ApiQueryBlocks.php

Go to the documentation of this file.

<?php
use MediaWiki\Block\BlockActionInfo;
use MediaWiki\Block\BlockRestrictionStore;
use MediaWiki\ParamValidator\TypeDef\UserDef;
use MediaWiki\User\UserNameUtils;
use Wikimedia\IPUtils;
use Wikimedia\Rdbms\IResultWrapper;
 
class ApiQueryBlocks extends ApiQueryBase {
 
    private $blockActionInfo;
 
    private $blockRestrictionStore;
 
    private $commentStore;
 
    private $userNameUtils;
 
    public function __construct(
        ApiQuery $query,
        $moduleName,
        BlockActionInfo $blockActionInfo,
        BlockRestrictionStore $blockRestrictionStore,
        CommentStore $commentStore,
        UserNameUtils $userNameUtils
    ) {
        parent::__construct( $query, $moduleName, 'bk' );
        $this->blockActionInfo = $blockActionInfo;
        $this->blockRestrictionStore = $blockRestrictionStore;
        $this->commentStore = $commentStore;
        $this->userNameUtils = $userNameUtils;
    }
 
    public function execute() {
        $db = $this->getDB();
        $params = $this->extractRequestParams();
        $this->requireMaxOneParameter( $params, 'users', 'ip' );
 
        $prop = array_fill_keys( $params['prop'], true );
        $fld_id = isset( $prop['id'] );
        $fld_user = isset( $prop['user'] );
        $fld_userid = isset( $prop['userid'] );
        $fld_by = isset( $prop['by'] );
        $fld_byid = isset( $prop['byid'] );
        $fld_timestamp = isset( $prop['timestamp'] );
        $fld_expiry = isset( $prop['expiry'] );
        $fld_reason = isset( $prop['reason'] );
        $fld_range = isset( $prop['range'] );
        $fld_flags = isset( $prop['flags'] );
        $fld_restrictions = isset( $prop['restrictions'] );
 
        $result = $this->getResult();
 
        $this->addTables( 'ipblocks' );
        $this->addFields( [ 'ipb_auto', 'ipb_id', 'ipb_timestamp' ] );
 
        $this->addFieldsIf( [ 'ipb_address', 'ipb_user' ], $fld_user || $fld_userid );
        if ( $fld_by || $fld_byid ) {
            $this->addTables( 'actor' );
            $this->addFields( [ 'actor_user', 'actor_name' ] );
            $this->addJoinConds( [ 'actor' => [ 'JOIN', 'actor_id=ipb_by_actor' ] ] );
        }
        $this->addFieldsIf( 'ipb_expiry', $fld_expiry );
        $this->addFieldsIf( [ 'ipb_range_start', 'ipb_range_end' ], $fld_range );
        $this->addFieldsIf( [ 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock',
            'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk', 'ipb_sitewide' ],
            $fld_flags );
        $this->addFieldsIf( 'ipb_sitewide', $fld_restrictions );
 
        if ( $fld_reason ) {
            $commentQuery = $this->commentStore->getJoin( 'ipb_reason' );
            $this->addTables( $commentQuery['tables'] );
            $this->addFields( $commentQuery['fields'] );
            $this->addJoinConds( $commentQuery['joins'] );
        }
 
        $this->addOption( 'LIMIT', $params['limit'] + 1 );
        $this->addTimestampWhereRange(
            'ipb_timestamp',
            $params['dir'],
            $params['start'],
            $params['end']
        );
        // Include in ORDER BY for uniqueness
        $this->addWhereRange( 'ipb_id', $params['dir'], null, null );
 
        if ( $params['continue'] !== null ) {
            $cont = explode( '|', $params['continue'] );
            $this->dieContinueUsageIf( count( $cont ) != 2 );
            $op = ( $params['dir'] == 'newer' ? '>' : '<' );
            $continueTimestamp = $db->addQuotes( $db->timestamp( $cont[0] ) );
            $continueId = (int)$cont[1];
            $this->dieContinueUsageIf( $continueId != $cont[1] );
            $this->addWhere( "ipb_timestamp $op $continueTimestamp OR " .
                "(ipb_timestamp = $continueTimestamp AND " .
                "ipb_id $op= $continueId)"
            );
        }
 
        if ( isset( $params['ids'] ) ) {
            $this->addWhereIDsFld( 'ipblocks', 'ipb_id', $params['ids'] );
        }
        if ( isset( $params['users'] ) ) {
            $usernames = [];
            foreach ( (array)$params['users'] as $u ) {
                $usernames[] = $this->prepareUsername( $u );
            }
            $this->addWhereFld( 'ipb_address', $usernames );
            $this->addWhereFld( 'ipb_auto', 0 );
        }
        if ( isset( $params['ip'] ) ) {
            $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
            if ( IPUtils::isIPv4( $params['ip'] ) ) {
                $type = 'IPv4';
                $cidrLimit = $blockCIDRLimit['IPv4'];
                $prefixLen = 0;
            } elseif ( IPUtils::isIPv6( $params['ip'] ) ) {
                $type = 'IPv6';
                $cidrLimit = $blockCIDRLimit['IPv6'];
                $prefixLen = 3; // IPUtils::toHex output is prefixed with "v6-"
            } else {
                $this->dieWithError( 'apierror-badip', 'param_ip' );
            }
 
