search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Special:Upload should not crash on failing previews"
[mediawiki.git] / includes / api / ApiBlock.php
blob58e3d1c58d2eb3217db570dd06d61bede0c2bebd
1 <?php
2 /**
3 *
4 *
5 * Created on Sep 4, 2007
6 *
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 *
24 * @file
25 */
26
27 /**
28 * API module that facilitates the blocking of users. Requires API write mode
29 * to be enabled.
30 *
31 * @ingroup API
32 */
33 class ApiBlock extends ApiBase {
34
35 /**
36 * Blocks the user specified in the parameters for the given expiry, with the
37 * given reason, and with all other settings provided in the params. If the block
38 * succeeds, produces a result containing the details of the block and notice
39 * of success. If it fails, the result will specify the nature of the error.
40 */
41 public function execute() {
42 $this->checkUserRightsAny( 'block' );
43
44 $user = $this->getUser();
45 $params = $this->extractRequestParams();
46
47 $this->requireOnlyOneParameter( $params, 'user', 'userid' );
48
49 # bug 15810: blocked admins should have limited access here
50 if ( $user->isBlocked() ) {
51 $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
52 if ( $status !== true ) {
53 $this->dieWithError(
54 $status,
55 null,
56 [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
57 );
58 }
59 }
60
61 if ( $params['userid'] !== null ) {
62 $username = User::whoIs( $params['userid'] );
63
64 if ( $username === false ) {
65 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
66 } else {
67 $params['user'] = $username;
68 }
69 } else {
70 $target = User::newFromName( $params['user'] );
71
72 // Bug 38633 - if the target is a user (not an IP address), but it
73 // doesn't exist or is unusable, error.
74 if ( $target instanceof User &&
75 ( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $target->getName() ) )
76 ) {
77 $this->dieWithError( [ 'nosuchusershort', $params['user'] ], 'nosuchuser' );
78 }
79 }
80
81 if ( $params['tags'] ) {
82 $ableToTag = ChangeTags::canAddTagsAccompanyingChange( $params['tags'], $user );
83 if ( !$ableToTag->isOK() ) {
84 $this->dieStatus( $ableToTag );
85 }
86 }
87
88 if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
89 $this->dieWithError( 'apierror-canthide' );
90 }
91 if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
92 $this->dieWithError( 'apierror-cantblock-email' );
93 }
94
95 $data = [
96 'PreviousTarget' => $params['user'],
97 'Target' => $params['user'],
98 'Reason' => [
99 $params['reason'],
100 'other',
101 $params['reason']
102 ],
103 'Expiry' => $params['expiry'],
104 'HardBlock' => !$params['anononly'],
105 'CreateAccount' => $params['nocreate'],
106 'AutoBlock' => $params['autoblock'],
107 'DisableEmail' => $params['noemail'],
108 'HideUser' => $params['hidename'],
109 'DisableUTEdit' => !$params['allowusertalk'],
110 'Reblock' => $params['reblock'],
111 'Watch' => $params['watchuser'],
112 'Confirm' => true,
113 'Tags' => $params['tags'],
114 ];
115
116 $retval = SpecialBlock::processForm( $data, $this->getContext() );
117 if ( $retval !== true ) {
118 $this->dieStatus( $this->errorArrayToStatus( $retval ) );
119 }
120
121 list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
122 $res['user'] = $params['user'];
123 $res['userID'] = $target instanceof User ? $target->getId() : 0;
124
125 $block = Block::newFromTarget( $target, null, true );
126 if ( $block instanceof Block ) {
127 $res['expiry'] = ApiResult::formatExpiry( $block->mExpiry, 'infinite' );
128 $res['id'] = $block->getId();
129 } else {
130 # should be unreachable
131 $res['expiry'] = '';
132 $res['id'] = '';
133 }
134
135 $res['reason'] = $params['reason'];
136 $res['anononly'] = $params['anononly'];
137 $res['nocreate'] = $params['nocreate'];
138 $res['autoblock'] = $params['autoblock'];
139 $res['noemail'] = $params['noemail'];
140 $res['hidename'] = $params['hidename'];
141 $res['allowusertalk'] = $params['allowusertalk'];
142 $res['watchuser'] = $params['watchuser'];
143
144 $this->getResult()->addValue( null, $this->getModuleName(), $res );
145 }
146
147 public function mustBePosted() {
148 return true;
149 }
150
151 public function isWriteMode() {
152 return true;
153 }
154
155 public function getAllowedParams() {
156 return [
157 'user' => [
158 ApiBase::PARAM_TYPE => 'user',
159 ],
160 'userid' => [
161 ApiBase::PARAM_TYPE => 'integer',
162 ],
163 'expiry' => 'never',
164 'reason' => '',
165 'anononly' => false,
166 'nocreate' => false,
167 'autoblock' => false,
168 'noemail' => false,
169 'hidename' => false,
170 'allowusertalk' => false,
171 'reblock' => false,
172 'watchuser' => false,
173 'tags' => [
174 ApiBase::PARAM_TYPE => 'tags',
175 ApiBase::PARAM_ISMULTI => true,
176 ],
177 ];
178 }
179
180 public function needsToken() {
181 return 'csrf';
182 }
183
184 protected function getExamplesMessages() {
185 // @codingStandardsIgnoreStart Generic.Files.LineLength
186 return [
187 'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
188 => 'apihelp-block-example-ip-simple',
189 'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
190 => 'apihelp-block-example-user-complex',
191 ];
192 // @codingStandardsIgnoreEnd
193 }
194
195 public function getHelpUrls() {
196 return 'https://www.mediawiki.org/wiki/API:Block';
197 }
198 }
MediaWiki Core