MediaWiki  master
BlockPermissionChecker.php
Go to the documentation of this file.
1 <?php
2 
22 namespace MediaWiki\Block;
23 
26 use User;
27 
42  private $target;
43 
47  private $targetType = null;
48 
52  private $performer;
53 
58 
59  public function __construct(
61  $target,
63  ) {
64  $this->permissionManager = $permissionManager;
65  list( $this->target, $this->targetType ) = AbstractBlock::parseTarget( $target );
66  $this->performer = $performer;
67  }
68 
80  public function checkBlockPermissions() {
81  $block = $this->performer->getBlock();
82  if ( !$block ) {
83  // User is not blocked, process as normal
84  return true;
85  }
86 
87  if ( !$block->isSitewide() ) {
88  // T208965: Partially blocked admins should have full access
89  return true;
90  }
91 
92  if (
93  $this->target instanceof UserIdentity &&
94  $this->target->getId() === $this->performer->getId()
95  ) {
96  // Blocked admin is trying to alter their own block
97 
98  // Self-blocked admins can always remove or alter their block
99  if ( $this->performer->blockedBy() === $this->performer->getName() ) {
100  return true;
101  }
102 
103  // Users with 'unblockself' right can unblock themselves or alter their own block
104  if ( $this->permissionManager->userHasRight( $this->performer, 'unblockself' ) ) {
105  return true;
106  } else {
107  return 'ipbnounblockself';
108  }
109  }
110 
111  if (
112  $this->target instanceof UserIdentity &&
113  $this->performer->blockedBy() === $this->target->getName()
114  ) {
115  // T150826: Blocked admins can always block the admin who blocked them
116  return true;
117  }
118 
119  // User is blocked and no exception took effect
120  return 'ipbblocked';
121  }
122 }
MediaWiki\Block\BlockPermissionChecker\checkBlockPermissions
checkBlockPermissions()
Checks block-related permissions (doesn't check any other permissions)
Definition: BlockPermissionChecker.php:80
MediaWiki\Block
Definition: AbstractBlock.php:21
MediaWiki\Block\BlockPermissionChecker\$permissionManager
PermissionManager $permissionManager
Definition: BlockPermissionChecker.php:57
MediaWiki\User\UserIdentity
Interface for objects representing user identity.
Definition: UserIdentity.php:32
MediaWiki\Block\BlockPermissionChecker\$targetType
$targetType
Definition: BlockPermissionChecker.php:47
MediaWiki\Block\BlockPermissionChecker\__construct
__construct(PermissionManager $permissionManager, $target, User $performer)
Definition: BlockPermissionChecker.php:59
MediaWiki\Block\BlockPermissionChecker\$performer
User $performer
Block performer.
Definition: BlockPermissionChecker.php:52
MediaWiki\User\UserIdentity\getName
getName()
MediaWiki\Block\BlockPermissionChecker
Block permissions.
Definition: BlockPermissionChecker.php:38
MediaWiki\Block\AbstractBlock\parseTarget
static parseTarget( $target)
From an existing block, get the target and the type of target.
Definition: AbstractBlock.php:380
MediaWiki\Permissions\PermissionManager
A service class for checking permissions To obtain an instance, use MediaWikiServices::getInstance()-...
Definition: PermissionManager.php:49
MediaWiki\Block\BlockPermissionChecker\$target
UserIdentity string $target
Block target.
Definition: BlockPermissionChecker.php:42
MediaWiki\User\UserIdentity\getId
getId()
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:55