MediaWiki  1.27.2
ApiBlock.php
Go to the documentation of this file.
1 <?php
33 class ApiBlock extends ApiBase {
34 
41  public function execute() {
42  global $wgContLang;
43 
44  $user = $this->getUser();
45  $params = $this->extractRequestParams();
46 
47  if ( !$user->isAllowed( 'block' ) ) {
48  $this->dieUsageMsg( 'cantblock' );
49  }
50 
51  # bug 15810: blocked admins should have limited access here
52  if ( $user->isBlocked() ) {
53  $status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
54  if ( $status !== true ) {
55  $msg = $this->parseMsg( $status );
56  $this->dieUsage(
57  $msg['info'],
58  $msg['code'],
59  0,
60  [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
61  );
62  }
63  }
64 
65  $target = User::newFromName( $params['user'] );
66  // Bug 38633 - if the target is a user (not an IP address), but it
67  // doesn't exist or is unusable, error.
68  if ( $target instanceof User &&
69  ( $target->isAnon() /* doesn't exist */ || !User::isUsableName( $target->getName() ) )
70  ) {
71  $this->dieUsageMsg( [ 'nosuchuser', $params['user'] ] );
72  }
73 
74  if ( $params['hidename'] && !$user->isAllowed( 'hideuser' ) ) {
75  $this->dieUsageMsg( 'canthide' );
76  }
77  if ( $params['noemail'] && !SpecialBlock::canBlockEmail( $user ) ) {
78  $this->dieUsageMsg( 'cantblock-email' );
79  }
80 
81  $data = [
82  'PreviousTarget' => $params['user'],
83  'Target' => $params['user'],
84  'Reason' => [
85  $params['reason'],
86  'other',
87  $params['reason']
88  ],
89  'Expiry' => $params['expiry'],
90  'HardBlock' => !$params['anononly'],
91  'CreateAccount' => $params['nocreate'],
92  'AutoBlock' => $params['autoblock'],
93  'DisableEmail' => $params['noemail'],
94  'HideUser' => $params['hidename'],
95  'DisableUTEdit' => !$params['allowusertalk'],
96  'Reblock' => $params['reblock'],
97  'Watch' => $params['watchuser'],
98  'Confirm' => true,
99  ];
100 
101  $retval = SpecialBlock::processForm( $data, $this->getContext() );
102  if ( $retval !== true ) {
103  // We don't care about multiple errors, just report one of them
104  $this->dieUsageMsg( $retval );
105  }
106 
107  list( $target, /*...*/ ) = SpecialBlock::getTargetAndType( $params['user'] );
108  $res['user'] = $params['user'];
109  $res['userID'] = $target instanceof User ? $target->getId() : 0;
110 
111  $block = Block::newFromTarget( $target, null, true );
112  if ( $block instanceof Block ) {
113  $res['expiry'] = $wgContLang->formatExpiry( $block->mExpiry, TS_ISO_8601, 'infinite' );
114  $res['id'] = $block->getId();
115  } else {
116  # should be unreachable
117  $res['expiry'] = '';
118  $res['id'] = '';
119  }
120 
121  $res['reason'] = $params['reason'];
122  $res['anononly'] = $params['anononly'];
123  $res['nocreate'] = $params['nocreate'];
124  $res['autoblock'] = $params['autoblock'];
125  $res['noemail'] = $params['noemail'];
126  $res['hidename'] = $params['hidename'];
127  $res['allowusertalk'] = $params['allowusertalk'];
128  $res['watchuser'] = $params['watchuser'];
129 
130  $this->getResult()->addValue( null, $this->getModuleName(), $res );
131  }
132 
133  public function mustBePosted() {
134  return true;
135  }
136 
137  public function isWriteMode() {
138  return true;
139  }
140 
141  public function getAllowedParams() {
142  return [
143  'user' => [
144  ApiBase::PARAM_TYPE => 'user',
145  ApiBase::PARAM_REQUIRED => true
146  ],
147  'expiry' => 'never',
148  'reason' => '',
149  'anononly' => false,
150  'nocreate' => false,
151  'autoblock' => false,
152  'noemail' => false,
153  'hidename' => false,
154  'allowusertalk' => false,
155  'reblock' => false,
156  'watchuser' => false,
157  ];
158  }
159 
160  public function needsToken() {
161  return 'csrf';
162  }
163 
164  protected function getExamplesMessages() {
165  // @codingStandardsIgnoreStart Generic.Files.LineLength
166  return [
167  'action=block&user=192.0.2.5&expiry=3%20days&reason=First%20strike&token=123ABC'
168  => 'apihelp-block-example-ip-simple',
169  'action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate=&autoblock=&noemail=&token=123ABC'
170  => 'apihelp-block-example-user-complex',
171  ];
172  // @codingStandardsIgnoreEnd
173  }
174 
175  public function getHelpUrls() {
176  return 'https://www.mediawiki.org/wiki/API:Block';
177  }
178 }
User\newFromName
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
Definition: User.php:568
ApiBlock\mustBePosted
mustBePosted()
Definition: ApiBlock.php:133
ApiBlock\needsToken
needsToken()
Definition: ApiBlock.php:160
ApiBlock\getExamplesMessages
getExamplesMessages()
Definition: ApiBlock.php:164
SpecialBlock\checkUnblockSelf
static checkUnblockSelf($user, User $performer)
bug 15810: blocked admins should not be able to block/unblock others, and probably shouldn't be able ...
Definition: SpecialBlock.php:898
ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below...
Definition: ApiBase.php:88
list
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition: deferred.txt:11
SpecialBlock\processForm
static processForm(array $data, IContextSource $context)
Given the form data, actually implement a block.
Definition: SpecialBlock.php:612
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:584
ApiBlock\getHelpUrls
getHelpUrls()
Definition: ApiBlock.php:175
ApiBase\PARAM_REQUIRED
const PARAM_REQUIRED
(boolean) Is the parameter required?
Definition: ApiBase.php:112
User\isUsableName
static isUsableName($name)
Usernames which fail to pass this function will be blocked from user login and new account registrati...
Definition: User.php:895
ApiBase\extractRequestParams
extractRequestParams($parseLimit=true)
Using getAllowedParams(), this function makes an array of the values provided by the user...
Definition: ApiBase.php:685
global
when a variable name is used in a it is silently declared as a new local masking the global
Definition: design.txt:93
ApiQueryUserInfo\getBlockInfo
static getBlockInfo(Block $block)
Get basic info about a given block.
Definition: ApiQueryUserInfo.php:66
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1798
Block\newFromTarget
static newFromTarget($specificTarget, $vagueTarget=null, $fromMaster=false)
Given a target and the target's type, get an existing Block object if possible.
Definition: Block.php:1077
TS_ISO_8601
const TS_ISO_8601
ISO 8601 format with no timezone: 1986-02-09T20:00:00Z.
Definition: GlobalFunctions.php:2016
$res
$res
Definition: database.txt:21
ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition: ContextSource.php:41
$params
$params
Definition: styleTest.css.php:40
SpecialBlock\canBlockEmail
static canBlockEmail($user)
Can we do an email block?
Definition: SpecialBlock.php:884
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:464
$user
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition: hooks.txt:242
ApiBlock\getAllowedParams
getAllowedParams()
Definition: ApiBlock.php:141
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
ApiBlock\isWriteMode
isWriteMode()
Definition: ApiBlock.php:137
ApiBase\dieUsage
dieUsage($description, $errorCode, $httpRespCode=0, $extradata=null)
Throw a UsageException, which will (if uncaught) call the main module's error handler and die with an...
Definition: ApiBase.php:1526
$wgContLang
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as and the local content language as $wgContLang
Definition: design.txt:56
$status
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1004
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes...
Definition: ApiBase.php:39
ApiBase\parseMsg
parseMsg($error)
Return the error message related to a certain array.
Definition: ApiBase.php:2194
SpecialBlock\getTargetAndType
static getTargetAndType($par, WebRequest $request=null)
Determine the target of the block, and the type of target.
Definition: SpecialBlock.php:481
ApiBlock
API module that facilitates the blocking of users.
Definition: ApiBlock.php:33
Block
Definition: Block.php:22
$retval
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account incomplete not yet checked for validity & $retval
Definition: hooks.txt:242
ContextSource\getUser
getUser()
Get the User object.
Definition: ContextSource.php:133
ApiBase\dieUsageMsg
dieUsageMsg($error)
Output the error message related to a certain array.
Definition: ApiBase.php:2144
ApiBlock\execute
execute()
Blocks the user specified in the parameters for the given expiry, with the given reason, and with all other settings provided in the params.
Definition: ApiBlock.php:41