search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Special:Upload should not crash on failing previews"
[mediawiki.git] / includes / api / ApiQueryBlocks.php
blob004086059c33138fc6e7acd329a8941a0d91f67d
1 <?php
2 /**
3 *
4 *
5 * Created on Sep 10, 2007
6 *
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 *
24 * @file
25 */
26
27 /**
28 * Query module to enumerate all user blocks
29 *
30 * @ingroup API
31 */
32 class ApiQueryBlocks extends ApiQueryBase {
33
34 public function __construct( ApiQuery $query, $moduleName ) {
35 parent::__construct( $query, $moduleName, 'bk' );
36 }
37
38 public function execute() {
39 $db = $this->getDB();
40 $params = $this->extractRequestParams();
41 $this->requireMaxOneParameter( $params, 'users', 'ip' );
42
43 $prop = array_flip( $params['prop'] );
44 $fld_id = isset( $prop['id'] );
45 $fld_user = isset( $prop['user'] );
46 $fld_userid = isset( $prop['userid'] );
47 $fld_by = isset( $prop['by'] );
48 $fld_byid = isset( $prop['byid'] );
49 $fld_timestamp = isset( $prop['timestamp'] );
50 $fld_expiry = isset( $prop['expiry'] );
51 $fld_reason = isset( $prop['reason'] );
52 $fld_range = isset( $prop['range'] );
53 $fld_flags = isset( $prop['flags'] );
54
55 $result = $this->getResult();
56
57 $this->addTables( 'ipblocks' );
58 $this->addFields( [ 'ipb_auto', 'ipb_id', 'ipb_timestamp' ] );
59
60 $this->addFieldsIf( [ 'ipb_address', 'ipb_user' ], $fld_user || $fld_userid );
61 $this->addFieldsIf( 'ipb_by_text', $fld_by );
62 $this->addFieldsIf( 'ipb_by', $fld_byid );
63 $this->addFieldsIf( 'ipb_expiry', $fld_expiry );
64 $this->addFieldsIf( 'ipb_reason', $fld_reason );
65 $this->addFieldsIf( [ 'ipb_range_start', 'ipb_range_end' ], $fld_range );
66 $this->addFieldsIf( [ 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock',
67 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk' ],
68 $fld_flags );
69
70 $this->addOption( 'LIMIT', $params['limit'] + 1 );
71 $this->addTimestampWhereRange(
72 'ipb_timestamp',
73 $params['dir'],
74 $params['start'],
75 $params['end']
76 );
77 // Include in ORDER BY for uniqueness
78 $this->addWhereRange( 'ipb_id', $params['dir'], null, null );
79
80 if ( !is_null( $params['continue'] ) ) {
81 $cont = explode( '|', $params['continue'] );
82 $this->dieContinueUsageIf( count( $cont ) != 2 );
83 $op = ( $params['dir'] == 'newer' ? '>' : '<' );
84 $continueTimestamp = $db->addQuotes( $db->timestamp( $cont[0] ) );
85 $continueId = (int)$cont[1];
86 $this->dieContinueUsageIf( $continueId != $cont[1] );
87 $this->addWhere( "ipb_timestamp $op $continueTimestamp OR " .
88 "(ipb_timestamp = $continueTimestamp AND " .
89 "ipb_id $op= $continueId)"
90 );
91 }
92
93 if ( isset( $params['ids'] ) ) {
94 $this->addWhereFld( 'ipb_id', $params['ids'] );
95 }
96 if ( isset( $params['users'] ) ) {
97 $usernames = [];
98 foreach ( (array)$params['users'] as $u ) {
99 $usernames[] = $this->prepareUsername( $u );
100 }
101 $this->addWhereFld( 'ipb_address', $usernames );
102 $this->addWhereFld( 'ipb_auto', 0 );
103 }
104 if ( isset( $params['ip'] ) ) {
105 $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
106 if ( IP::isIPv4( $params['ip'] ) ) {
107 $type = 'IPv4';
108 $cidrLimit = $blockCIDRLimit['IPv4'];
109 $prefixLen = 0;
110 } elseif ( IP::isIPv6( $params['ip'] ) ) {
111 $type = 'IPv6';
112 $cidrLimit = $blockCIDRLimit['IPv6'];
113 $prefixLen = 3; // IP::toHex output is prefixed with "v6-"
114 } else {
115 $this->dieWithError( 'apierror-badip', 'param_ip' );
116 }
117
118 # Check range validity, if it's a CIDR
119 list( $ip, $range ) = IP::parseCIDR( $params['ip'] );
120 if ( $ip !== false && $range !== false && $range < $cidrLimit ) {
121 $this->dieWithError( [ 'apierror-cidrtoobroad', $type, $cidrLimit ] );
122 }
123
124 # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here.
