Commit graph

18 commits

Author SHA1 Message Date
Dmitry Brant 6c5a88107c Turn push notification token list into a circular buffer.
At the moment we support a maximum of 10 tokens per user for subscribing
to push notifications, stored as a basic list that runs out when the
limit is reached.  There may, however, be some edge cases where an app
registers a token and then forgets to unregister it (and repeats this 10
times), after which time it will be unable to register any new token.

This changes the token list to behave more like a circular buffer, by
simply deleting the oldest token before inserting the new one. This way
an app could register a new token even in the rare case of forgetting
the previous ten.

Change-Id: I387de63460882e4e56d1aa6db1f78d73a0495208
2021-07-29 17:22:57 -04:00
Petr Pchelko 4750dbe3de Use ApiTestBase::doRequestWithToken
The old ApiTestCase::getTokenList relied on CSRF
token API deprecated in 1.26. Many years have passed,
it's time to swtich to new mechanisms.

Needed-By: I58aedec6942ac5d3c21574cb0072f00ef365098c
Change-Id: Iafe7a48eb0cdf8c2f1ec7fdee232c3f394fa15a3
2021-04-20 13:53:16 -07:00
mbsantos 86d45a66ca push: die with error if providertokens param is empty
Bug: T267263
Change-Id: Icf98189726602dd8e43e1f9daf19e3f73efb91b0
2020-11-10 16:50:37 +01:00
Michael Holloway 3513c642dd Create push subscription manager group/right to clean up dead subs
Creates a new push-subscription-manager group and an associated
right, manage-all-push-subscriptions. The purpose of this is to
allow privileged accounts to purge expired subscriptions from the
database on behalf of other users. A user with this right will be
permitted to delete any subscription from the DB based on the token
alone. For all other users, deletion requests will be limited to
those associated with the requesting user's central ID.

This right will be granted to a bot account on Metawiki associated
with the Wikimedia push notifications service, and the push
notifications service account will make push subscription delete
requests to the API for subscriptions for which vendor APIs return bad
subscription responses.

Additionally, the providertoken parameter to ApiPushSubscriptionDelete
is updated to allow multiple providertoken values.

Bug: T259148
Change-Id: Ia6c17588ee94e6be74e5e3a75eb33e38f172fc93
2020-08-20 17:08:48 -04:00
Mateus Santos c188dac23f push: send apns topic when present
1) send apns topic when present in subscription metadata
2) check if subscription metadata is a valid JSON string
3) make epp_id column at echo_push_provider table auto_increment,
otherwise it will fail when trying to add a second row in the table

Bug: T259394
Change-Id: I785435e9f2d4ba9c14977d431d271f0fa2d0c795
2020-08-18 13:21:20 +00:00
Michael Holloway 15d48278be Create and enforce a config setting for max subscriptions per user
Creates a EchoPushMaxSubscriptionsPerUser config setting (default: 0)
that controls the maximum number of subscriptions a user may associate
with the user's central user ID.

The setting is enforced in EchoPush\SubscriptionManager::create().

To allow creating push subscriptions for development, set
$wgEchoPushMaxSubscriptionsPerUser to a positive integer value in
LocalSettings.php:

 $wgEchoPushMaxSubscriptionsPerUser = 10;

Bug: T259150
Change-Id: Ib97b6b6cbb8161dd75dad92c54b4fe4fff80c421
2020-08-12 17:58:11 -04:00
Michael Holloway a3674974f1 Add push subscription management
Adds DB tables for storing push subscriptions, some DB interaction code
for retrieving them within MediaWiki, and a set of API modules for
managing them from the outside world.

When testing this patch, be sure to run maintenance/update.php to create
the new tables, and set $wgEchoEnablePush = true in LocalSettings.php
to enable the API new API module.

N.B. The current DB schema is centered on app push subscriptions. Web
push subscriptions require slightly different handling, since they are
provided by browsers as a JSON blob rather than a token string. How to
handle web push subscriptions is a question we can defer until the time
comes to add web push support.

