Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / api / ApiBlock.php
blobab0a7e9627a823e928cee30e4ec908ad2cbf03b8
1 <?php
2 /**
5 * Created on Sep 4, 2007
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
24 * @file
27 /**
28 * API module that facilitates the blocking of users. Requires API write mode
29 * to be enabled.
31 * @ingroup API
33 class ApiBlock extends ApiBase {
35 /**
36 * Blocks the user specified in the parameters for the given expiry, with the
37 * given reason, and with all other settings provided in the params. If the block
38 * succeeds, produces a result containing the details of the block and notice
39 * of success. If it fails, the result will specify the nature of the error.
41 public function execute() {
42 $user = $this->getUser();
43 $params = $this->extractRequestParams();
45 if ( $params['gettoken'] ) {
46 $res['blocktoken'] = $user->getEditToken();
47 $this->getResult()->addValue( null, $this->getModuleName(), $res );
48 return;
51 if ( !$user->isAllowed( 'block' ) ) {
52 $this->dieUsageMsg( 'cantblock' );
55 # bug 15810: blocked admins should have limited access here
56 if ( $user->isBlocked() ) {
57 $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
58 if ( $status !== true ) {
59 $this->dieUsageMsg( array( $status ) );
63 $target = User::newFromName( $params['user'] );
64 // Bug 38633 - if the target is a user (not an IP address), but it doesn't exist or is unusable, error.
65 if ( $target instanceof User && ( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $target->getName() ) ) ) {
66 $this->dieUsageMsg( array( 'nosuchuser', $params['user'] ) );
69 if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
70 $this->dieUsageMsg( 'canthide' );
72 if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
73 $this->dieUsageMsg( 'cantblock-email' );
76 $data = array(
77 'PreviousTarget' => $params['user'],
78 'Target' => $params['user'],
79 'Reason' => array(
80 $params['reason'],
81 'other',
82 $params['reason']
84 'Expiry' => $params['expiry'] == 'never' ? 'infinite' : $params['expiry'],
85 'HardBlock' => !$params['anononly'],
86 'CreateAccount' => $params['nocreate'],
87 'AutoBlock' => $params['autoblock'],
88 'DisableEmail' => $params['noemail'],
89 'HideUser' => $params['hidename'],
90 'DisableUTEdit' => !$params['allowusertalk'],
91 'Reblock' => $params['reblock'],
92 'Watch' => $params['watchuser'],
93 'Confirm' => true,
96 $retval = SpecialBlock::processForm( $data, $this->getContext() );
97 if ( $retval !== true ) {
98 // We don't care about multiple errors, just report one of them
99 $this->dieUsageMsg( $retval );
102 list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
103 $res['user'] = $params['user'];
104 $res['userID'] = $target instanceof User ? $target->getId() : 0;
106 $block = Block::newFromTarget( $target );
107 if ( $block instanceof Block ) {
108 $res['expiry'] = $block->mExpiry == $this->getDB()->getInfinity()
109 ? 'infinite'
110 : wfTimestamp( TS_ISO_8601, $block->mExpiry );
111 $res['id'] = $block->getId();
112 } else {
113 # should be unreachable
114 $res['expiry'] = '';
115 $res['id'] = '';
118 $res['reason'] = $params['reason'];
119 if ( $params['anononly'] ) {
120 $res['anononly'] = '';
122 if ( $params['nocreate'] ) {
123 $res['nocreate'] = '';
125 if ( $params['autoblock'] ) {
126 $res['autoblock'] = '';
128 if ( $params['noemail'] ) {
129 $res['noemail'] = '';
131 if ( $params['hidename'] ) {
132 $res['hidename'] = '';
134 if ( $params['allowusertalk'] ) {
135 $res['allowusertalk'] = '';
137 if ( $params['watchuser'] ) {
138 $res['watchuser'] = '';
141 $this->getResult()->addValue( null, $this->getModuleName(), $res );
144 public function mustBePosted() {
145 return true;
148 public function isWriteMode() {
149 return true;
152 public function getAllowedParams() {
153 return array(
154 'user' => array(
155 ApiBase::PARAM_TYPE => 'string',
156 ApiBase::PARAM_REQUIRED => true
158 'token' => null,
159 'gettoken' => array(
160 ApiBase::PARAM_DFLT => false,
161 ApiBase::PARAM_DEPRECATED => true,
163 'expiry' => 'never',
164 'reason' => '',
165 'anononly' => false,
166 'nocreate' => false,
167 'autoblock' => false,
168 'noemail' => false,
169 'hidename' => false,
170 'allowusertalk' => false,
171 'reblock' => false,
172 'watchuser' => false,
176 public function getParamDescription() {
177 return array(
178 'user' => 'Username, IP address or IP range you want to block',
179 'token' => 'A block token previously obtained through prop=info',
180 'gettoken' => 'If set, a block token will be returned, and no other action will be taken',
181 'expiry' => 'Relative expiry time, e.g. \'5 months\' or \'2 weeks\'. If set to \'infinite\', \'indefinite\' or \'never\', the block will never expire.',
182 'reason' => 'Reason for block',
183 'anononly' => 'Block anonymous users only (i.e. disable anonymous edits for this IP)',
184 'nocreate' => 'Prevent account creation',
185 'autoblock' => 'Automatically block the last used IP address, and any subsequent IP addresses they try to login from',
186 'noemail' => 'Prevent user from sending email through the wiki. (Requires the "blockemail" right.)',
187 'hidename' => 'Hide the username from the block log. (Requires the "hideuser" right.)',
188 'allowusertalk' => 'Allow the user to edit their own talk page (depends on $wgBlockAllowsUTEdit)',
189 'reblock' => 'If the user is already blocked, overwrite the existing block',
190 'watchuser' => 'Watch the user/IP\'s user and talk pages',
194 public function getResultProperties() {
195 return array(
196 '' => array(
197 'blocktoken' => array(
198 ApiBase::PROP_TYPE => 'string',
199 ApiBase::PROP_NULLABLE => true
201 'user' => array(
202 ApiBase::PROP_TYPE => 'string',
203 ApiBase::PROP_NULLABLE => true
205 'userID' => array(
206 ApiBase::PROP_TYPE => 'integer',
207 ApiBase::PROP_NULLABLE => true
209 'expiry' => array(
210 ApiBase::PROP_TYPE => 'string',
211 ApiBase::PROP_NULLABLE => true
213 'id' => array(
214 ApiBase::PROP_TYPE => 'integer',
215 ApiBase::PROP_NULLABLE => true
217 'reason' => array(
218 ApiBase::PROP_TYPE => 'string',
219 ApiBase::PROP_NULLABLE => true
221 'anononly' => 'boolean',
222 'nocreate' => 'boolean',
223 'autoblock' => 'boolean',
224 'noemail' => 'boolean',
225 'hidename' => 'boolean',
226 'allowusertalk' => 'boolean',
227 'watchuser' => 'boolean'
232 public function getDescription() {
233 return 'Block a user';
236 public function getPossibleErrors() {
237 return array_merge( parent::getPossibleErrors(), array(
238 array( 'cantblock' ),
239 array( 'canthide' ),
240 array( 'cantblock-email' ),
241 array( 'ipbblocked' ),
242 array( 'ipbnounblockself' ),
243 ) );
246 public function needsToken() {
247 return true;
250 public function getTokenSalt() {
251 return '';
254 public function getExamples() {
255 return array(
256 'api.php?action=block&user=123.5.5.12&expiry=3%20days&reason=First%20strike',
257 'api.php?action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail='
261 public function getHelpUrls() {
262 return 'https://www.mediawiki.org/wiki/API:Block';