125 list( $lower, $upper ) = IP::parseRange( $params['ip'] );
126
127 # Extract the common prefix to any rangeblock affecting this IP/CIDR
128 $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) );
129
130 # Fairly hard to make a malicious SQL statement out of hex characters,
131 # but it is good practice to add quotes
132 $lower = $db->addQuotes( $lower );
133 $upper = $db->addQuotes( $upper );
134
135 $this->addWhere( [
136 'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
137 'ipb_range_start <= ' . $lower,
138 'ipb_range_end >= ' . $upper,
139 'ipb_auto' => 0
140 ] );
141 }
142
143 if ( !is_null( $params['show'] ) ) {
144 $show = array_flip( $params['show'] );
145
146 /* Check for conflicting parameters. */
147 if ( ( isset( $show['account'] ) && isset( $show['!account'] ) )
148 || ( isset( $show['ip'] ) && isset( $show['!ip'] ) )
149 || ( isset( $show['range'] ) && isset( $show['!range'] ) )
150 || ( isset( $show['temp'] ) && isset( $show['!temp'] ) )
151 ) {
152 $this->dieWithError( 'apierror-show' );
153 }
154
155 $this->addWhereIf( 'ipb_user = 0', isset( $show['!account'] ) );
156 $this->addWhereIf( 'ipb_user != 0', isset( $show['account'] ) );
157 $this->addWhereIf( 'ipb_user != 0 OR ipb_range_end > ipb_range_start', isset( $show['!ip'] ) );
158 $this->addWhereIf( 'ipb_user = 0 AND ipb_range_end = ipb_range_start', isset( $show['ip'] ) );
159 $this->addWhereIf( 'ipb_expiry = ' .
160 $db->addQuotes( $db->getInfinity() ), isset( $show['!temp'] ) );
161 $this->addWhereIf( 'ipb_expiry != ' .
162 $db->addQuotes( $db->getInfinity() ), isset( $show['temp'] ) );
163 $this->addWhereIf( 'ipb_range_end = ipb_range_start', isset( $show['!range'] ) );
164 $this->addWhereIf( 'ipb_range_end > ipb_range_start', isset( $show['range'] ) );
165 }
166
167 if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
168 $this->addWhereFld( 'ipb_deleted', 0 );
169 }
170
171 # Filter out expired rows
172 $this->addWhere( 'ipb_expiry > ' . $db->addQuotes( $db->timestamp() ) );
173
174 $res = $this->select( __METHOD__ );
175
176 $count = 0;
177 foreach ( $res as $row ) {
178 if ( ++$count > $params['limit'] ) {
179 // We've had enough
180 $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
181 break;
182 }
183 $block = [
184 ApiResult::META_TYPE => 'assoc',
185 ];
186 if ( $fld_id ) {
187 $block['id'] = (int)$row->ipb_id;
188 }
189 if ( $fld_user && !$row->ipb_auto ) {
190 $block['user'] = $row->ipb_address;
191 }
192 if ( $fld_userid && !$row->ipb_auto ) {
193 $block['userid'] = (int)$row->ipb_user;
194 }
195 if ( $fld_by ) {
196 $block['by'] = $row->ipb_by_text;
197 }
198 if ( $fld_byid ) {
199 $block['byid'] = (int)$row->ipb_by;
200 }
201 if ( $fld_timestamp ) {
202 $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
203 }
204 if ( $fld_expiry ) {
205 $block['expiry'] = ApiResult::formatExpiry( $row->ipb_expiry );
206 }
207 if ( $fld_reason ) {
208 $block['reason'] = $row->ipb_reason;
209 }
210 if ( $fld_range && !$row->ipb_auto ) {
211 $block['rangestart'] = IP::formatHex( $row->ipb_range_start );
212 $block['rangeend'] = IP::formatHex( $row->ipb_range_end );
213 }
214 if ( $fld_flags ) {
215 // For clarity, these flags use the same names as their action=block counterparts
