dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Check validity and availability of usernames during signup via AJAX"
[lhc/web/wiklou.git] / includes / api / ApiQueryBlocks.php
1 <?php
2 /**
3 *
4 *
5 * Created on Sep 10, 2007
6 *
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 *
24 * @file
25 */
26
27 /**
28 * Query module to enumerate all user blocks
29 *
30 * @ingroup API
31 */
32 class ApiQueryBlocks extends ApiQueryBase {
33
34 /**
35 * @var Array
36 */
37 protected $usernames;
38
39 public function __construct( $query, $moduleName ) {
40 parent::__construct( $query, $moduleName, 'bk' );
41 }
42
43 public function execute() {
44 global $wgContLang;
45
46 $params = $this->extractRequestParams();
47 $this->requireMaxOneParameter( $params, 'users', 'ip' );
48
49 $prop = array_flip( $params['prop'] );
50 $fld_id = isset( $prop['id'] );
51 $fld_user = isset( $prop['user'] );
52 $fld_userid = isset( $prop['userid'] );
53 $fld_by = isset( $prop['by'] );
54 $fld_byid = isset( $prop['byid'] );
55 $fld_timestamp = isset( $prop['timestamp'] );
56 $fld_expiry = isset( $prop['expiry'] );
57 $fld_reason = isset( $prop['reason'] );
58 $fld_range = isset( $prop['range'] );
59 $fld_flags = isset( $prop['flags'] );
60
61 $result = $this->getResult();
62
63 $this->addTables( 'ipblocks' );
64 $this->addFields( 'ipb_auto' );
65
66 $this->addFieldsIf( 'ipb_id', $fld_id );
67 $this->addFieldsIf( array( 'ipb_address', 'ipb_user' ), $fld_user || $fld_userid );
68 $this->addFieldsIf( 'ipb_by_text', $fld_by );
69 $this->addFieldsIf( 'ipb_by', $fld_byid );
70 $this->addFieldsIf( 'ipb_timestamp', $fld_timestamp );
71 $this->addFieldsIf( 'ipb_expiry', $fld_expiry );
72 $this->addFieldsIf( 'ipb_reason', $fld_reason );
73 $this->addFieldsIf( array( 'ipb_range_start', 'ipb_range_end' ), $fld_range );
74 $this->addFieldsIf( array( 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock',
75 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk' ),
76 $fld_flags );
77
78 $this->addOption( 'LIMIT', $params['limit'] + 1 );
79 $this->addTimestampWhereRange(
80 'ipb_timestamp',
81 $params['dir'],
82 $params['start'],
83 $params['end']
84 );
85
86 $db = $this->getDB();
87
88 if ( isset( $params['ids'] ) ) {
89 $this->addWhereFld( 'ipb_id', $params['ids'] );
90 }
91 if ( isset( $params['users'] ) ) {
92 foreach ( (array)$params['users'] as $u ) {
93 $this->prepareUsername( $u );
94 }
95 $this->addWhereFld( 'ipb_address', $this->usernames );
96 $this->addWhereFld( 'ipb_auto', 0 );
97 }
98 if ( isset( $params['ip'] ) ) {
99 global $wgBlockCIDRLimit;
100 if ( IP::isIPv4( $params['ip'] ) ) {
101 $type = 'IPv4';
102 $cidrLimit = $wgBlockCIDRLimit['IPv4'];
103 $prefixLen = 0;
104 } elseif ( IP::isIPv6( $params['ip'] ) ) {
105 $type = 'IPv6';
106 $cidrLimit = $wgBlockCIDRLimit['IPv6'];
107 $prefixLen = 3; // IP::toHex output is prefixed with "v6-"
108 } else {
109 $this->dieUsage( 'IP parameter is not valid', 'param_ip' );
110 }
111
112 # Check range validity, if it's a CIDR
113 list( $ip, $range ) = IP::parseCIDR( $params['ip'] );
114 if ( $ip !== false && $range !== false && $range < $cidrLimit ) {
115 $this->dieUsage(
116 "$type CIDR ranges broader than /$cidrLimit are not accepted",
117 'cidrtoobroad'
118 );
119 }
120
121 # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here.
