search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "docs: Fix typo"
[mediawiki.git] / includes / api / ApiUnblock.php
blob2dcbdc80b06503ecd16a6115382559d12551b2a3
1 <?php
2 /**
3 * Copyright © 2007 Roan Kattouw <roan.kattouw@gmail.com>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 namespace MediaWiki\Api;
24
25 use MediaWiki\Block\AbstractBlock;
26 use MediaWiki\Block\Block;
27 use MediaWiki\Block\BlockPermissionCheckerFactory;
28 use MediaWiki\Block\DatabaseBlockStore;
29 use MediaWiki\Block\UnblockUserFactory;
30 use MediaWiki\MainConfigNames;
31 use MediaWiki\ParamValidator\TypeDef\UserDef;
32 use MediaWiki\Title\Title;
33 use MediaWiki\User\Options\UserOptionsLookup;
34 use MediaWiki\User\UserIdentityLookup;
35 use MediaWiki\Watchlist\WatchedItemStoreInterface;
36 use MediaWiki\Watchlist\WatchlistManager;
37 use Wikimedia\ParamValidator\ParamValidator;
38 use Wikimedia\ParamValidator\TypeDef\ExpiryDef;
39
40 /**
41 * API module that facilitates the unblocking of users. Requires API write mode
42 * to be enabled.
43 *
44 * @ingroup API
45 */
46 class ApiUnblock extends ApiBase {
47
48 use ApiBlockInfoTrait;
49 use ApiWatchlistTrait;
50
51 private BlockPermissionCheckerFactory $permissionCheckerFactory;
52 private UnblockUserFactory $unblockUserFactory;
53 private UserIdentityLookup $userIdentityLookup;
54 private WatchedItemStoreInterface $watchedItemStore;
55 private DatabaseBlockStore $blockStore;
56
57 public function __construct(
58 ApiMain $main,
59 string $action,
60 BlockPermissionCheckerFactory $permissionCheckerFactory,
61 UnblockUserFactory $unblockUserFactory,
62 UserIdentityLookup $userIdentityLookup,
63 WatchedItemStoreInterface $watchedItemStore,
64 WatchlistManager $watchlistManager,
65 UserOptionsLookup $userOptionsLookup,
66 DatabaseBlockStore $blockStore
67 ) {
68 parent::__construct( $main, $action );
69
70 $this->permissionCheckerFactory = $permissionCheckerFactory;
71 $this->unblockUserFactory = $unblockUserFactory;
72 $this->userIdentityLookup = $userIdentityLookup;
73 $this->watchedItemStore = $watchedItemStore;
74
75 // Variables needed in ApiWatchlistTrait trait
76 $this->watchlistExpiryEnabled = $this->getConfig()->get( MainConfigNames::WatchlistExpiry );
77 $this->watchlistMaxDuration =
78 $this->getConfig()->get( MainConfigNames::WatchlistExpiryMaxDuration );
79 $this->watchlistManager = $watchlistManager;
80 $this->userOptionsLookup = $userOptionsLookup;
81 $this->blockStore = $blockStore;
82 }
83
84 /**
85 * Unblocks the specified user or provides the reason the unblock failed.