Subscription data is stored in the echo_push_subscription table, with
provider names normalized into the echo_push_provider table. We expect to
be looking up subscriptions by central user ID, so that column is indexed.
The subscription data also includes a column to store SHA256 digests of
the subscriber tokens. This is for use as a unique key constraint, since
we expect every push token to be univerally unique, and the token values
themselves may be too large to reasonably index in MySQL.

Bug: T252899
Change-Id: I3928761b3fba12e54ff4850e9a05c68ec7772f62
2020-06-02 13:40:00 -04:00
jenkins-bot 4b6fc85f39 Merge "Use absolute class names in @covers tags" 2019-10-24 18:37:15 +00:00
Thiemo Kreuz 229c3d0fdd Remove non helpful (auto-generated) comments
None of these comments explains anything that wouldn't be obvious
from the code itself.

Change-Id: Ibcf50d401999ae76f315df2d2d27097a39f41bbd
2019-10-23 12:31:35 +02:00
Thiemo Kreuz 967a0b54e9 Use absolute class names in @covers tags
Not all tools require these to be absolute, full qualified class
names. But some do. This does make the code more compatible with all
kinds of tools.

Change-Id: Ie7f9d9469b7a48b2fe908d3428fca9ec0120f855
2019-10-23 12:23:09 +02:00
Umherirrender 81183a6d86 Add method scope visibility
Change-Id: Id4fe59155d6e0fa2ef1ccf4dc46ee1f109265246
2018-11-02 18:47:39 +01:00
Aryeh Gregor 86b4ed5c56 Remove call to doLogin(), which does nothing
I805520e5 is removing all callers from core.

Change-Id: I56025a9c64406f44cb157a17e308da358de0da47
2018-04-11 17:11:27 +03:00
Kunal Mehta 59a125fc38 Add @covers tags
Change-Id: Ib8cf432b58470c9218519639379c83254acef1c8
2018-01-23 16:44:45 -08:00
Kunal Mehta aaf061c725 build: Updating mediawiki/mediawiki-codesniffer to 0.9.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.ExtraParamComment
* MediaWiki.Commenting.FunctionComment.MissingParamComment
* MediaWiki.Commenting.FunctionComment.MissingParamName
* MediaWiki.Commenting.FunctionComment.MissingParamTag
* MediaWiki.Commenting.FunctionComment.MissingReturn
* MediaWiki.Commenting.FunctionComment.ParamNameNoMatch
* MediaWiki.Commenting.FunctionComment.WrongStyle
* MediaWiki.FunctionComment.Missing.Protected
* MediaWiki.FunctionComment.Missing.Public
* MediaWiki.NamingConventions.LowerCamelFunctionsName.FunctionName
* MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.NewLineComment

Change-Id: I8401abf121a7413fa191d7bc535e0ddd6cf8c3f7
2017-06-22 14:13:28 +00:00
James D. Forrester 8c810dff48 build: Update mediawiki/mediawiki-codesniffer to 0.7.1
Also added "composer fix" command.

Change-Id: I25cb61b3b92798f1259d1575a336e2b056d5764f
2016-12-05 15:54:30 -08:00
Ori Livneh 70bd4763e7 Include ApiEchoMarkReadTest in @Database group
This gets the database reset upon completion, which is needed for some reason I
can't quite locate. I17ef1f51 passes with this change.

Change-Id: I12759772001048a3be69a80adbb2572b7d9f0397
2016-05-23 16:12:02 -07:00
Matthias Mullie e8d1f6a888 Remove param index
It's (mostly) unused, and it would become problematic once we have
notifications from multiple places (where those ids could conflict)

Change-Id: Ib3bb5ae1e5689037b38290c9ce3d8691f52582b0
2016-04-21 13:33:15 +02:00
bsitu 092127726b Hygiene: Echo/tests/phpunit/ directory structure should mimic Echo/
Change-Id: I4867d09bb815d621f9feaaf7b8a541e5d817e0d2
2014-08-21 22:58:27 +00:00