122 list( $lower, $upper ) = IP::parseRange( $params['ip'] );
123
124 # Extract the common prefix to any rangeblock affecting this IP/CIDR
125 $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) );
126
127 # Fairly hard to make a malicious SQL statement out of hex characters,
128 # but it is good practice to add quotes
129 $lower = $db->addQuotes( $lower );
130 $upper = $db->addQuotes( $upper );
131
132 $this->addWhere( array(
133 'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
134 'ipb_range_start <= ' . $lower,
135 'ipb_range_end >= ' . $upper,
136 'ipb_auto' => 0
137 ) );
138 }
139
140 if ( !is_null( $params['show'] ) ) {
141 $show = array_flip( $params['show'] );
142
143 /* Check for conflicting parameters. */
144 if ( ( isset( $show['account'] ) && isset( $show['!account'] ) )
145 || ( isset( $show['ip'] ) && isset( $show['!ip'] ) )
146 || ( isset( $show['range'] ) && isset( $show['!range'] ) )
147 || ( isset( $show['temp'] ) && isset( $show['!temp'] ) )
148 ) {
149 $this->dieUsageMsg( 'show' );
150 }
151
152 $this->addWhereIf( 'ipb_user = 0', isset( $show['!account'] ) );
153 $this->addWhereIf( 'ipb_user != 0', isset( $show['account'] ) );
154 $this->addWhereIf( 'ipb_user != 0 OR ipb_range_end > ipb_range_start', isset( $show['!ip'] ) );
155 $this->addWhereIf( 'ipb_user = 0 AND ipb_range_end = ipb_range_start', isset( $show['ip'] ) );
156 $this->addWhereIf( 'ipb_expiry = ' .
157 $db->addQuotes( $db->getInfinity() ), isset( $show['!temp'] ) );
158 $this->addWhereIf( 'ipb_expiry != ' .
159 $db->addQuotes( $db->getInfinity() ), isset( $show['temp'] ) );
160 $this->addWhereIf( 'ipb_range_end = ipb_range_start', isset( $show['!range'] ) );
161 $this->addWhereIf( 'ipb_range_end > ipb_range_start', isset( $show['range'] ) );
162 }
163
164 if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
165 $this->addWhereFld( 'ipb_deleted', 0 );
166 }
167
168 // Purge expired entries on one in every 10 queries
169 if ( !mt_rand( 0, 10 ) ) {
170 Block::purgeExpired();
171 }
172
173 $res = $this->select( __METHOD__ );
174
175 $count = 0;
176 foreach ( $res as $row ) {
177 if ( ++$count > $params['limit'] ) {
178 // We've had enough
179 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
180 break;
181 }
182 $block = array();
183 if ( $fld_id ) {
184 $block['id'] = $row->ipb_id;
185 }
186 if ( $fld_user && !$row->ipb_auto ) {
187 $block['user'] = $row->ipb_address;
188 }
189 if ( $fld_userid && !$row->ipb_auto ) {
190 $block['userid'] = $row->ipb_user;
191 }
192 if ( $fld_by ) {
193 $block['by'] = $row->ipb_by_text;
194 }
195 if ( $fld_byid ) {
196 $block['byid'] = $row->ipb_by;
197 }
198 if ( $fld_timestamp ) {
199 $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
200 }
201 if ( $fld_expiry ) {
202 $block['expiry'] = $wgContLang->formatExpiry( $row->ipb_expiry, TS_ISO_8601 );
203 }
204 if ( $fld_reason ) {
205 $block['reason'] = $row->ipb_reason;
206 }
207 if ( $fld_range && !$row->ipb_auto ) {
208 $block['rangestart'] = IP::formatHex( $row->ipb_range_start );
209 $block['rangeend'] = IP::formatHex( $row->ipb_range_end );
210 }
211 if ( $fld_flags ) {
