preferences: Signature validation (lint errors, user links, nested subst)

Three new checks are now applied to user signatures in preferences:

* Disallow invalid HTML and lint errors (T140606)

  Since 15e0e9bb4b we can rely on Parsoid to check the signature for
  lint errors. (The old PHP Parser doesn't have this capability.)

  Most importantly, this will disallow unclosed HTML tags. Unclosed
  formatting tags like `<i>` (and also wikitext markup like `''`)
  could affect the entire page with the bad markup.

  New configuration variable $wgSignatureAllowedLintErrors is added
  to allow ignoring some errors. The default value ignores the
  'obsolete-tag' error (caused by HTML tags like `<font>` and `<tt>`.)

* Require a link to user page, talk page or contributions (T237700)

  Various tools don't work correctly when such a link is missing. For
  example, Echo notifications are not sent, DiscussionTools will not
  allow replying to these comments, English Wikipedia's SineBot treats
  these comments as unsigned.

  Such requirement has been present for a long time in many Wikimedia
  wikis' policies, but it was not enforced by software.

* Disallow "nested" substitution in signature (T230652)

  Clever abuse of "subst" markup and tildes allows users to save edits
  containing wikitext in which substitution occurs again when the page
  is next saved. Disallow this in signatures, at least.

New configuration variable $wgSignatureValidation is added to control
what we do about the result of the validation described above. The
options are:

* 'warning':
  Only displays a warning near the field on Special:Preferences if
  the current signature is invalid. Signatures can still be changed
  regardless of validity and will be used when signing comments.

* 'new':
  In addition to the above, if a user tries to change their signature,
  the new one must be valid. Existing invalid signatures are still
  used when signing comments.

* 'disallow':
  In addition to the above, existing invalid signatures are no longer
  used when signing comments.

Bug: T140606
Bug: T237700
Bug: T230652
Change-Id: I07c575c2d9d2afe7a89c4847d16ac044417297bf

1 files changed, 104 insertions, 0 deletions

diff --git a/tests/phpunit/includes/preferences/SignatureValidatorTest.php b/tests/phpunit/includes/preferences/SignatureValidatorTest.php
new file mode 100644
index 000000000000..6b8497b33243
--- /dev/null
+++ b/tests/phpunit/includes/preferences/SignatureValidatorTest.php
@@ -0,0 +1,104 @@
+<?php
+
+use MediaWiki\MediaWikiServices;
+use MediaWiki\Preferences\SignatureValidator;
+use Wikimedia\TestingAccessWrapper;
+
+/**
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ */
+
+/**
+ * @group Preferences
+ */
+class SignatureValidatorTest extends MediaWikiIntegrationTestCase {
+
+	private $validator;
+
+	public function setUp() : void {
+		parent::setUp();
+		$this->validator = $this->getSignatureValidator();
+	}
+
+	/**
+	 * Get a basic SignatureValidator for testing with.
+	 */
+	protected function getSignatureValidator() {
+		$lang = MediaWikiServices::getInstance()->getLanguageFactory()->getLanguage( 'en' );
+		$user = User::newFromName( 'SignatureValidatorTest' );
+
+		$validator = new SignatureValidator(
+			$user,
+			null,
+			ParserOptions::newFromUserAndLang( $user, $lang )
+		);
+
+		return TestingAccessWrapper::newFromObject( $validator );
+	}
+
+	/**
+	 * @covers MediaWiki\Preferences\SignatureValidator::applyPreSaveTransform()
+	 * @dataProvider provideApplyPreSaveTransform
+	 */
+	public function testApplyPreSaveTransform( $signature, $expected ) {
+		$pstSig = $this->validator->applyPreSaveTransform( $signature );
+		$this->assertSame( $expected, $pstSig );
+	}
+
+	public function provideApplyPreSaveTransform() {
+		return [
+			'Pipe trick' =>
+				[ '[[test|]]', '[[test|test]]' ],
+			'One level substitution' =>
+				[ '{{subst:uc:whatever}}', 'WHATEVER' ],
+			'Hidden nested substitution' =>
+				[ '{{subst:uc:{}}{{subst:uc:{subst:uc:}}}{{subst:uc:}}}', false ],
+			'Hidden nested signature' =>
+				[ '{{subst:uc:~~}}{{subst:uc:~~}}', false ],
+		];
+	}
+
+	/**
+	 * @covers MediaWiki\Preferences\SignatureValidator::checkUserLinks()
+	 * @dataProvider provideCheckUserLinks
+	 */
+	public function testCheckUserLinks( $signature, $expected ) {
+		$isValid = $this->validator->checkUserLinks( $signature );
+		$this->assertSame( $expected, $isValid );
+	}
+
+	public function provideCheckUserLinks() {
+		return [
+			'Perfect' =>
+				[ '[[User:SignatureValidatorTest|Signature]] ([[User talk:SignatureValidatorTest|talk]])', true ],
+			'User link' =>
+				[ '[[User:SignatureValidatorTest|Signature]]', true ],
+			'User talk link' =>
+				[ '[[User talk:SignatureValidatorTest]]', true ],
+			'Contributions link' =>
+				[ '[[Special:Contributions/SignatureValidatorTest]]', true ],
+			'Silly formatting permitted' =>
+				[ '[[_uSeR :_signatureValidatorTest_]]', true ],
+			'Contributions of wrong user' =>
+				[ '[[Special:Contributions/SignatureValidatorTestNot]]', false ],
+			'Link to subpage only' =>
+				[ '[[User:SignatureValidatorTest/blah|Signature]]', false ],
+		];
+	}
+
+}