MediaWiki master
ApiUnblock.php
Go to the documentation of this file.
1<?php
23namespace MediaWiki\Api;
24
25use MediaWiki\Block\Block;
26use MediaWiki\Block\BlockPermissionCheckerFactory;
27use MediaWiki\Block\BlockTargetFactory;
28use MediaWiki\Block\DatabaseBlockStore;
29use MediaWiki\Block\UnblockUserFactory;
30use MediaWiki\MainConfigNames;
31use MediaWiki\ParamValidator\TypeDef\UserDef;
32use MediaWiki\Title\Title;
33use MediaWiki\User\Options\UserOptionsLookup;
34use MediaWiki\User\UserIdentityLookup;
35use MediaWiki\Watchlist\WatchedItemStoreInterface;
36use MediaWiki\Watchlist\WatchlistManager;
37use RuntimeException;
38use Wikimedia\ParamValidator\ParamValidator;
39use Wikimedia\ParamValidator\TypeDef\ExpiryDef;
40
47class ApiUnblock extends ApiBase {
48
49 use ApiBlockInfoTrait;
50 use ApiWatchlistTrait;
51
52 private BlockPermissionCheckerFactory $permissionCheckerFactory;
53 private UnblockUserFactory $unblockUserFactory;
54 private UserIdentityLookup $userIdentityLookup;
55 private WatchedItemStoreInterface $watchedItemStore;
56 private DatabaseBlockStore $blockStore;
57 private BlockTargetFactory $blockTargetFactory;
58
59 public function __construct(
60 ApiMain $main,
61 string $action,
62 BlockPermissionCheckerFactory $permissionCheckerFactory,
63 UnblockUserFactory $unblockUserFactory,
64 UserIdentityLookup $userIdentityLookup,
65 WatchedItemStoreInterface $watchedItemStore,
66 WatchlistManager $watchlistManager,
67 UserOptionsLookup $userOptionsLookup,
68 DatabaseBlockStore $blockStore,
69 BlockTargetFactory $blockTargetFactory
70 ) {
71 parent::__construct( $main, $action );
72
73 $this->permissionCheckerFactory = $permissionCheckerFactory;
74 $this->unblockUserFactory = $unblockUserFactory;
75 $this->userIdentityLookup = $userIdentityLookup;
76 $this->watchedItemStore = $watchedItemStore;
77
78 // Variables needed in ApiWatchlistTrait trait
79 $this->watchlistExpiryEnabled = $this->getConfig()->get( MainConfigNames::WatchlistExpiry );
80 $this->watchlistMaxDuration =
81 $this->getConfig()->get( MainConfigNames::WatchlistExpiryMaxDuration );
82 $this->watchlistManager = $watchlistManager;
83 $this->userOptionsLookup = $userOptionsLookup;
84 $this->blockStore = $blockStore;
85 $this->blockTargetFactory = $blockTargetFactory;
86 }
87
91 public function execute() {
92 $performer = $this->getUser();
93 $params = $this->extractRequestParams();
94
95 $this->requireOnlyOneParameter( $params, 'id', 'user', 'userid' );
96
97 if ( !$this->getAuthority()->isAllowed( 'block' ) ) {
98 $this->dieWithError( 'apierror-permissiondenied-unblock', 'permissiondenied' );
99 }
100
101 if ( $params['userid'] !== null ) {
102 $identity = $this->userIdentityLookup->getUserIdentityByUserId( $params['userid'] );
103 if ( !$identity ) {
104 $this->dieWithError( [ 'apierror-nosuchuserid', $params['userid'] ], 'nosuchuserid' );
105 }
106 $params['user'] = $identity;
107 }
108
109 $blockToRemove = null;
110 if ( $params['id'] !== null ) {
111 $blockToRemove = $this->blockStore->newFromID( $params['id'], true );
112 if ( !$blockToRemove ) {
113 $this->dieWithError(
114 [ 'apierror-nosuchblockid', $params['id'] ],
115 'nosuchblockid' );
116 }
117 $target = $blockToRemove->getRedactedTarget();
118 if ( !$target ) {
119 throw new RuntimeException( 'Block has no target' );
120 }
121 } else {
122 $target = $this->blockTargetFactory->newFromUser( $params['user'] );
123 }
124
125 # T17810: blocked admins should have limited access here
126 $status = $this->permissionCheckerFactory
127 ->newChecker(
128 $this->getAuthority()
129 )->checkBlockPermissions( $target );
130
131 if ( $status !== true ) {
132 $this->dieWithError(
133 $status,
134 null,
135 // @phan-suppress-next-line PhanTypeMismatchArgumentNullable Block is checked and not null
136 [ 'blockinfo' => $this->getBlockDetails( $performer->getBlock() ) ]
137 );
138 }
139