212 // For clarity, these flags use the same names as their action=block counterparts
213 if ( $row->ipb_auto ) {
214 $block['automatic'] = '';
215 }
216 if ( $row->ipb_anon_only ) {
217 $block['anononly'] = '';
218 }
219 if ( $row->ipb_create_account ) {
220 $block['nocreate'] = '';
221 }
222 if ( $row->ipb_enable_autoblock ) {
223 $block['autoblock'] = '';
224 }
225 if ( $row->ipb_block_email ) {
226 $block['noemail'] = '';
227 }
228 if ( $row->ipb_deleted ) {
229 $block['hidden'] = '';
230 }
231 if ( $row->ipb_allow_usertalk ) {
232 $block['allowusertalk'] = '';
233 }
234 }
235 $fit = $result->addValue( array( 'query', $this->getModuleName() ), null, $block );
236 if ( !$fit ) {
237 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
238 break;
239 }
240 }
241 $result->setIndexedTagName_internal( array( 'query', $this->getModuleName() ), 'block' );
242 }
243
244 protected function prepareUsername( $user ) {
245 if ( !$user ) {
246 $this->dieUsage( 'User parameter may not be empty', 'param_user' );
247 }
248 $name = User::isIP( $user )
249 ? $user
250 : User::getCanonicalName( $user, 'valid' );
251 if ( $name === false ) {
252 $this->dieUsage( "User name {$user} is not valid", 'param_user' );
253 }
254 $this->usernames[] = $name;
255 }
256
257 public function getAllowedParams() {
258 return array(
259 'start' => array(
260 ApiBase::PARAM_TYPE => 'timestamp'
261 ),
262 'end' => array(
263 ApiBase::PARAM_TYPE => 'timestamp',
264 ),
265 'dir' => array(
266 ApiBase::PARAM_TYPE => array(
267 'newer',
268 'older'
269 ),
270 ApiBase::PARAM_DFLT => 'older'
271 ),
272 'ids' => array(
273 ApiBase::PARAM_TYPE => 'integer',
274 ApiBase::PARAM_ISMULTI => true
275 ),
276 'users' => array(
277 ApiBase::PARAM_ISMULTI => true
278 ),
279 'ip' => null,
280 'limit' => array(
281 ApiBase::PARAM_DFLT => 10,
282 ApiBase::PARAM_TYPE => 'limit',
283 ApiBase::PARAM_MIN => 1,
284 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
285 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
286 ),
287 'prop' => array(
288 ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
289 ApiBase::PARAM_TYPE => array(
290 'id',
291 'user',
292 'userid',
293 'by',
294 'byid',
295 'timestamp',
296 'expiry',
297 'reason',
298 'range',
299 'flags'
300 ),
301 ApiBase::PARAM_ISMULTI => true
302 ),
303 'show' => array(
304 ApiBase::PARAM_TYPE => array(
305 'account',
306 '!account',
307 'temp',
308 '!temp',
309 'ip',
310 '!ip',
311 'range',
312 '!range',
313 ),
314 ApiBase::PARAM_ISMULTI => true
315 ),
316 );
317 }
318
319 public function getParamDescription() {
320 global $wgBlockCIDRLimit;
321 $p = $this->getModulePrefix();
322
323 return array(
324 'start' => 'The timestamp to start enumerating from',
325 'end' => 'The timestamp to stop enumerating at',
326 'dir' => $this->getDirectionDescription( $p ),
327 'ids' => 'List of block IDs to list (optional)',
328 'users' => 'List of users to search for (optional)',
329 'ip' => array(
330 'Get all blocks applying to this IP or CIDR range, including range blocks.',
331 "Cannot be used together with bkusers. CIDR ranges broader than " .
