<?php
/**
- * API for MediaWiki 1.8+
+ *
*
* Created on Sep 4, 2007
*
- * Copyright © 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
+ * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* @file
*/
-if ( !defined( 'MEDIAWIKI' ) ) {
- // Eclipse helper - will be ignored in production
- require_once( "ApiBase.php" );
-}
-
/**
-* API module that facilitates the blocking of users. Requires API write mode
-* to be enabled.
-*
+ * API module that facilitates the blocking of users. Requires API write mode
+ * to be enabled.
+ *
* @ingroup API
*/
class ApiBlock extends ApiBase {
- /**
- * Std ctor.
- */
- public function __construct( $main, $action ) {
- parent::__construct( $main, $action );
- }
-
/**
* Blocks the user specified in the parameters for the given expiry, with the
* given reason, and with all other settings provided in the params. If the block
* of success. If it fails, the result will specify the nature of the error.
*/
public function execute() {
- global $wgUser, $wgBlockAllowsUTEdit;
+ $this->checkUserRightsAny( 'block' );
+
+ $user = $this->getUser();
$params = $this->extractRequestParams();
- if ( $params['gettoken'] ) {
- $res['blocktoken'] = $wgUser->editToken();
- $this->getResult()->addValue( null, $this->getModuleName(), $res );
- return;
- }
+ $this->requireOnlyOneParameter( $params, 'user', 'userid' );
- if ( !$wgUser->isAllowed( 'block' ) ) {
- $this->dieUsageMsg( array( 'cantblock' ) );
- }
- # bug 15810: blocked admins should have limited access here
- if ( $wgUser->isBlocked() ) {
- $status = IPBlockForm::checkUnblockSelf( $params['user'] );
+ # T17810: blocked admins should have limited access here
+ if ( $user->isBlocked() ) {
+ $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
if ( $status !== true ) {
- $this->dieUsageMsg( array( $status ) );
+ $this->dieWithError(
+ $status,
+ null,
+ [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
+ );
}
}
- if ( $params['hidename'] && !$wgUser->isAllowed( 'hideuser' ) ) {
- $this->dieUsageMsg( array( 'canthide' ) );
- }
- if ( $params['noemail'] && !IPBlockForm::canBlockEmail( $wgUser ) ) {
- $this->dieUsageMsg( array( 'cantblock-email' ) );
- }
- $form = new IPBlockForm( '' );
- $form->BlockAddress = $params['user'];
- $form->BlockReason = ( is_null( $params['reason'] ) ? '' : $params['reason'] );
- $form->BlockReasonList = 'other';
- $form->BlockExpiry = ( $params['expiry'] == 'never' ? 'infinite' : $params['expiry'] );
- $form->BlockOther = '';
- $form->BlockAnonOnly = $params['anononly'];
- $form->BlockCreateAccount = $params['nocreate'];
- $form->BlockEnableAutoblock = $params['autoblock'];
- $form->BlockEmail = $params['noemail'];
- $form->BlockHideName = $params['hidename'];
- $form->BlockAllowUsertalk = $params['allowusertalk'] && $wgBlockAllowsUTEdit;
- $form->BlockReblock = $params['reblock'];
-
- $userID = $expiry = null;
- $retval = $form->doBlock( $userID, $expiry );
- if ( count( $retval ) ) {
- // We don't care about multiple errors, just report one of them
- $this->dieUsageMsg( $retval );
+ if ( $params['userid'] !== null ) {
+ $username = User::whoIs( $params['userid'] );
+
+ if ( $username === false ) {
+ $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
+ } else {
+ $params['user'] = $username;
+ }
+ } else {
+ $target = User::newFromName( $params['user'] );
+
+ // T40633 - if the target is a user (not an IP address), but it
+ // doesn't exist or is unusable, error.
