includes/api/ApiUnblock.php

   1 <?php
   2 /**
   3  * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  */
  22
  23 /**
  24  * API module that facilitates the unblocking of users. Requires API write mode
  25  * to be enabled.
  26  *
  27  * @ingroup API
  28  */
  29 class ApiUnblock extends ApiBase {
  30
  31         use ApiBlockInfoTrait;
  32
  33         /**
  34          * Unblocks the specified user or provides the reason the unblock failed.
  35          */
  36         public function execute() {
  37                 $user = $this->getUser();
  38                 $params = $this->extractRequestParams();
  39
  40                 $this->requireOnlyOneParameter( $params, 'id', 'user', 'userid' );
  41
  42                 if ( !$user->isAllowed( 'block' ) ) {
  43                         $this->dieWithError( 'apierror-permissiondenied-unblock', 'permissiondenied' );
  44                 }
  45                 # T17810: blocked admins should have limited access here
  46                 $block = $user->getBlock();
  47                 if ( $block ) {
  48                         $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
  49                         if ( $status !== true ) {
  50                                 $this->dieWithError(
  51                                         $status,
  52                                         null,
  53                                         [ 'blockinfo' => $this->getBlockInfo( $block ) ]
  54                                 );
  55                         }
  56                 }
  57
  58                 // Check if user can add tags
  59                 if ( !is_null( $params['tags'] ) ) {
  60                         $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
  61                         if ( !$ableToTag->isOK() ) {
  62                                 $this->dieStatus( $ableToTag );
  63                         }
  64                 }
  65
  66                 if ( $params['userid'] !== null ) {
  67                         $username = User::whoIs( $params['userid'] );
  68
  69                         if ( $username === false ) {
  70                                 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
  71                         } else {
  72                                 $params['user'] = $username;
  73                         }
  74                 }
  75
  76                 $data = [
  77                         'Target' => is_null( $params['id'] ) ? $params['user'] : "#{$params['id']}",
  78                         'Reason' => $params['reason'],
  79                         'Tags' => $params['tags']
  80                 ];
  81                 $block = Block::newFromTarget( $data['Target'] );
  82                 $retval = SpecialUnblock::processUnblock( $data, $this->getContext() );
  83                 if ( $retval !== true ) {
  84                         $this->dieStatus( $this->errorArrayToStatus( $retval ) );
  85                 }
  86
  87                 $res['id'] = $block->getId();
  88                 $target = $block->getType() == Block::TYPE_AUTO ? '' : $block->getTarget();
  89                 $res['user'] = $target instanceof User ? $target->getName() : $target;
  90                 $res['userid'] = $target instanceof User ? $target->getId() : 0;
  91                 $res['reason'] = $params['reason'];
  92                 $this->getResult()->addValue( null, $this->getModuleName(), $res );
  93         }
  94
  95         public function mustBePosted() {
  96                 return true;
  97         }
  98
  99         public function isWriteMode() {
 100                 return true;
 101         }
 102
 103         public function getAllowedParams() {
 104                 return [
 105                         'id' => [
 106                                 ApiBase::PARAM_TYPE => 'integer',
 107                         ],
 108                         'user' => null,
 109                         'userid' => [
 110                                 ApiBase::PARAM_TYPE => 'integer'
 111                         ],
 112                         'reason' => '',
 113                         'tags' => [
 114                                 ApiBase::PARAM_TYPE => 'tags',
 115                                 ApiBase::PARAM_ISMULTI => true,
 116                         ],
 117                 ];
 118         }
 119
 120         public function needsToken() {
 121                 return 'csrf';
 122         }
 123
 124         protected function getExamplesMessages() {
 125                 return [
 126                         'action=unblock&id=105'
 127                                 => 'apihelp-unblock-example-id',
 128                         'action=unblock&user=Bob&reason=Sorry%20Bob'
 129                                 => 'apihelp-unblock-example-user',
 130                 ];
 131         }
 132
 133         public function getHelpUrls() {
 134                 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
 135         }
 136 }