ApiStashEditTest.php 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421
  1. <?php
  2. use Wikimedia\TestingAccessWrapper;
  3. /**
  4. * @covers ApiStashEdit
  5. * @group API
  6. * @group medium
  7. * @group Database
  8. */
  9. class ApiStashEditTest extends ApiTestCase {
  10. public function setUp() {
  11. parent::setUp();
  12. // We need caching here, but note that the cache gets cleared in between tests, so it
  13. // doesn't work with @depends
  14. $this->setMwGlobals( 'wgMainCacheType', 'hash' );
  15. }
  16. /**
  17. * Make a stashedit API call with suitable default parameters
  18. *
  19. * @param array $params Query parameters for API request. All are optional and will have
  20. * sensible defaults filled in. To make a parameter actually not passed, set to null.
  21. * @param User $user User to do the request
  22. * @param string $expectedResult 'stashed', 'editconflict'
  23. */
  24. protected function doStash(
  25. array $params = [], User $user = null, $expectedResult = 'stashed'
  26. ) {
  27. $params = array_merge( [
  28. 'action' => 'stashedit',
  29. 'title' => __CLASS__,
  30. 'contentmodel' => 'wikitext',
  31. 'contentformat' => 'text/x-wiki',
  32. 'baserevid' => 0,
  33. ], $params );
  34. if ( !array_key_exists( 'text', $params ) &&
  35. !array_key_exists( 'stashedtexthash', $params )
  36. ) {
  37. $params['text'] = 'Content';
  38. }
  39. foreach ( $params as $key => $val ) {
  40. if ( $val === null ) {
  41. unset( $params[$key] );
  42. }
  43. }
  44. if ( isset( $params['text'] ) ) {
  45. $expectedText = $params['text'];
  46. } elseif ( isset( $params['stashedtexthash'] ) ) {
  47. $expectedText = $this->getStashedText( $params['stashedtexthash'] );
  48. }
  49. if ( isset( $expectedText ) ) {
  50. $expectedText = rtrim( str_replace( "\r\n", "\n", $expectedText ) );
  51. $expectedHash = sha1( $expectedText );
  52. $origText = $this->getStashedText( $expectedHash );
  53. }
  54. $res = $this->doApiRequestWithToken( $params, null, $user );
  55. $this->assertSame( $expectedResult, $res[0]['stashedit']['status'] );
  56. $this->assertCount( $expectedResult === 'stashed' ? 2 : 1, $res[0]['stashedit'] );
  57. if ( $expectedResult === 'stashed' ) {
  58. $hash = $res[0]['stashedit']['texthash'];
  59. $this->assertSame( $expectedText, $this->getStashedText( $hash ) );
  60. $this->assertSame( $expectedHash, $hash );
  61. if ( isset( $params['stashedtexthash'] ) ) {
  62. $this->assertSame( $params['stashedtexthash'], $expectedHash, 'Sanity' );
  63. }
  64. } else {
  65. $this->assertSame( $origText, $this->getStashedText( $expectedHash ) );
  66. }
  67. $this->assertArrayNotHasKey( 'warnings', $res[0] );
  68. return $res;
  69. }
  70. /**
  71. * Return the text stashed for $hash.
  72. *
  73. * @param string $hash
  74. * @return string
  75. */
  76. protected function getStashedText( $hash ) {
  77. $cache = ObjectCache::getLocalClusterInstance();
  78. $key = $cache->makeKey( 'stashedit', 'text', $hash );
  79. return $cache->get( $key );
  80. }
  81. /**
  82. * Return a key that can be passed to the cache to obtain a PreparedEdit object.
  83. *
  84. * @param string $title Title of page
  85. * @param string Content $text Content of edit
  86. * @param User $user User who made edit
  87. * @return string
  88. */
  89. protected function getStashKey( $title = __CLASS__, $text = 'Content', User $user = null ) {
  90. $titleObj = Title::newFromText( $title );
  91. $content = new WikitextContent( $text );
  92. if ( !$user ) {
  93. $user = $this->getTestSysop()->getUser();
  94. }
  95. $wrapper = TestingAccessWrapper::newFromClass( ApiStashEdit::class );
  96. return $wrapper->getStashKey( $titleObj, $wrapper->getContentHash( $content ), $user );
  97. }
  98. public function testBasicEdit() {
  99. $this->doStash();
  100. }
  101. public function testBot() {
  102. // @todo This restriction seems arbitrary, is there any good reason to keep it?
