MediaWiki master
MediaWiki\Block\BlockManager Class Reference

A service class for checking blocks. More...

Public Member Functions

 __construct (ServiceOptions $options, UserFactory $userFactory, UserIdentityUtils $userIdentityUtils, LoggerInterface $logger, HookContainer $hookContainer, DatabaseBlockStore $blockStore, ProxyLookup $proxyLookup)
 
 clearUserCache (UserIdentity $user)
 Clear the cache of any blocks that refer to the specified user.
 
 filter (?Block $block, $callback)
 Remove elements of a block which fail a callback test.
 
 getBlock (UserIdentity $user, ?WebRequest $request, $fromReplica=true)
 Get the blocks that apply to a user.
 
 getBlocksForIPList (array $ipChain, bool $applySoftBlocks, bool $fromPrimary)
 Get all blocks that match any IP from an array of IP addresses.
 
 getCreateAccountBlock (UserIdentity $user, ?WebRequest $request, $fromReplica)
 Get the block which applies to a create account action, if there is any.
 
 getIpBlock (string $ip, bool $fromReplica)
 Get the blocks that apply to an IP address.
 
 getUserBlock (UserIdentity $user, $request, $fromReplica, $disableIpBlockExemptChecking=false)
 Get the blocks that apply to a user.
 
 isDnsBlacklisted ( $ip, $checkAllowed=false)
 Whether the given IP is in a DNS blacklist.
 
 trackBlockWithCookie (User $user, WebResponse $response)
 Set the 'BlockID' cookie depending on block type and user authentication status.
 

Static Public Member Functions

static clearBlockCookie (WebResponse $response)
 Unset the 'BlockID' cookie.
 

Public Attributes

const CONSTRUCTOR_OPTIONS
 

Protected Member Functions

 checkHost ( $hostname)
 Wrapper for mocking in tests.
 

Detailed Description

A service class for checking blocks.

To obtain an instance, use MediaWikiServices::getInstance()->getBlockManager().

Since
1.34 Refactored from User and Block.

Definition at line 48 of file BlockManager.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\Block\BlockManager::__construct ( ServiceOptions  $options,
UserFactory  $userFactory,
UserIdentityUtils  $userIdentityUtils,
LoggerInterface  $logger,
HookContainer  $hookContainer,
DatabaseBlockStore  $blockStore,
ProxyLookup  $proxyLookup 
)
Parameters
ServiceOptions$options
UserFactory$userFactory
UserIdentityUtils$userIdentityUtils
LoggerInterface$logger
HookContainer$hookContainer
DatabaseBlockStore$blockStore

Definition at line 99 of file BlockManager.php.

References MediaWiki\Config\ServiceOptions\assertRequiredOptions().

Member Function Documentation

◆ checkHost()

MediaWiki\Block\BlockManager::checkHost (   $hostname)
protected

Wrapper for mocking in tests.

Parameters
string$hostnameDNSBL query
Returns
string[]|false IPv4 array, or false if the IP is not blacklisted

Definition at line 730 of file BlockManager.php.

◆ clearBlockCookie()

static MediaWiki\Block\BlockManager::clearBlockCookie ( WebResponse  $response)
static

Unset the 'BlockID' cookie.

Since
1.34
Parameters
WebResponse$response

Definition at line 844 of file BlockManager.php.

References MediaWiki\Request\WebResponse\clearCookie().

◆ clearUserCache()

MediaWiki\Block\BlockManager::clearUserCache ( UserIdentity  $user)

Clear the cache of any blocks that refer to the specified user.

Parameters
UserIdentity$user

Definition at line 258 of file BlockManager.php.

◆ filter()

MediaWiki\Block\BlockManager::filter ( ?Block  $block,
  $callback 
)

Remove elements of a block which fail a callback test.

Since
1.42
Parameters
Block | null$blockThe block, or null to pass in zero blocks.
callable$callbackThe callback, which will be called once for each non-composite component of the block. The only parameter is the non-composite Block. It should return true, to keep that component, or false, to remove that component.
Returns
Block|null
  • If there are zero remaining elements, null will be returned.
  • If there is one remaining element, a DatabaseBlock or some other non-composite block will be returned.
  • If there is more than one remaining element, a CompositeBlock will be returned.

Definition at line 334 of file BlockManager.php.

◆ getBlock()

MediaWiki\Block\BlockManager::getBlock ( UserIdentity  $user,
?WebRequest  $request,
  $fromReplica = true 
)

Get the blocks that apply to a user.

If there is only one, return that, otherwise return a composite block that combines the strictest features of the applicable blocks.

If the user is exempt from IP blocks, the request should be null.

Since
1.42
Parameters
UserIdentity$userThe user performing the action
WebRequest | null$requestThe request to use for IP and cookie blocks, or null to skip checking for such blocks. If the user has the ipblock-exempt right, the request should be null.
bool$fromReplicaWhether to check the replica DB first. To improve performance, non-critical checks are done against replica DBs. Check when actually saving should be done against primary.
Returns
AbstractBlock|null

Definition at line 197 of file BlockManager.php.

Referenced by MediaWiki\Block\BlockManager\getUserBlock().

◆ getBlocksForIPList()

MediaWiki\Block\BlockManager::getBlocksForIPList ( array  $ipChain,
bool  $applySoftBlocks,
bool  $fromPrimary 
)

Get all blocks that match any IP from an array of IP addresses.

Access: internal
Public to support deprecated method in DatabaseBlock
Parameters
array$ipChainList of IPs (strings), usually retrieved from the X-Forwarded-For header of the request
bool$applySoftBlocksInclude soft blocks (anonymous-only blocks). These should only block anonymous and temporary users.
bool$fromPrimaryWhether to query the primary or replica DB
Returns
DatabaseBlock[]

Definition at line 517 of file BlockManager.php.