            # Check range validity, if it's a CIDR
            list( $ip, $range ) = IPUtils::parseCIDR( $params['ip'] );
            if ( $ip !== false && $range !== false && $range < $cidrLimit ) {
                $this->dieWithError( [ 'apierror-cidrtoobroad', $type, $cidrLimit ] );
            }
 
            # Let IPUtils::parseRange handle calculating $upper, instead of duplicating the logic here.
            list( $lower, $upper ) = IPUtils::parseRange( $params['ip'] );
 
            # Extract the common prefix to any rangeblock affecting this IP/CIDR
            $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) );
 
            # Fairly hard to make a malicious SQL statement out of hex characters,
            # but it is good practice to add quotes
            $lower = $db->addQuotes( $lower );
            $upper = $db->addQuotes( $upper );
 
            $this->addWhere( [
                'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
                'ipb_range_start <= ' . $lower,
                'ipb_range_end >= ' . $upper,
                'ipb_auto' => 0
            ] );
        }
 
        if ( $params['show'] !== null ) {
            $show = array_fill_keys( $params['show'], true );
 
            /* Check for conflicting parameters. */
            if ( ( isset( $show['account'] ) && isset( $show['!account'] ) )
                || ( isset( $show['ip'] ) && isset( $show['!ip'] ) )
                || ( isset( $show['range'] ) && isset( $show['!range'] ) )
                || ( isset( $show['temp'] ) && isset( $show['!temp'] ) )
            ) {
                $this->dieWithError( 'apierror-show' );
            }
 
            $this->addWhereIf( 'ipb_user = 0', isset( $show['!account'] ) );
            $this->addWhereIf( 'ipb_user != 0', isset( $show['account'] ) );
            $this->addWhereIf( 'ipb_user != 0 OR ipb_range_end > ipb_range_start', isset( $show['!ip'] ) );
            $this->addWhereIf( 'ipb_user = 0 AND ipb_range_end = ipb_range_start', isset( $show['ip'] ) );
            $this->addWhereIf( 'ipb_expiry = ' .
                $db->addQuotes( $db->getInfinity() ), isset( $show['!temp'] ) );
            $this->addWhereIf( 'ipb_expiry != ' .
                $db->addQuotes( $db->getInfinity() ), isset( $show['temp'] ) );
            $this->addWhereIf( 'ipb_range_end = ipb_range_start', isset( $show['!range'] ) );
            $this->addWhereIf( 'ipb_range_end > ipb_range_start', isset( $show['range'] ) );
        }
 
        if ( !$this->getAuthority()->isAllowed( 'hideuser' ) ) {
            $this->addWhereFld( 'ipb_deleted', 0 );
        }
 
        # Filter out expired rows
        $this->addWhere( 'ipb_expiry > ' . $db->addQuotes( $db->timestamp() ) );
 
        $res = $this->select( __METHOD__ );
 
        $restrictions = [];
        if ( $fld_restrictions ) {
            $restrictions = $this->getRestrictionData( $res, $params['limit'] );
        }
 
        $count = 0;
        foreach ( $res as $row ) {
            if ( ++$count > $params['limit'] ) {
                // We've had enough
                $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
                break;
            }
            $block = [
                ApiResult::META_TYPE => 'assoc',
            ];
            if ( $fld_id ) {
                $block['id'] = (int)$row->ipb_id;
            }
            if ( $fld_user && !$row->ipb_auto ) {
                $block['user'] = $row->ipb_address;
            }
            if ( $fld_userid && !$row->ipb_auto ) {
                $block['userid'] = (int)$row->ipb_user;
            }
            if ( $fld_by ) {
                $block['by'] = $row->actor_name;
            }
            if ( $fld_byid ) {
                $block['byid'] = (int)$row->actor_user;
            }
            if ( $fld_timestamp ) {
                $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
            }
            if ( $fld_expiry ) {
                $block['expiry'] = ApiResult::formatExpiry( $row->ipb_expiry );
            }
            if ( $fld_reason ) {
                $block['reason'] = $this->commentStore->getComment( 'ipb_reason', $row )->text;
            }
            if ( $fld_range && !$row->ipb_auto ) {
                $block['rangestart'] = IPUtils::formatHex( $row->ipb_range_start );
                $block['rangeend'] = IPUtils::formatHex( $row->ipb_range_end );
            }
            if ( $fld_flags ) {
                // For clarity, these flags use the same names as their action=block counterparts
                $block['automatic'] = (bool)$row->ipb_auto;
                $block['anononly'] = (bool)$row->ipb_anon_only;
                $block['nocreate'] = (bool)$row->ipb_create_account;
                $block['autoblock'] = (bool)$row->ipb_enable_autoblock;
                $block['noemail'] = (bool)$row->ipb_block_email;
                $block['hidden'] = (bool)$row->ipb_deleted;
                $block['allowusertalk'] = (bool)$row->ipb_allow_usertalk;
                $block['partial'] = !(bool)$row->ipb_sitewide;
            }
 
            if ( $fld_restrictions ) {
                $block['restrictions'] = [];
                if ( !$row->ipb_sitewide && isset( $restrictions[$row->ipb_id] ) ) {
                    $block['restrictions'] = $restrictions[$row->ipb_id];
                }
            }
 