332 "IPv4/{$wgBlockCIDRLimit['IPv4']} or IPv6/{$wgBlockCIDRLimit['IPv6']} " .
333 "are not accepted"
334 ),
335 'limit' => 'The maximum amount of blocks to list',
336 'prop' => array(
337 'Which properties to get',
338 ' id - Adds the ID of the block',
339 ' user - Adds the username of the blocked user',
340 ' userid - Adds the user ID of the blocked user',
341 ' by - Adds the username of the blocking user',
342 ' byid - Adds the user ID of the blocking user',
343 ' timestamp - Adds the timestamp of when the block was given',
344 ' expiry - Adds the timestamp of when the block expires',
345 ' reason - Adds the reason given for the block',
346 ' range - Adds the range of IPs affected by the block',
347 ' flags - Tags the ban with (autoblock, anononly, etc)',
348 ),
349 'show' => array(
350 'Show only items that meet this criteria.',
351 "For example, to see only indefinite blocks on IPs, set {$p}show=ip|!temp"
352 ),
353 );
354 }
355
356 public function getResultProperties() {
357 return array(
358 'id' => array(
359 'id' => 'integer'
360 ),
361 'user' => array(
362 'user' => array(
363 ApiBase::PROP_TYPE => 'string',
364 ApiBase::PROP_NULLABLE => true
365 )
366 ),
367 'userid' => array(
368 'userid' => array(
369 ApiBase::PROP_TYPE => 'integer',
370 ApiBase::PROP_NULLABLE => true
371 )
372 ),
373 'by' => array(
374 'by' => 'string'
375 ),
376 'byid' => array(
377 'byid' => 'integer'
378 ),
379 'timestamp' => array(
380 'timestamp' => 'timestamp'
381 ),
382 'expiry' => array(
383 'expiry' => 'timestamp'
384 ),
385 'reason' => array(
386 'reason' => 'string'
387 ),
388 'range' => array(
389 'rangestart' => array(
390 ApiBase::PROP_TYPE => 'string',
391 ApiBase::PROP_NULLABLE => true
392 ),
393 'rangeend' => array(
394 ApiBase::PROP_TYPE => 'string',
395 ApiBase::PROP_NULLABLE => true
396 )
397 ),
398 'flags' => array(
399 'automatic' => 'boolean',
400 'anononly' => 'boolean',
401 'nocreate' => 'boolean',
402 'autoblock' => 'boolean',
403 'noemail' => 'boolean',
404 'hidden' => 'boolean',
405 'allowusertalk' => 'boolean'
406 )
407 );
408 }
409
410 public function getDescription() {
411 return 'List all blocked users and IP addresses.';
412 }
413
414 public function getPossibleErrors() {
415 global $wgBlockCIDRLimit;
416
417 return array_merge( parent::getPossibleErrors(),
418 $this->getRequireMaxOneParameterErrorMessages( array( 'users', 'ip' ) ),
419 array(
420 array(
421 'code' => 'cidrtoobroad',
422 'info' => "IPv4 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv4']} are not accepted"
423 ),
424 array(
425 'code' => 'cidrtoobroad',
426 'info' => "IPv6 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv6']} are not accepted"
427 ),
428 array( 'code' => 'param_ip', 'info' => 'IP parameter is not valid' ),
429 array( 'code' => 'param_user', 'info' => 'User parameter may not be empty' ),
430 array( 'code' => 'param_user', 'info' => 'User name user is not valid' ),
431 array( 'show' ),
432 )
433 );
434 }
435
436 public function getExamples() {
437 return array(
438 'api.php?action=query&list=blocks',
439 'api.php?action=query&list=blocks&bkusers=Alice|Bob'
440 );
441 }
442
443 public function getHelpUrls() {
444 return 'https://www.mediawiki.org/wiki/API:Blocks';
445 }
446 }
Wiklou, le Wiki du Wiklou