+ if ( $target instanceof User &&
+ ( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $target->getName() ) )
+ ) {
+ $this->dieWithError( [ 'nosuchusershort', $params['user'] ], 'nosuchuser' );
+ }
}
- $res['user'] = $params['user'];
- $res['userID'] = intval( $userID );
- $res['expiry'] = ( $expiry == Block::infinity() ? 'infinite' : wfTimestamp( TS_ISO_8601, $expiry ) );
- $res['reason'] = $params['reason'];
- if ( $params['anononly'] ) {
- $res['anononly'] = '';
+ if ( $params['tags'] ) {
+ $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
+ if ( !$ableToTag->isOK() ) {
+ $this->dieStatus( $ableToTag );
+ }
}
- if ( $params['nocreate'] ) {
- $res['nocreate'] = '';
+
+ if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
+ $this->dieWithError( 'apierror-canthide' );
}
- if ( $params['autoblock'] ) {
- $res['autoblock'] = '';
+ if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
+ $this->dieWithError( 'apierror-cantblock-email' );
}
- if ( $params['noemail'] ) {
- $res['noemail'] = '';
+
+ $data = [
+ 'PreviousTarget' => $params['user'],
+ 'Target' => $params['user'],
+ 'Reason' => [
+ $params['reason'],
+ 'other',
+ $params['reason']
+ ],
+ 'Expiry' => $params['expiry'],
+ 'HardBlock' => !$params['anononly'],
+ 'CreateAccount' => $params['nocreate'],
+ 'AutoBlock' => $params['autoblock'],
+ 'DisableEmail' => $params['noemail'],
+ 'HideUser' => $params['hidename'],
+ 'DisableUTEdit' => !$params['allowusertalk'],
+ 'Reblock' => $params['reblock'],
+ 'Watch' => $params['watchuser'],
+ 'Confirm' => true,
+ 'Tags' => $params['tags'],
+ ];
+
+ $status = SpecialBlock::validateTarget( $params['user'], $user );
+ if ( !$status->isOK() ) {
+ $this->dieStatus( $status );
}
- if ( $params['hidename'] ) {
- $res['hidename'] = '';
+
+ $retval = SpecialBlock::processForm( $data, $this->getContext() );
+ if ( $retval !== true ) {
+ $this->dieStatus( $this->errorArrayToStatus( $retval ) );
}
- if ( $params['allowusertalk'] ) {
- $res['allowusertalk'] = '';
+
+ list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
+ $res['user'] = $params['user'];
+ $res['userID'] = $target instanceof User ? $target->getId() : 0;
+
+ $block = Block::newFromTarget( $target, null, true );
+ if ( $block instanceof Block ) {
+ $res['expiry'] = ApiResult::formatExpiry( $block->mExpiry, 'infinite' );
+ $res['id'] = $block->getId();
+ } else {
+ # should be unreachable
+ $res['expiry'] = '';
+ $res['id'] = '';
}
+ $res['reason'] = $params['reason'];
+ $res['anononly'] = $params['anononly'];
+ $res['nocreate'] = $params['nocreate'];
+ $res['autoblock'] = $params['autoblock'];
+ $res['noemail'] = $params['noemail'];
+ $res['hidename'] = $params['hidename'];
+ $res['allowusertalk'] = $params['allowusertalk'];
+ $res['watchuser'] = $params['watchuser'];
+
$this->getResult()->addValue( null, $this->getModuleName(), $res );
}
}
public function getAllowedParams() {
- return array(
- 'user' => array(
- ApiBase::PARAM_TYPE => 'string',
- ApiBase::PARAM_REQUIRED => true
- ),
- 'token' => null,
- 'gettoken' => false,
+ return [
+ 'user' => [
+ ApiBase::PARAM_TYPE => 'user',
+ ],
+ 'userid' => [
+ ApiBase::PARAM_TYPE => 'integer',
+ ],
'expiry' => 'never',
- 'reason' => null,
+ 'reason' => '',
'anononly' => false,
'nocreate' => false,
'autoblock' => false,
'hidename' => false,
'allowusertalk' => false,
'reblock' => false,
- );
- }
-
- public function getParamDescription() {
- return array(
- 'user' => 'Username, IP address or IP range you want to block',
- 'token' => 'A block token previously obtained through the gettoken parameter or prop=info',
- 'gettoken' => 'If set, a block token will be returned, and no other action will be taken',
- 'expiry' => 'Relative expiry time, e.g. \'5 months\' or \'2 weeks\'. If set to \'infinite\', \'indefinite\' or \'never\', the block will never expire.',
- 'reason' => 'Reason for block (optional)',
- 'anononly' => 'Block anonymous users only (i.e. disable anonymous edits for this IP)',
- 'nocreate' => 'Prevent account creation',
- 'autoblock' => 'Automatically block the last used IP address, and any subsequent IP addresses they try to login from',
- 'noemail' => 'Prevent user from sending e-mail through the wiki. (Requires the "blockemail" right.)',
- 'hidename' => 'Hide the username from the block log. (Requires the "hideuser" right.)',
- 'allowusertalk' => 'Allow the user to edit their own talk page (depends on $wgBlockAllowsUTEdit)',
- 'reblock' => 'If the user is already blocked, overwrite the existing block',
- );
- }
-
- public function getDescription() {
- return 'Block a user';
- }
-
- public function getPossibleErrors() {
- return array_merge( parent::getPossibleErrors(), array(
- array( 'cantblock' ),
- array( 'canthide' ),
- array( 'cantblock-email' ),
- array( 'ipbblocked' ),
- array( 'ipbnounblockself' ),
- ) );
+ 'watchuser' => false,
+ 'tags' => [
+ ApiBase::PARAM_TYPE => 'tags',
+ ApiBase::PARAM_ISMULTI => true,
+ ],
+ ];
}
public function needsToken() {
- return true;
- }
-
- public function getTokenSalt() {
- return '';
+ return 'csrf';
}
- protected function getExamples() {
- return array(
- 'api.php?action=block&user=123.5.5.12&expiry=3%20days&reason=First%20strike',
- 'api.php?action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail='
- );
+ protected function getExamplesMessages() {
+ // @codingStandardsIgnoreStart Generic.Files.LineLength
+ return [
+ 'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
+ => 'apihelp-block-example-ip-simple',
+ 'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
+ => 'apihelp-block-example-user-complex',
+ ];
+ // @codingStandardsIgnoreEnd
}
- public function getVersion() {
- return __CLASS__ . ': $Id$';
+ public function getHelpUrls() {
+ return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
}
}
scripts.mit.edu / autoinstallsdev / mediawiki.git / blobdiff