◆ getCreateAccountBlock()

MediaWiki\Block\BlockManager::getCreateAccountBlock ( UserIdentity  $user,
?WebRequest  $request,
  $fromReplica 
)

Get the block which applies to a create account action, if there is any.

Since
1.42
Parameters
UserIdentity$user
WebRequest | null$requestThe request, or null to omit IP address and cookie blocks. If the user has the ipblock-exempt right, null should be passed.
bool$fromReplica
Returns
AbstractBlock|null

Definition at line 274 of file BlockManager.php.

References MediaWiki\Request\WebRequest\getIP().

◆ getIpBlock()

MediaWiki\Block\BlockManager::getIpBlock ( string  $ip,
bool  $fromReplica 
)

Get the blocks that apply to an IP address.

If there is only one, return that, otherwise return a composite block that combines the strictest features of the applicable blocks.

Since
1.38
Parameters
string$ip
bool$fromReplica
Returns
AbstractBlock|null

Definition at line 400 of file BlockManager.php.

◆ getUserBlock()

MediaWiki\Block\BlockManager::getUserBlock ( UserIdentity  $user,
  $request,
  $fromReplica,
  $disableIpBlockExemptChecking = false 
)

Get the blocks that apply to a user.

If there is only one, return that, otherwise return a composite block that combines the strictest features of the applicable blocks.

Different blocks may be sought, depending on the user and their permissions. The user may be: (1) The global user (and can be affected by IP blocks). The global request object is needed for checking the IP address, the XFF header and the cookies. (2) The global user (and exempt from IP blocks). The global request object is available. (3) Another user (not the global user). No request object is available or needed; just look for a block against the user account.

Cases #1 and #2 check whether the global user is blocked in practice; the block may due to their user account being blocked or to an IP address block or cookie block (or multiple of these). Case #3 simply checks whether a user's account is blocked, and does not determine whether the person using that account is affected in practice by any IP address or cookie blocks.

Deprecated:
since 1.42 Use getBlock(), which is the same except that it expects the caller to do ipblock-exempt permission checking and to set $request to null if the user is exempt from IP blocks.
Parameters
UserIdentity$user
WebRequest | null$requestThe global request object if the user is the global user (cases #1 and #2), otherwise null (case #3). The IP address and information from the request header are needed to find some types of blocks.
bool$fromReplicaWhether to check the replica DB first. To improve performance, non-critical checks are done against replica DBs. Check when actually saving should be done against primary.
bool$disableIpBlockExemptCheckingThis is used internally to prevent a infinite recursion with autopromote. See T270145.
Returns
AbstractBlock|null The most relevant block, or null if there is no block.

Definition at line 156 of file BlockManager.php.

References MediaWiki\Block\BlockManager\getBlock().

◆ isDnsBlacklisted()

MediaWiki\Block\BlockManager::isDnsBlacklisted (   $ip,
  $checkAllowed = false 
)

Whether the given IP is in a DNS blacklist.

Parameters
string$ipIP to check
bool$checkAllowedWhether to check $wgProxyWhitelist first
Returns
bool True if blacklisted.

Definition at line 661 of file BlockManager.php.

◆ trackBlockWithCookie()

MediaWiki\Block\BlockManager::trackBlockWithCookie ( User  $user,
WebResponse  $response 
)

Set the 'BlockID' cookie depending on block type and user authentication status.

If a block cookie is already set, this will check the block that the cookie references and do the following:

  • If the block is a valid block that should be applied, do nothing and return early. This ensures that the cookie's expiry time is based on the time of the first page load or attempt. (See discussion on T233595.)
  • If the block is invalid (e.g. has expired), clear the cookie and continue to check whether there is another block that should be tracked.
  • If the block is a valid block, but should not be tracked by a cookie, clear the cookie and continue to check whether there is another block that should be tracked.
Since
1.34
Parameters
User$user
WebResponse$responseThe response on which to set the cookie.
Exceptions
LogicExceptionIf called before the User object was loaded.
LogicExceptionIf not called pre-send.

Definition at line 753 of file BlockManager.php.

References MediaWiki\User\User\getBlock(), MediaWiki\User\User\getRequest(), MediaWiki\Request\WebResponse\headersSent(), MediaWiki\User\User\isAnon(), and MediaWiki\User\User\isSafeToLoad().

Member Data Documentation

◆ CONSTRUCTOR_OPTIONS

const MediaWiki\Block\BlockManager::CONSTRUCTOR_OPTIONS
Initial value:
= [
]
const DnsBlacklistUrls
Name constant for the DnsBlacklistUrls setting, for use with Config::get()
const SoftBlockRanges
Name constant for the SoftBlockRanges setting, for use with Config::get()
const CookieSetOnAutoblock
Name constant for the CookieSetOnAutoblock setting, for use with Config::get()
const EnableDnsBlacklist
Name constant for the EnableDnsBlacklist setting, for use with Config::get()
const ApplyIpBlocksToXff
Name constant for the ApplyIpBlocksToXff setting, for use with Config::get()
const ProxyList
Name constant for the ProxyList setting, for use with Config::get()
const ProxyWhitelist
Name constant for the ProxyWhitelist setting, for use with Config::get()
const CookieSetOnIpBlock
Name constant for the CookieSetOnIpBlock setting, for use with Config::get()
const SecretKey
Name constant for the SecretKey setting, for use with Config::get()
Access: internal
For use by ServiceWiring

Definition at line 61 of file BlockManager.php.


The documentation for this class was generated from the following file: