includes/api/ApiBlock.php

   1 <?php
   2 /**
   3  *
   4  *
   5  * Created on Sep 4, 2007
   6  *
   7  * Copyright © 2007 Roan Kattouw <Firstname>.<Lastname>@gmail.com
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  22  * http://www.gnu.org/copyleft/gpl.html
  23  *
  24  * @file
  25  */
  26
  27 if ( !defined( 'MEDIAWIKI' ) ) {
  28         // Eclipse helper - will be ignored in production
  29         require_once( "ApiBase.php" );
  30 }
  31
  32 /**
  33 * API module that facilitates the blocking of users. Requires API write mode
  34 * to be enabled.
  35 *
  36  * @ingroup API
  37  */
  38 class ApiBlock extends ApiBase {
  39
  40         /**
  41          * Std ctor.
  42          */
  43         public function __construct( $main, $action ) {
  44                 parent::__construct( $main, $action );
  45         }
  46
  47         /**
  48          * Blocks the user specified in the parameters for the given expiry, with the
  49          * given reason, and with all other settings provided in the params. If the block
  50          * succeeds, produces a result containing the details of the block and notice
  51          * of success. If it fails, the result will specify the nature of the error.
  52          */
  53         public function execute() {
  54                 global $wgUser, $wgBlockAllowsUTEdit;
  55                 $params = $this->extractRequestParams();
  56
  57                 if ( $params['gettoken'] ) {
  58                         $res['blocktoken'] = $wgUser->editToken();
  59                         $this->getResult()->addValue( null, $this->getModuleName(), $res );
  60                         return;
  61                 }
  62
  63                 if ( !$wgUser->isAllowed( 'block' ) ) {
  64                         $this->dieUsageMsg( array( 'cantblock' ) );
  65                 }
  66                 # bug 15810: blocked admins should have limited access here
  67                 if ( $wgUser->isBlocked() ) {
  68                         $status = IPBlockForm::checkUnblockSelf( $params['user'] );
  69                         if ( $status !== true ) {
  70                                 $this->dieUsageMsg( array( $status ) );
  71                         }
  72                 }
  73                 if ( $params['hidename'] && !$wgUser->isAllowed( 'hideuser' ) ) {
  74                         $this->dieUsageMsg( array( 'canthide' ) );
  75                 }
  76                 if ( $params['noemail'] && !IPBlockForm::canBlockEmail( $wgUser ) ) {
  77                         $this->dieUsageMsg( array( 'cantblock-email' ) );
  78                 }
  79
  80                 $form = new IPBlockForm( '' );
  81                 $form->BlockAddress = $params['user'];
  82                 $form->BlockReason = ( is_null( $params['reason'] ) ? '' : $params['reason'] );
  83                 $form->BlockReasonList = 'other';
  84                 $form->BlockExpiry = ( $params['expiry'] == 'never' ? 'infinite' : $params['expiry'] );
  85                 $form->BlockOther = '';
  86                 $form->BlockAnonOnly = $params['anononly'];
  87                 $form->BlockCreateAccount = $params['nocreate'];
  88                 $form->BlockEnableAutoblock = $params['autoblock'];
  89                 $form->BlockEmail = $params['noemail'];
  90                 $form->BlockHideName = $params['hidename'];
  91                 $form->BlockAllowUsertalk = $params['allowusertalk'] && $wgBlockAllowsUTEdit;
  92                 $form->BlockReblock = $params['reblock'];
  93                 $form->BlockWatchUser = $params['watchuser'];
  94
  95                 $userID = $expiry = null;
  96                 $retval = $form->doBlock( $userID, $expiry );
  97                 if ( count( $retval ) ) {
  98                         // We don't care about multiple errors, just report one of them
  99                         $this->dieUsageMsg( $retval );
 100                 }
 101
 102                 $res['user'] = $params['user'];
 103                 $res['userID'] = intval( $userID );
 104                 $res['expiry'] = ( $expiry == Block::infinity() ? 'infinite' : wfTimestamp( TS_ISO_8601, $expiry ) );
 105                 $res['reason'] = $params['reason'];
 106                 if ( $params['anononly'] ) {
 107                         $res['anononly'] = '';
 108                 }
 109                 if ( $params['nocreate'] ) {
 110                         $res['nocreate'] = '';
 111                 }
 112                 if ( $params['autoblock'] ) {
 113                         $res['autoblock'] = '';