140 if ( $blockToRemove !== null ) {
141 $status = $this->unblockUserFactory->newRemoveBlock(
142 $blockToRemove,
143 $this->getAuthority(),
144 $params['reason'],
145 $params['tags'] ?? []
146 )->unblock();
147 } else {
148 $status = $this->unblockUserFactory->newUnblockUser(
149 $target,
150 $this->getAuthority(),
151 $params['reason'],
152 $params['tags'] ?? []
153 )->unblock();
154 }
155
156 if ( !$status->isOK() ) {
157 $this->dieStatus( $status );
158 }
159
160 $block = $status->getValue();
161 $targetType = $block->getType();
162 $targetName = $targetType === Block::TYPE_AUTO ? '' : $block->getTargetName();
163 $targetUserId = $block->getTargetUserIdentity() ? $block->getTargetUserIdentity()->getId() : 0;
164
165 $watchlistExpiry = $this->getExpiryFromParams( $params );
166 $watchuser = $params['watchuser'];
167 $userPage = Title::makeTitle( NS_USER, $targetName );
168 if ( $watchuser && $targetType !== Block::TYPE_RANGE && $targetType !== Block::TYPE_AUTO ) {
169 $this->setWatch( 'watch', $userPage, $this->getUser(), null, $watchlistExpiry );
170 } else {
171 $watchuser = false;
172 $watchlistExpiry = null;
173 }
174
175 $res = [
176 'id' => $block->getId(),
177 'user' => $targetName,
178 'userid' => $targetUserId,
179 'reason' => $params['reason'],
180 'watchuser' => $watchuser,
181 ];
182
183 if ( $watchlistExpiry !== null ) {
184 $res['watchlistexpiry'] = $this->getWatchlistExpiry(
185 $this->watchedItemStore,
186 $userPage,
187 $this->getUser()
188 );
189 }
190
191 $this->getResult()->addValue( null, $this->getModuleName(), $res );
192 }
193
194 public function mustBePosted() {
195 return true;
196 }
197
198 public function isWriteMode() {
199 return true;
200 }
201
202 public function getAllowedParams() {
203 $params = [
204 'id' => [
205 ParamValidator::PARAM_TYPE => 'integer',
206 ],
207 'user' => [
208 ParamValidator::PARAM_TYPE => 'user',
209 UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'ip', 'temp', 'cidr', 'id' ],
210 UserDef::PARAM_RETURN_OBJECT => true,
211 ],
212 'userid' => [
213 ParamValidator::PARAM_TYPE => 'integer',
214 ParamValidator::PARAM_DEPRECATED => true,
215 ],
216 'reason' => '',
217 'tags' => [
218 ParamValidator::PARAM_TYPE => 'tags',
219 ParamValidator::PARAM_ISMULTI => true,
220 ],
221 'watchuser' => false,
222 ];
223
224 // Params appear in the docs in the order they are defined,
225 // which is why this is here and not at the bottom.
226 // @todo Find better way to support insertion at arbitrary position
227 if ( $this->watchlistExpiryEnabled ) {
228 $params += [
229 'watchlistexpiry' => [
230 ParamValidator::PARAM_TYPE => 'expiry',
231 ExpiryDef::PARAM_MAX => $this->watchlistMaxDuration,
232 ExpiryDef::PARAM_USE_MAX => true,
233 ]
234 ];
235 }
236
237 return $params;
238 }
239
240 public function needsToken() {
241 return 'csrf';
242 }
243
244 protected function getExamplesMessages() {
245 return [
246 'action=unblock&id=105'
247 => 'apihelp-unblock-example-id',
248 'action=unblock&user=Bob&reason=Sorry%20Bob'
249 => 'apihelp-unblock-example-user',
250 ];
251 }
252
253 public function getHelpUrls() {
254 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Block';
255 }
256}
257
259class_alias( ApiUnblock::class, 'ApiUnblock' );
NS_USER
const NS_USER
Definition Defines.php:67
MediaWiki\Api\ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:75
MediaWiki\Api\ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1522
MediaWiki\Api\ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:557
MediaWiki\Api\ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:696
MediaWiki\Api\ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1573
MediaWiki\Api\ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:837
MediaWiki\Api\ApiBase\requireOnlyOneParameter
requireOnlyOneParameter( $params,... $required)
Die if 0 or more than one of a certain set of parameters is set and not false.