  103. $this->setExpectedApiException( 'apierror-botsnotsupported' );
  104. $this->doStash( [], $this->getTestUser( [ 'bot' ] )->getUser() );
  105. }
  106. public function testUnrecognizedFormat() {
  107. $this->setExpectedApiException(
  108. [ 'apierror-badformat-generic', 'application/json', 'wikitext' ] );
  109. $this->doStash( [ 'contentformat' => 'application/json' ] );
  110. }
  111. public function testMissingTextAndStashedTextHash() {
  112. $this->setExpectedApiException( [
  113. 'apierror-missingparam-one-of',
  114. Message::listParam( [ '<var>stashedtexthash</var>', '<var>text</var>' ] ),
  115. 2
  116. ] );
  117. $this->doStash( [ 'text' => null ] );
  118. }
  119. public function testStashedTextHash() {
  120. $res = $this->doStash();
  121. $this->doStash( [ 'stashedtexthash' => $res[0]['stashedit']['texthash'] ] );
  122. }
  123. public function testMalformedStashedTextHash() {
  124. $this->setExpectedApiException( 'apierror-stashedit-missingtext' );
  125. $this->doStash( [ 'stashedtexthash' => 'abc' ] );
  126. }
  127. public function testMissingStashedTextHash() {
  128. $this->setExpectedApiException( 'apierror-stashedit-missingtext' );
  129. $this->doStash( [ 'stashedtexthash' => str_repeat( '0', 40 ) ] );
  130. }
  131. public function testHashNormalization() {
  132. $res1 = $this->doStash( [ 'text' => "a\r\nb\rc\nd \t\n\r" ] );
  133. $res2 = $this->doStash( [ 'text' => "a\nb\rc\nd" ] );
  134. $this->assertSame( $res1[0]['stashedit']['texthash'], $res2[0]['stashedit']['texthash'] );
  135. $this->assertSame( "a\nb\rc\nd",
  136. $this->getStashedText( $res1[0]['stashedit']['texthash'] ) );
  137. }
  138. public function testNonexistentBaseRevId() {
  139. $this->setExpectedApiException( [ 'apierror-nosuchrevid', pow( 2, 31 ) - 1 ] );
  140. $name = ucfirst( __FUNCTION__ );
  141. $this->editPage( $name, '' );
  142. $this->doStash( [ 'title' => $name, 'baserevid' => pow( 2, 31 ) - 1 ] );
  143. }
  144. public function testPageWithNoRevisions() {
  145. $name = ucfirst( __FUNCTION__ );
  146. $rev = $this->editPage( $name, '' )->value['revision'];
  147. $this->setExpectedApiException( [ 'apierror-missingrev-pageid', $rev->getPage() ] );
  148. // Corrupt the database. @todo Does the API really need to fail gracefully for this case?