 114                 }
 115                 if ( $params['noemail'] ) {
 116                         $res['noemail'] = '';
 117                 }
 118                 if ( $params['hidename'] ) {
 119                         $res['hidename'] = '';
 120                 }
 121                 if ( $params['allowusertalk'] ) {
 122                         $res['allowusertalk'] = '';
 123                 }
 124                 if ( $params['watchuser'] ) {
 125                         $res['watchuser'] = '';
 126                 }
 127
 128                 $this->getResult()->addValue( null, $this->getModuleName(), $res );
 129         }
 130
 131         public function mustBePosted() {
 132                 return true;
 133         }
 134
 135         public function isWriteMode() {
 136                 return true;
 137         }
 138
 139         public function getAllowedParams() {
 140                 return array(
 141                         'user' => array(
 142                                 ApiBase::PARAM_TYPE => 'string',
 143                                 ApiBase::PARAM_REQUIRED => true
 144                         ),
 145                         'token' => null,
 146                         'gettoken' => false,
 147                         'expiry' => 'never',
 148                         'reason' => null,
 149                         'anononly' => false,
 150                         'nocreate' => false,
 151                         'autoblock' => false,
 152                         'noemail' => false,
 153                         'hidename' => false,
 154                         'allowusertalk' => false,
 155                         'reblock' => false,
 156                         'watchuser' => false,
 157                 );
 158         }
 159
 160         public function getParamDescription() {
 161                 return array(
 162                         'user' => 'Username, IP address or IP range you want to block',
 163                         'token' => 'A block token previously obtained through the gettoken parameter or prop=info',
 164                         'gettoken' => 'If set, a block token will be returned, and no other action will be taken',
 165                         'expiry' => 'Relative expiry time, e.g. \'5 months\' or \'2 weeks\'. If set to \'infinite\', \'indefinite\' or \'never\', the block will never expire.',
 166                         'reason' => 'Reason for block (optional)',
 167                         'anononly' => 'Block anonymous users only (i.e. disable anonymous edits for this IP)',
 168                         'nocreate' => 'Prevent account creation',
 169                         'autoblock' => 'Automatically block the last used IP address, and any subsequent IP addresses they try to login from',
 170                         'noemail' => 'Prevent user from sending e-mail through the wiki. (Requires the "blockemail" right.)',
 171                         'hidename' => 'Hide the username from the block log. (Requires the "hideuser" right.)',
 172                         'allowusertalk' => 'Allow the user to edit their own talk page (depends on $wgBlockAllowsUTEdit)',
 173                         'reblock' => 'If the user is already blocked, overwrite the existing block',
 174                         'watchuser' => 'Watch the user/IP\'s user and talk pages',
 175                 );
 176         }
 177
 178         public function getDescription() {
 179                 return 'Block a user';
 180         }
 181
 182         public function getPossibleErrors() {
 183                 return array_merge( parent::getPossibleErrors(), array(
 184                         array( 'cantblock' ),
 185                         array( 'canthide' ),
 186                         array( 'cantblock-email' ),
 187                         array( 'ipbblocked' ),
 188                         array( 'ipbnounblockself' ),
 189                 ) );
 190         }
 191
 192         public function needsToken() {
 193                 return true;
 194         }
 195
 196         public function getTokenSalt() {
 197                 return '';
 198         }
 199
 200         protected function getExamples() {
 201                 return array(
 202                         'api.php?action=block&user=123.5.5.12&expiry=3%20days&reason=First%20strike',
 203                         'api.php?action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail='
 204                 );
 205         }
 206
 207         public function getVersion() {
 208                 return __CLASS__ . ': $Id$';
 209         }
 210 }