86 */
87 public function execute() {
88 $performer = $this->getUser();
89 $params = $this->extractRequestParams();
90
91 $this->requireOnlyOneParameter( $params, 'id', 'user', 'userid' );
92
93 if ( !$this->getAuthority()->isAllowed( 'block' ) ) {
94 $this->dieWithError( 'apierror-permissiondenied-unblock', 'permissiondenied' );
95 }
96
97 if ( $params['userid'] !== null ) {
98 $identity = $this->userIdentityLookup->getUserIdentityByUserId( $params['userid'] );
99 if ( !$identity ) {
100 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
101 }
102 $params['user'] = $identity->getName();
103 }
104
105 $blockToRemove = null;
106 if ( $params['id'] !== null ) {
107 $blockToRemove = $this->blockStore->newFromID( $params['id'], true );
108 if ( !$blockToRemove ) {
109 $this->dieWithError(
110 [ 'apierror-nosuchblockid', $params['id'] ],
111 'nosuchblockid' );
112 }
113
114 if ( $blockToRemove->getType() === AbstractBlock::TYPE_AUTO ) {
115 $target = '#' . $params['id'];
116 } else {
117 $target = $blockToRemove->getTargetName();
118 }
119 } else {
120 $target = $params['user'];
121 }
122
123 # T17810: blocked admins should have limited access here
124 $status = $this->permissionCheckerFactory
125 ->newBlockPermissionChecker(
126 $target,
127 $this->getAuthority()
128 )->checkBlockPermissions();
129
130 if ( $status !== true ) {
131 $this->dieWithError(
132 $status,
133 null,
134 // @phan-suppress-next-line PhanTypeMismatchArgumentNullable Block is checked and not null
135 [ 'blockinfo' => $this->getBlockDetails( $performer->getBlock() ) ]
136 );
137 }
138
139 if ( $blockToRemove !== null ) {
140 $status = $this->unblockUserFactory->newRemoveBlock(
141 $blockToRemove,
142 $this->getAuthority(),
143 $params['reason'],
144 $params['tags'] ?? []
145 )->unblock();
146 } else {
147 $status = $this->unblockUserFactory->newUnblockUser(
148 $target,
149 $this->getAuthority(),
150 $params['reason'],
151 $params['tags'] ?? []
152 )->unblock();
153 }
154
155 if ( !$status->isOK() ) {
156 $this->dieStatus( $status );
157 }
158
159 $block = $status->getValue();
160 $targetType = $block->getType();
161 $targetName = $targetType === Block::TYPE_AUTO ? '' : $block->getTargetName();
162 $targetUserId = $block->getTargetUserIdentity() ? $block->getTargetUserIdentity()->getId() : 0;
163
164 $watchlistExpiry = $this->getExpiryFromParams( $params );
165 $watchuser = $params['watchuser'];
166 $userPage = Title::makeTitle( NS_USER, $targetName );
167 if ( $watchuser && $targetType !== Block::TYPE_RANGE && $targetType !== Block::TYPE_AUTO ) {
168 $this->setWatch( 'watch', $userPage, $this->getUser(), null, $watchlistExpiry );
169 } else {
170 $watchuser = false;
171 $watchlistExpiry = null;
172 }
173
174 $res = [
175 'id' => $block->getId(),
176 'user' => $targetName,
177 'userid' => $targetUserId,
178 'reason' => $params['reason'],
179 'watchuser' => $watchuser,
180 ];
181
182 if ( $watchlistExpiry !== null ) {
183 $res['watchlistexpiry'] = $this->getWatchlistExpiry(
184 $this->watchedItemStore,
185 $userPage,
186 $this->getUser()
187 );
188 }
189
190 $this->getResult()->addValue( null, $this->getModuleName(), $res );
191 }
192
193 public function mustBePosted() {
194 return true;
195 }
196
197 public function isWriteMode() {
198 return true;
199 }
200
201 public function getAllowedParams() {
202 $params = [
203 'id' => [
204 ParamValidator::PARAM_TYPE => 'integer',
205 ],
206 'user' => [
207 ParamValidator::PARAM_TYPE => 'user',
208 UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'ip', 'temp', 'cidr', 'id' ],
209 ],
210 'userid' => [
211 ParamValidator::PARAM_TYPE => 'integer',
212 ParamValidator::PARAM_DEPRECATED => true,
213 ],
214 'reason' => '',
215 'tags' => [
216 ParamValidator::PARAM_TYPE => 'tags',
217 ParamValidator::PARAM_ISMULTI => true,
218 ],
219 'watchuser' => false,
220 ];
221
222 // Params appear in the docs in the order they are defined,
223 // which is why this is here and not at the bottom.
224 // @todo Find better way to support insertion at arbitrary position
225 if ( $this->watchlistExpiryEnabled ) {
226 $params += [
227 'watchlistexpiry' => [
228 ParamValidator::PARAM_TYPE => 'expiry',
229 ExpiryDef::PARAM_MAX => $this->watchlistMaxDuration,
230 ExpiryDef::PARAM_USE_MAX => true,
231 ]
232 ];
233 }
234
235 return $params;
236 }
237
238 public function needsToken() {
239 return 'csrf';
240 }
241
242 protected function getExamplesMessages() {
243 return [
244 'action=unblock&id=105'
245 => 'apihelp-unblock-example-id',
246 'action=unblock&user=Bob&reason=Sorry%20Bob'
247 => 'apihelp-unblock-example-user',
248 ];
249 }
250
251 public function getHelpUrls() {
252 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
253 }
254 }
255
256 /** @deprecated class alias since 1.43 */
257 class_alias( ApiUnblock::class, 'ApiUnblock' );
MediaWiki Core