includes/api/ApiUnblock.php

   1 <?php
   2 /**
   3  * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  */
  22
  23 use MediaWiki\Block\DatabaseBlock;
  24
  25 /**
  26  * API module that facilitates the unblocking of users. Requires API write mode
  27  * to be enabled.
  28  *
  29  * @ingroup API
  30  */
  31 class ApiUnblock extends ApiBase {
  32
  33         use ApiBlockInfoTrait;
  34
  35         /**
  36          * Unblocks the specified user or provides the reason the unblock failed.
  37          */
  38         public function execute() {
  39                 $user = $this->getUser();
  40                 $params = $this->extractRequestParams();
  41
  42                 $this->requireOnlyOneParameter( $params, 'id', 'user', 'userid' );
  43
  44                 if ( !$user->isAllowed( 'block' ) ) {
  45                         $this->dieWithError( 'apierror-permissiondenied-unblock', 'permissiondenied' );
  46                 }
  47                 # T17810: blocked admins should have limited access here
  48                 $block = $user->getBlock();
  49                 if ( $block ) {
  50                         $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
  51                         if ( $status !== true ) {
  52                                 $this->dieWithError(
  53                                         $status,
  54                                         null,
  55                                         [ 'blockinfo' => $this->getBlockDetails( $block ) ]
  56                                 );
  57                         }
  58                 }
  59
  60                 // Check if user can add tags
  61                 if ( !is_null( $params['tags'] ) ) {
  62                         $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
  63                         if ( !$ableToTag->isOK() ) {
  64                                 $this->dieStatus( $ableToTag );
  65                         }
  66                 }
  67
  68                 if ( $params['userid'] !== null ) {
  69                         $username = User::whoIs( $params['userid'] );
  70
  71                         if ( $username === false ) {
  72                                 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
  73                         } else {
  74                                 $params['user'] = $username;
  75                         }
  76                 }
  77
  78                 $data = [
  79                         'Target' => is_null( $params['id'] ) ? $params['user'] : "#{$params['id']}",
  80                         'Reason' => $params['reason'],
  81                         'Tags' => $params['tags']
  82                 ];
  83                 $block = DatabaseBlock::newFromTarget( $data['Target'] );
  84                 $retval = SpecialUnblock::processUnblock( $data, $this->getContext() );
  85                 if ( $retval !== true ) {
  86                         $this->dieStatus( $this->errorArrayToStatus( $retval ) );
  87                 }
  88
  89                 $res['id'] = $block->getId();
  90                 $target = $block->getType() == DatabaseBlock::TYPE_AUTO ? '' : $block->getTarget();
  91                 $res['user'] = $target instanceof User ? $target->getName() : $target;
  92                 $res['userid'] = $target instanceof User ? $target->getId() : 0;
  93                 $res['reason'] = $params['reason'];
  94                 $this->getResult()->addValue( null, $this->getModuleName(), $res );
  95         }
  96
  97         public function mustBePosted() {
  98                 return true;
  99         }
 100
 101         public function isWriteMode() {
 102                 return true;
 103         }
 104
 105         public function getAllowedParams() {
 106                 return [
 107                         'id' => [
 108                                 ApiBase::PARAM_TYPE => 'integer',
 109                         ],
 110                         'user' => null,
 111                         'userid' => [
 112                                 ApiBase::PARAM_TYPE => 'integer'
 113                         ],
 114                         'reason' => '',
 115                         'tags' => [
 116                                 ApiBase::PARAM_TYPE => 'tags',
 117                                 ApiBase::PARAM_ISMULTI => true,
 118                         ],
 119                 ];
 120         }
 121
 122         public function needsToken() {
 123                 return 'csrf';
 124         }
 125
 126         protected function getExamplesMessages() {
 127                 return [
 128                         'action=unblock&id=105'
 129                                 => 'apihelp-unblock-example-id',
 130                         'action=unblock&user=Bob&reason=Sorry%20Bob'
 131                                 => 'apihelp-unblock-example-user',
 132                 ];
 133         }
 134
 135         public function getHelpUrls() {
 136                 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
 137         }
 138 }