216 $block['automatic'] = (bool)$row->ipb_auto;
217 $block['anononly'] = (bool)$row->ipb_anon_only;
218 $block['nocreate'] = (bool)$row->ipb_create_account;
219 $block['autoblock'] = (bool)$row->ipb_enable_autoblock;
220 $block['noemail'] = (bool)$row->ipb_block_email;
221 $block['hidden'] = (bool)$row->ipb_deleted;
222 $block['allowusertalk'] = (bool)$row->ipb_allow_usertalk;
223 }
224 $fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $block );
225 if ( !$fit ) {
226 $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
227 break;
228 }
229 }
230 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'block' );
231 }
232
233 protected function prepareUsername( $user ) {
234 if ( !$user ) {
235 $encParamName = $this->encodeParamName( 'users' );
236 $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
237 "baduser_{$encParamName}"
238 );
239 }
240 $name = User::isIP( $user )
241 ? $user
242 : User::getCanonicalName( $user, 'valid' );
243 if ( $name === false ) {
244 $encParamName = $this->encodeParamName( 'users' );
245 $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
246 "baduser_{$encParamName}"
247 );
248 }
249 return $name;
250 }
251
252 public function getAllowedParams() {
253 $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
254
255 return [
256 'start' => [
257 ApiBase::PARAM_TYPE => 'timestamp'
258 ],
259 'end' => [
260 ApiBase::PARAM_TYPE => 'timestamp',
261 ],
262 'dir' => [
263 ApiBase::PARAM_TYPE => [
264 'newer',
265 'older'
266 ],
267 ApiBase::PARAM_DFLT => 'older',
268 ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
269 ],
270 'ids' => [
271 ApiBase::PARAM_TYPE => 'integer',
272 ApiBase::PARAM_ISMULTI => true
273 ],
274 'users' => [
275 ApiBase::PARAM_TYPE => 'user',
276 ApiBase::PARAM_ISMULTI => true
277 ],
278 'ip' => [
279 ApiBase::PARAM_HELP_MSG => [
280 'apihelp-query+blocks-param-ip',
281 $blockCIDRLimit['IPv4'],
282 $blockCIDRLimit['IPv6'],
283 ],
284 ],
285 'limit' => [
286 ApiBase::PARAM_DFLT => 10,
287 ApiBase::PARAM_TYPE => 'limit',
288 ApiBase::PARAM_MIN => 1,
289 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
290 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
291 ],
292 'prop' => [
293 ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
294 ApiBase::PARAM_TYPE => [
295 'id',
296 'user',
297 'userid',
298 'by',
299 'byid',
300 'timestamp',
301 'expiry',
302 'reason',
303 'range',
304 'flags'
305 ],
306 ApiBase::PARAM_ISMULTI => true,
307 ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
308 ],
309 'show' => [
310 ApiBase::PARAM_TYPE => [
311 'account',
312 '!account',
313 'temp',
314 '!temp',
315 'ip',
316 '!ip',
317 'range',
318 '!range',
319 ],
320 ApiBase::PARAM_ISMULTI => true
321 ],
322 'continue' => [
323 ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
324 ],
325 ];
326 }
327
328 protected function getExamplesMessages() {
329 return [
330 'action=query&list=blocks'
331 => 'apihelp-query+blocks-example-simple',
332 'action=query&list=blocks&bkusers=Alice|Bob'
333 => 'apihelp-query+blocks-example-users',
334 ];
335 }
336
337 public function getHelpUrls() {
338 return 'https://www.mediawiki.org/wiki/API:Blocks';
339 }
340 }
MediaWiki Core