            $fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $block );
            if ( !$fit ) {
                $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
                break;
            }
        }
        $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'block' );
    }
 
    protected function prepareUsername( $user ) {
        if ( !$user ) {
            $encParamName = $this->encodeParamName( 'users' );
            $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
                "baduser_{$encParamName}"
            );
        }
        $name = $this->userNameUtils->isIP( $user ) || IPUtils::isIPv6( $user )
            ? $user
            : $this->userNameUtils->getCanonical( $user );
        if ( $name === false ) {
            $encParamName = $this->encodeParamName( 'users' );
            $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
                "baduser_{$encParamName}"
            );
        }
        return $name;
    }
 
    private function getRestrictionData( IResultWrapper $result, $limit ) {
        $partialIds = [];
        $count = 0;
        foreach ( $result as $row ) {
            if ( ++$count <= $limit && !$row->ipb_sitewide ) {
                $partialIds[] = (int)$row->ipb_id;
            }
        }
 
        $restrictions = $this->blockRestrictionStore->loadByBlockId( $partialIds );
 
        $data = [];
        $keys = [
            'page' => 'pages',
            'ns' => 'namespaces',
        ];
        if ( $this->getConfig()->get( 'EnablePartialActionBlocks' ) ) {
            $keys['action'] = 'actions';
        }
 
        foreach ( $restrictions as $restriction ) {
            $key = $keys[$restriction->getType()];
            $id = $restriction->getBlockId();
            switch ( $restriction->getType() ) {
                case 'page':
                    '@phan-var \MediaWiki\Block\Restriction\PageRestriction $restriction';
                    $value = [ 'id' => $restriction->getValue() ];
                    if ( $restriction->getTitle() ) {
                        self::addTitleInfo( $value, $restriction->getTitle() );
                    }
                    break;
                case 'action':
                    $value = $this->blockActionInfo->getActionFromId( $restriction->getValue() );
                    break;
                default:
                    $value = $restriction->getValue();
            }
 
            if ( !isset( $data[$id][$key] ) ) {
                $data[$id][$key] = [];
                ApiResult::setIndexedTagName( $data[$id][$key], $restriction->getType() );
            }
            $data[$id][$key][] = $value;
        }
 
        return $data;
    }
 
    public function getAllowedParams() {
        $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
 
        return [
            'start' => [
                ApiBase::PARAM_TYPE => 'timestamp'
            ],
            'end' => [
                ApiBase::PARAM_TYPE => 'timestamp',
            ],
            'dir' => [
                ApiBase::PARAM_TYPE => [
                    'newer',
                    'older'
                ],
                ApiBase::PARAM_DFLT => 'older',
                ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
            ],
            'ids' => [
                ApiBase::PARAM_TYPE => 'integer',
                ApiBase::PARAM_ISMULTI => true
            ],
            'users' => [
                ApiBase::PARAM_TYPE => 'user',
                UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'ip', 'cidr' ],
                ApiBase::PARAM_ISMULTI => true
            ],
            'ip' => [
                ApiBase::PARAM_HELP_MSG => [
                    'apihelp-query+blocks-param-ip',
                    $blockCIDRLimit['IPv4'],
                    $blockCIDRLimit['IPv6'],
                ],
            ],
            'limit' => [
                ApiBase::PARAM_DFLT => 10,
                ApiBase::PARAM_TYPE => 'limit',
                ApiBase::PARAM_MIN => 1,
                ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
                ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
            ],
            'prop' => [
                ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
                ApiBase::PARAM_TYPE => [
                    'id',
                    'user',
                    'userid',
                    'by',
                    'byid',
                    'timestamp',
                    'expiry',
                    'reason',
                    'range',
                    'flags',
                    'restrictions',
                ],
                ApiBase::PARAM_ISMULTI => true,
                ApiBase::PARAM_HELP_MSG_PER_VALUE => [],
            ],
            'show' => [
                ApiBase::PARAM_TYPE => [
                    'account',
                    '!account',
                    'temp',
                    '!temp',
                    'ip',
                    '!ip',
                    'range',
                    '!range',
                ],
                ApiBase::PARAM_ISMULTI => true
            ],
            'continue' => [
                ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
            ],
        ];
    }
 
    protected function getExamplesMessages() {
        return [
            'action=query&list=blocks'
                => 'apihelp-query+blocks-example-simple',
            'action=query&list=blocks&bkusers=Alice|Bob'
                => 'apihelp-query+blocks-example-users',
        ];
    }
 
    public function getHelpUrls() {
        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Blocks';
    }
}