X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2Fapi%2FApiTag.php;h=f2b52cd33ae8daf40c1b95a89b482c79a36ef097;hp=aff01830e063e155783a88fe27a9a363f0c01dee;hb=82bd6b026ef6ecb7f2fe15acaa40c608680dfff1;hpb=3b0ff76e9563039f45ad34b01b81576142e150c3

diff --git a/includes/api/ApiTag.php b/includes/api/ApiTag.php
index aff01830e0..f2b52cd33a 100644
--- a/includes/api/ApiTag.php
+++ b/includes/api/ApiTag.php
@@ -20,7 +20,6 @@
  */
 
 use MediaWiki\MediaWikiServices;
-use MediaWiki\Revision\RevisionStore;
 
 /**
  * @ingroup API
@@ -28,7 +27,9 @@ use MediaWiki\Revision\RevisionStore;
  */
 class ApiTag extends ApiBase {
 
-	/** @var RevisionStore */
+	use ApiBlockInfoTrait;
+
+	/** @var \MediaWiki\Revision\RevisionStore */
 	private $revisionStore;
 
 	public function execute() {
@@ -40,9 +41,9 @@ class ApiTag extends ApiBase {
 		// make sure the user is allowed
 		$this->checkUserRightsAny( 'changetags' );
 
-		// @TODO Use PermissionManager::isBlockedFrom() instead.
+		// Fail early if the user is sitewide blocked.
 		$block = $user->getBlock();
-		if ( $block ) {
+		if ( $block && $block->isSitewide() ) {
 			$this->dieBlocked( $block );
 		}
 
@@ -85,6 +86,7 @@ class ApiTag extends ApiBase {
 	}
 
 	protected function processIndividual( $type, $params, $id ) {
+		$user = $this->getUser();
 		$idResult = [ $type => $id ];
 
 		// validate the ID
@@ -92,9 +94,32 @@ class ApiTag extends ApiBase {
 		switch ( $type ) {
 			case 'rcid':
 				$valid = RecentChange::newFromId( $id );
+				if ( $valid && $this->getPermissionManager()->isBlockedFrom( $user, $valid->getTitle() ) ) {
+					$idResult['status'] = 'error';
+					// @phan-suppress-next-line PhanTypeMismatchArgument
+					$idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+						'apierror-blocked',
+						'blocked',
+						[ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+					) );
+					return $idResult;
+				}
 				break;
 			case 'revid':
 				$valid = $this->revisionStore->getRevisionById( $id );
+				if (
+					$valid &&
+					$this->getPermissionManager()->isBlockedFrom( $user, $valid->getPageAsLinkTarget() )
+				) {
+					$idResult['status'] = 'error';
+					// @phan-suppress-next-line PhanTypeMismatchArgument
+					$idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+							'apierror-blocked',
+							'blocked',
+							[ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+					) );
+					return $idResult;
+				}
 				break;
 			case 'logid':
 				$valid = self::validateLogId( $id );