dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "mw.widgets.CalendarWidget: Tweak hover styling after OOUI changes"
[lhc/web/wiklou.git] / includes / api / ApiBlock.php
1 <?php
2 /**
3 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 use MediaWiki\Block\DatabaseBlock;
24
25 /**
26 * API module that facilitates the blocking of users. Requires API write mode
27 * to be enabled.
28 *
29 * @ingroup API
30 */
31 class ApiBlock extends ApiBase {
32
33 use ApiBlockInfoTrait;
34
35 /**
36 * Blocks the user specified in the parameters for the given expiry, with the
37 * given reason, and with all other settings provided in the params. If the block
38 * succeeds, produces a result containing the details of the block and notice
39 * of success. If it fails, the result will specify the nature of the error.
40 */
41 public function execute() {
42 $this->checkUserRightsAny( 'block' );
43
44 $user = $this->getUser();
45 $params = $this->extractRequestParams();
46
47 $this->requireOnlyOneParameter( $params, 'user', 'userid' );
48
49 # T17810: blocked admins should have limited access here
50 $block = $user->getBlock();
51 if ( $block ) {
52 $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
53 if ( $status !== true ) {
54 $this->dieWithError(
55 $status,
56 null,
57 [ 'blockinfo' => $this->getBlockDetails( $block ) ]
58 );
59 }
60 }
61
62 $editingRestriction = 'sitewide';
63 $pageRestrictions = '';
64 $namespaceRestrictions = '';
65 if ( $this->getConfig()->get( 'EnablePartialBlocks' ) ) {
66 if ( $params['partial'] ) {
67 $editingRestriction = 'partial';
68 }
69
70 $pageRestrictions = implode( "\n", (array)$params['pagerestrictions'] );
71 $namespaceRestrictions = implode( "\n", (array)$params['namespacerestrictions'] );
72 }
73
74 if ( $params['userid'] !== null ) {
75 $username = User::whoIs( $params['userid'] );
76
77 if ( $username === false ) {
78 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
79 } else {
80 $params['user'] = $username;
81 }
82 } else {
83 list( $target, $type ) = SpecialBlock::getTargetAndType( $params['user'] );
84
85 // T40633 - if the target is a user (not an IP address), but it
86 // doesn't exist or is unusable, error.
87 if ( $type === DatabaseBlock::TYPE_USER &&
88 ( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $params['user'] ) )
89 ) {
90 $this->dieWithError( [ 'nosuchusershort', $params['user'] ], 'nosuchuser' );
91 }
92 }
93
94 if ( $params['tags'] ) {
95 $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
96 if ( !$ableToTag->isOK() ) {
97 $this->dieStatus( $ableToTag );
98 }
99 }
100
101 if ( $params['hidename'] &&
102 !$this->getPermissionManager()->userHasRight( $user, 'hideuser' ) ) {
103 $this->dieWithError( 'apierror-canthide' );
104 }
105 if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
106 $this->dieWithError( 'apierror-cantblock-email' );
107 }
108
109 $data = [
110 'PreviousTarget' => $params['user'],
111 'Target' => $params['user'],
112 'Reason' => [
113 $params['reason'],
114 'other',
115 $params['reason']
116 ],
117 'Expiry' => $params['expiry'],
118 'HardBlock' => !$params['anononly'],
119 'CreateAccount' => $params['nocreate'],
120 'AutoBlock' => $params['autoblock'],
121 'DisableEmail' => $params['noemail'],
122 'HideUser' => $params['hidename'],
123 'DisableUTEdit' => !$params['allowusertalk'],
124 'Reblock' => $params['reblock'],
125 'Watch' => $params['watchuser'],
126 'Confirm' => true,
127 'Tags' => $params['tags'],
128 'EditingRestriction' => $editingRestriction,
129 'PageRestrictions' => $pageRestrictions,
130 'NamespaceRestrictions' => $namespaceRestrictions,
131 ];
132
133 $status = SpecialBlock::validateTarget( $params['user'], $user );
134 if ( !$status->isOK() ) {
135 $this->dieStatus( $status );
136 }
137
138 $retval = SpecialBlock::processForm( $data, $this->getContext() );
139 if ( $retval !== true ) {
140 $this->dieStatus( $this->errorArrayToStatus( $retval ) );
141 }
142
143 list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
144 $res['user'] = $params['user'];
145 $res['userID'] = $target instanceof User ? $target->getId() : 0;
146
147 $block = DatabaseBlock::newFromTarget( $target, null, true );
148 if ( $block instanceof DatabaseBlock ) {
149 $res['expiry'] = ApiResult::formatExpiry( $block->getExpiry(), 'infinite' );
150 $res['id'] = $block->getId();
151 } else {
152 # should be unreachable
153 $res['expiry'] = ''; // @codeCoverageIgnore
154 $res['id'] = ''; // @codeCoverageIgnore
155 }
156
157 $res['reason'] = $params['reason'];
158 $res['anononly'] = $params['anononly'];
159 $res['nocreate'] = $params['nocreate'];
160 $res['autoblock'] = $params['autoblock'];
161 $res['noemail'] = $params['noemail'];
162 $res['hidename'] = $params['hidename'];
163 $res['allowusertalk'] = $params['allowusertalk'];
164 $res['watchuser'] = $params['watchuser'];
165
166 if ( $this->getConfig()->get( 'EnablePartialBlocks' ) ) {
167 $res['partial'] = $params['partial'];
168 $res['pagerestrictions'] = $params['pagerestrictions'];
169 $res['namespacerestrictions'] = $params['namespacerestrictions'];
170 }
171
172 $this->getResult()->addValue( null, $this->getModuleName(), $res );
173 }
174
175 public function mustBePosted() {
176 return true;
177 }
178
179 public function isWriteMode() {
180 return true;
181 }
182
183 public function getAllowedParams() {
184 $params = [
185 'user' => [
186 ApiBase::PARAM_TYPE => 'user',
187 ],
188 'userid' => [
189 ApiBase::PARAM_TYPE => 'integer',
190 ],
191 'expiry' => 'never',
192 'reason' => '',
193 'anononly' => false,
194 'nocreate' => false,
195 'autoblock' => false,
196 'noemail' => false,
197 'hidename' => false,
198 'allowusertalk' => false,
199 'reblock' => false,
200 'watchuser' => false,
201 'tags' => [
202 ApiBase::PARAM_TYPE => 'tags',
203 ApiBase::PARAM_ISMULTI => true,
204 ],
205 ];
206
207 if ( $this->getConfig()->get( 'EnablePartialBlocks' ) ) {
208 $params['partial'] = false;
209 $params['pagerestrictions'] = [
210 ApiBase::PARAM_ISMULTI => true,
211 ApiBase::PARAM_ISMULTI_LIMIT1 => 10,
212 ApiBase::PARAM_ISMULTI_LIMIT2 => 10,
213 ];
214 $params['namespacerestrictions'] = [
215 ApiBase::PARAM_ISMULTI => true,
216 ApiBase::PARAM_TYPE => 'namespace',
217 ];
218 }
219
220 return $params;
221 }
222
223 public function needsToken() {
224 return 'csrf';
225 }
226
227 protected function getExamplesMessages() {
228 // phpcs:disable Generic.Files.LineLength
229 return [
230 'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
231 => 'apihelp-block-example-ip-simple',
232 'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
233 => 'apihelp-block-example-user-complex',
234 ];
235 // phpcs:enable
236 }
237
238 public function getHelpUrls() {
239 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
240 }
241 }
Wiklou, le Wiki du Wiklou