- # We only need to worry about passing the IP address to the block generator if the
- # user is not immune to autoblocks/hardblocks, and they are the current user so we
- # know which IP address they're actually coming from
- $ip = null;
- $sessionUser = $this->currentUser;
- // the session user is set up towards the end of Setup.php. Until then,
- // assume it's a logged-out user.
- $globalUserName = $sessionUser->isSafeToLoad()
- ? $sessionUser->getName()
- : IP::sanitizeIP( $this->currentRequest->getIP() );
- if ( $user->getName() === $globalUserName &&
- !$this->permissionManager->userHasRight( $user, 'ipblock-exempt' ) ) {
- $ip = $this->currentRequest->getIP();
+ if ( $request && $checkIpBlocks ) {
+
+ // Case #1: checking the global user, including IP blocks
+ $ip = $request->getIP();
+ // TODO: remove dependency on DatabaseBlock (T221075)
+ $blocks = DatabaseBlock::newListFromTarget( $user, $ip, $fromMaster );
+ $this->getAdditionalIpBlocks( $blocks, $request, !$user->isRegistered(), $fromMaster );
+ $this->getCookieBlock( $blocks, $user, $request );
+
+ } elseif ( $request ) {
+
+ // Case #2: checking the global user, but they are exempt from IP blocks
+ // TODO: remove dependency on DatabaseBlock (T221075)
+ $blocks = DatabaseBlock::newListFromTarget( $user, null, $fromMaster );
+ $this->getCookieBlock( $blocks, $user, $request );
+
+ } else {
+
+ // Case #3: checking whether a user's account is blocked
+ // TODO: remove dependency on DatabaseBlock (T221075)
+ $blocks = DatabaseBlock::newListFromTarget( $user, null, $fromMaster );
+
+ }
+
+ // Filter out any duplicated blocks, e.g. from the cookie
+ $blocks = $this->getUniqueBlocks( $blocks );
+
+ $block = null;
+ if ( count( $blocks ) > 0 ) {
+ if ( count( $blocks ) === 1 ) {
+ $block = $blocks[ 0 ];
+ } else {
+ $block = new CompositeBlock( [
+ 'address' => $ip,
+ 'byText' => 'MediaWiki default',
+ 'reason' => wfMessage( 'blockedtext-composite-reason' )->plain(),
+ 'originalBlocks' => $blocks,
+ ] );
+ }