  149. $dbw = wfGetDB( DB_MASTER );
  150. $dbw->update(
  151. 'page',
  152. [ 'page_latest' => 0 ],
  153. [ 'page_id' => $rev->getPage() ],
  154. __METHOD__
  155. );
  156. $this->doStash( [ 'title' => $name, 'baserevid' => $rev->getId() ] );
  157. }
  158. public function testExistingPage() {
  159. $name = ucfirst( __FUNCTION__ );
  160. $rev = $this->editPage( $name, '' )->value['revision'];
  161. $this->doStash( [ 'title' => $name, 'baserevid' => $rev->getId() ] );
  162. }
  163. public function testInterveningEdit() {
  164. $name = ucfirst( __FUNCTION__ );
  165. $oldRev = $this->editPage( $name, "A\n\nB" )->value['revision'];
  166. $this->editPage( $name, "A\n\nC" );
  167. $this->doStash( [
  168. 'title' => $name,
  169. 'baserevid' => $oldRev->getId(),
  170. 'text' => "D\n\nB",
  171. ] );
  172. }
  173. public function testEditConflict() {
  174. $name = ucfirst( __FUNCTION__ );
  175. $oldRev = $this->editPage( $name, 'A' )->value['revision'];
  176. $this->editPage( $name, 'B' );
  177. $this->doStash( [
  178. 'title' => $name,
  179. 'baserevid' => $oldRev->getId(),
  180. 'text' => 'C',
  181. ], null, 'editconflict' );
  182. }
  183. public function testDeletedRevision() {
  184. $name = ucfirst( __FUNCTION__ );
  185. $oldRev = $this->editPage( $name, 'A' )->value['revision'];
  186. $this->editPage( $name, 'B' );
  187. $this->setExpectedApiException( [ 'apierror-missingcontent-pageid', $oldRev->getPage() ] );
  188. $this->revisionDelete( $oldRev );
  189. $this->doStash( [
  190. 'title' => $name,
  191. 'baserevid' => $oldRev->getId(),
  192. 'text' => 'C',
  193. ] );
  194. }
  195. public function testDeletedRevisionSection() {
  196. $name = ucfirst( __FUNCTION__ );
  197. $oldRev = $this->editPage( $name, 'A' )->value['revision'];
  198. $this->editPage( $name, 'B' );
  199. $this->setExpectedApiException( 'apierror-sectionreplacefailed' );
  200. $this->revisionDelete( $oldRev );
  201. $this->doStash( [
  202. 'title' => $name,
  203. 'baserevid' => $oldRev->getId(),
  204. 'text' => 'C',
  205. 'section' => '1',
  206. ] );
  207. }
  208. public function testPingLimiter() {
  209. global $wgRateLimits;
  210. $this->stashMwGlobals( 'wgRateLimits' );
  211. $wgRateLimits['stashedit'] = [ '&can-bypass' => false, 'user' => [ 1, 60 ] ];
  212. $this->doStash( [ 'text' => 'A' ] );
  213. $this->doStash( [ 'text' => 'B' ], null, 'ratelimited' );
  214. }
  215. /**
  216. * Shortcut for calling ApiStashEdit::checkCache() without having to create Titles and Contents
  217. * in every test.
  218. *
  219. * @param User $user
  220. * @param string $text The text of the article
  221. * @return stdClass|bool Return value of ApiStashEdit::checkCache(), false if not in cache
  222. */
  223. protected function doCheckCache( User $user, $text = 'Content' ) {
  224. return ApiStashEdit::checkCache(
  225. Title::newFromText( __CLASS__ ),
  226. new WikitextContent( $text ),
  227. $user
  228. );
  229. }
  230. public function testCheckCache() {
  231. $user = $this->getMutableTestUser()->getUser();
  232. $this->doStash( [], $user );
  233. $this->assertInstanceOf( stdClass::class, $this->doCheckCache( $user ) );
  234. // Another user doesn't see the cache
  235. $this->assertFalse(
  236. $this->doCheckCache( $this->getTestUser()->getUser() ),
  237. 'Cache is user-specific'
  238. );
  239. // Nor does the original one if they become a bot
  240. $user->addGroup( 'bot' );
  241. $this->assertFalse(
  242. $this->doCheckCache( $user ),
  243. "We assume bots don't have cache entries"
  244. );
  245. // But other groups are okay
  246. $user->removeGroup( 'bot' );
  247. $user->addGroup( 'sysop' );
  248. $this->assertInstanceOf( stdClass::class, $this->doCheckCache( $user ) );
  249. }
  250. public function testCheckCacheAnon() {
  251. $user = new User();
  252. $this->doStash( [], $user );
  253. $this->assertInstanceOf( stdClass::class, $this->docheckCache( $user ) );
  254. }
  255. /**
  256. * Stash an edit some time in the past, for testing expiry and freshness logic.