Definition ApiBase.php:976
MediaWiki\Api\ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:78
MediaWiki\Api\ApiUnblock
API module that facilitates the unblocking of users.
Definition ApiUnblock.php:47
MediaWiki\Api\ApiUnblock\mustBePosted
mustBePosted()
Indicates whether this module must be called with a POST request.
Definition ApiUnblock.php:194
MediaWiki\Api\ApiUnblock\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiUnblock.php:240
MediaWiki\Api\ApiUnblock\execute
execute()
Unblocks the specified user or provides the reason the unblock failed.
Definition ApiUnblock.php:91
MediaWiki\Api\ApiUnblock\isWriteMode
isWriteMode()
Indicates whether this module requires write access to the wiki.
Definition ApiUnblock.php:198
MediaWiki\Api\ApiUnblock\__construct
__construct(ApiMain $main, string $action, BlockPermissionCheckerFactory $permissionCheckerFactory, UnblockUserFactory $unblockUserFactory, UserIdentityLookup $userIdentityLookup, WatchedItemStoreInterface $watchedItemStore, WatchlistManager $watchlistManager, UserOptionsLookup $userOptionsLookup, DatabaseBlockStore $blockStore, BlockTargetFactory $blockTargetFactory)
Definition ApiUnblock.php:59
MediaWiki\Api\ApiUnblock\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiUnblock.php:202
MediaWiki\Api\ApiUnblock\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiUnblock.php:253
MediaWiki\Api\ApiUnblock\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiUnblock.php:244
MediaWiki\Block\BlockTargetFactory
Factory for BlockTarget objects.
Definition BlockTargetFactory.php:24
MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22
MediaWiki\MainConfigNames\WatchlistExpiry
const WatchlistExpiry
Name constant for the WatchlistExpiry setting, for use with Config::get()
Definition MainConfigNames.php:3796
MediaWiki\MainConfigNames\WatchlistExpiryMaxDuration
const WatchlistExpiryMaxDuration
Name constant for the WatchlistExpiryMaxDuration setting, for use with Config::get()
Definition MainConfigNames.php:3808
MediaWiki\ParamValidator\TypeDef\UserDef
Type definition for user types.
Definition UserDef.php:27
MediaWiki\Title\Title
Represents a title within MediaWiki.
Definition Title.php:78
MediaWiki\User\Options\UserOptionsLookup
Provides access to user options.
Definition UserOptionsLookup.php:31
Wikimedia\ParamValidator\ParamValidator
Service for formatting and validating API parameters.
Definition ParamValidator.php:42
Wikimedia\ParamValidator\TypeDef\ExpiryDef
Type definition for expiry timestamps.
Definition ExpiryDef.php:17
MediaWiki\Api\ApiBlockInfoTrait
trait ApiBlockInfoTrait
Definition ApiBlockInfoTrait.php:30
MediaWiki\Api\ApiWatchlistTrait
trait ApiWatchlistTrait
An ApiWatchlistTrait adds class properties and convenience methods for APIs that allow you to watch a...
Definition ApiWatchlistTrait.php:26
MediaWiki\Block\Block
Represents a block that may prevent users from performing specific operations.
Definition Block.php:45
MediaWiki\User\UserIdentityLookup
Service for looking up UserIdentity.
Definition UserIdentityLookup.php:35
MediaWiki\Api\getExpiryFromParams
getExpiryFromParams(array $params)
Get formatted expiry from the given parameters, or null if no expiry was provided.
Definition ApiWatchlistTrait.php:155
MediaWiki\Api\setWatch
setWatch(string $watch, PageIdentity $page, User $user, ?string $userOption=null, ?string $expiry=null)
Set a watch (or unwatch) based the based on a watchlist parameter.
Definition ApiWatchlistTrait.php:90
MediaWiki\Api\getWatchlistExpiry
getWatchlistExpiry(WatchedItemStoreInterface $store, PageIdentity $page, UserIdentity $user)
Get existing expiry from the database.
Definition ApiWatchlistTrait.php:172