $performingUser->expects( $this->any() )->method( 'getName' )->willReturn( 'Performer' );
182 $targetUser1 = $this->getMockBuilder( User
::class )->getMock();
183 $targetUser2 = $this->getMockBuilder( User
::class )->getMock();
184 $targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
185 $targetUser2->expects( $this->any() )->method( 'getName' )->willReturn( 'User2' );
186 $targetUser1->expects( $this->any() )->method( 'getId' )->willReturn( 1 );
187 $targetUser2->expects( $this->any() )->method( 'getId' )->willReturn( 2 );
188 $targetUser1->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
189 $targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
191 $passwordReset = $this->getMockBuilder( PasswordReset
::class )
192 ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
194 $passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
195 ->willReturn( [ $targetUser1, $targetUser2 ] );
197 $status = $passwordReset->isAllowed( $performingUser );
198 $this->assertTrue( $status->isGood() );
200 $status = $passwordReset->execute( $performingUser, null, 'foo@bar.baz' );
201 $this->assertTrue( $status->isGood() );