  257. *
  258. * @param User $user Who's doing the editing
  259. * @param string $text What text should be cached
  260. * @param int $howOld How many seconds is "old" (we actually set it one second before this)
  261. */
  262. protected function doStashOld(
  263. User $user, $text = 'Content', $howOld = ApiStashEdit::PRESUME_FRESH_TTL_SEC
  264. ) {
  265. $this->doStash( [ 'text' => $text ], $user );
  266. // Monkey with the cache to make the edit look old. @todo Is there a less fragile way to
  267. // fake the time?
  268. $key = $this->getStashKey( __CLASS__, $text, $user );
  269. $cache = ObjectCache::getLocalClusterInstance();
  270. $editInfo = $cache->get( $key );
  271. $editInfo->output->setCacheTime( wfTimestamp( TS_MW,
  272. wfTimestamp( TS_UNIX, $editInfo->output->getCacheTime() ) - $howOld - 1 ) );
  273. $cache->set( $key, $editInfo );
  274. }
  275. public function testCheckCacheOldNoEdits() {
  276. $user = $this->getTestSysop()->getUser();
  277. $this->doStashOld( $user );
  278. // Should still be good, because no intervening edits
  279. $this->assertInstanceOf( stdClass::class, $this->doCheckCache( $user ) );
  280. }
  281. public function testCheckCacheOldNoEditsAnon() {
  282. // Specify a made-up IP address to make sure no edits are lying around
  283. $user = User::newFromName( '192.0.2.77', false );
  284. $this->doStashOld( $user );
  285. // Should still be good, because no intervening edits
  286. $this->assertInstanceOf( stdClass::class, $this->doCheckCache( $user ) );
  287. }
  288. public function testCheckCacheInterveningEdits() {
  289. $user = $this->getTestSysop()->getUser();
  290. $this->doStashOld( $user );
  291. // Now let's also increment our editcount
  292. $this->editPage( ucfirst( __FUNCTION__ ), '' );
  293. $this->assertFalse( $this->doCheckCache( $user ),
  294. "Cache should be invalidated when it's old and the user has an intervening edit" );
  295. }
  296. /**
  297. * @dataProvider signatureProvider
  298. * @param string $text Which signature to test (~~~, ~~~~, or ~~~~~)
  299. * @param int $ttl Expected TTL in seconds
  300. */
  301. public function testSignatureTtl( $text, $ttl ) {
  302. $this->doStash( [ 'text' => $text ] );
  303. $cache = ObjectCache::getLocalClusterInstance();
  304. $key = $this->getStashKey( __CLASS__, $text );
  305. $wrapper = TestingAccessWrapper::newFromObject( $cache );
  306. $this->assertEquals( $ttl, $wrapper->bag[$key][HashBagOStuff::KEY_EXP] - time(), '', 1 );
  307. }
  308. public function signatureProvider() {
  309. return [
  310. '~~~' => [ '~~~', ApiStashEdit::MAX_SIGNATURE_TTL ],
  311. '~~~~' => [ '~~~~', ApiStashEdit::MAX_SIGNATURE_TTL ],
  312. '~~~~~' => [ '~~~~~', ApiStashEdit::MAX_SIGNATURE_TTL ],
  313. ];
  314. }
  315. public function testIsInternal() {
  316. $res = $this->doApiRequest( [
  317. 'action' => 'paraminfo',
  318. 'modules' => 'stashedit',
  319. ] );
  320. $this->assertCount( 1, $res[0]['paraminfo']['modules'] );
  321. $this->assertSame( true, $res[0]['paraminfo']['modules'][0]['internal'] );
  322. }
  323. public function testBusy() {
  324. // @todo This doesn't work because both lock acquisitions are in the same MySQL session, so
  325. // they don't conflict. How do I open a different session?
  326. $this->markTestSkipped();
  327. $key = $this->getStashKey();
  328. $this->db->lock( $key, __METHOD__, 0 );
  329. try {
  330. $this->doStash( [], null, 'busy' );
  331. } finally {
  332. $this->db->unlock( $key, __METHOD__ );
  333. }
  334. }
  335. }