dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
API: Make output containing private or user-specific data uncacheable for logged...
[lhc/web/wiklou.git] / includes / api / ApiQueryBlocks.php
1 <?php
2
3 /**
4 * Created on Sep 10, 2007
5 *
6 * API for MediaWiki 1.8+
7 *
8 * Copyright © 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
23 * http://www.gnu.org/copyleft/gpl.html
24 */
25
26 if ( !defined( 'MEDIAWIKI' ) ) {
27 // Eclipse helper - will be ignored in production
28 require_once( 'ApiQueryBase.php' );
29 }
30
31 /**
32 * Query module to enumerate all available pages.
33 *
34 * @ingroup API
35 */
36 class ApiQueryBlocks extends ApiQueryBase {
37
38 var $users;
39
40 public function __construct( $query, $moduleName ) {
41 parent::__construct( $query, $moduleName, 'bk' );
42 }
43
44 public function execute() {
45 global $wgUser;
46
47 $params = $this->extractRequestParams();
48 if ( isset( $params['users'] ) && isset( $params['ip'] ) ) {
49 $this->dieUsage( 'bkusers and bkip cannot be used together', 'usersandip' );
50 }
51
52 $prop = array_flip( $params['prop'] );
53 $fld_id = isset( $prop['id'] );
54 $fld_user = isset( $prop['user'] );
55 $fld_by = isset( $prop['by'] );
56 $fld_timestamp = isset( $prop['timestamp'] );
57 $fld_expiry = isset( $prop['expiry'] );
58 $fld_reason = isset( $prop['reason'] );
59 $fld_range = isset( $prop['range'] );
60 $fld_flags = isset( $prop['flags'] );
61
62 $result = $this->getResult();
63 $pageSet = $this->getPageSet();
64 $titles = $pageSet->getTitles();
65 $data = array();
66
67 $this->addTables( 'ipblocks' );
68 $this->addFields( 'ipb_auto' );
69
70 if ( $fld_id ) {
71 $this->addFields( 'ipb_id' );
72 }
73 if ( $fld_user ) {
74 $this->addFields( array( 'ipb_address', 'ipb_user' ) );
75 }
76 if ( $fld_by ) {
77 $this->addTables( 'user' );
78 $this->addFields( array( 'ipb_by', 'user_name' ) );
79 $this->addWhere( 'user_id = ipb_by' );
80 }
81 if ( $fld_timestamp ) {
82 $this->addFields( 'ipb_timestamp' );
83 }
84 if ( $fld_expiry ) {
85 $this->addFields( 'ipb_expiry' );
86 }
87 if ( $fld_reason ) {
88 $this->addFields( 'ipb_reason' );
89 }
90 if ( $fld_range ) {
91 $this->addFields( array( 'ipb_range_start', 'ipb_range_end' ) );
92 }
93 if ( $fld_flags ) {
94 $this->addFields( array( 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock', 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk' ) );
95 }
96
97 $this->addOption( 'LIMIT', $params['limit'] + 1 );
98 $this->addWhereRange( 'ipb_timestamp', $params['dir'], $params['start'], $params['end'] );
99 if ( isset( $params['ids'] ) ) {
100 $this->addWhereFld( 'ipb_id', $params['ids'] );
101 }
102 if ( isset( $params['users'] ) ) {
103 foreach ( (array)$params['users'] as $u ) {
104 $this->prepareUsername( $u );
105 }
106 $this->addWhereFld( 'ipb_address', $this->usernames );
107 $this->addWhereFld( 'ipb_auto', 0 );
108 }
109 if ( isset( $params['ip'] ) ) {
110 list( $ip, $range ) = IP::parseCIDR( $params['ip'] );
111 if ( $ip && $range ) {
112 // We got a CIDR range
113 if ( $range < 16 )
114 $this->dieUsage( 'CIDR ranges broader than /16 are not accepted', 'cidrtoobroad' );
115 $lower = wfBaseConvert( $ip, 10, 16, 8, false );
116 $upper = wfBaseConvert( $ip + pow( 2, 32 - $range ) - 1, 10, 16, 8, false );
117 } else {
118 $lower = $upper = IP::toHex( $params['ip'] );
119 }
120 $prefix = substr( $lower, 0, 4 );
121
122 $db = $this->getDB();
123 $this->addWhere( array(
124 'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
125 "ipb_range_start <= '$lower'",
126 "ipb_range_end >= '$upper'",
127 'ipb_auto' => 0
128 ) );
129 }
130
131 // Make sure private data (deleted blocks) isn't cached
132 $this->getMain()->setVaryCookie();
133 if ( !$wgUser->isAllowed( 'hideuser' ) ) {
134 $this->addWhereFld( 'ipb_deleted', 0 );
135 }
136
137 // Purge expired entries on one in every 10 queries
138 if ( !mt_rand( 0, 10 ) ) {
139 Block::purgeExpired();
140 }
141
142 $res = $this->select( __METHOD__ );
143
144 $count = 0;
145 while ( $row = $res->fetchObject() ) {
146 if ( ++$count > $params['limit'] ) {
147 // We've had enough
148 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
149 break;
150 }
151 $block = array();
152 if ( $fld_id ) {
153 $block['id'] = $row->ipb_id;
154 }
155 if ( $fld_user && !$row->ipb_auto ) {
156 $block['user'] = $row->ipb_address;
157 }
158 if ( $fld_by ) {
159 $block['by'] = $row->user_name;
160 }
161 if ( $fld_timestamp ) {
162 $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
163 }
164 if ( $fld_expiry ) {
165 $block['expiry'] = Block::decodeExpiry( $row->ipb_expiry, TS_ISO_8601 );
166 }
167 if ( $fld_reason ) {
168 $block['reason'] = $row->ipb_reason;
169 }
170 if ( $fld_range && !$row->ipb_auto ) {
171 $block['rangestart'] = IP::hexToQuad( $row->ipb_range_start );
172 $block['rangeend'] = IP::hexToQuad( $row->ipb_range_end );
173 }
174 if ( $fld_flags ) {
175 // For clarity, these flags use the same names as their action=block counterparts
176 if ( $row->ipb_auto ) {
177 $block['automatic'] = '';
178 }
179 if ( $row->ipb_anon_only ) {
180 $block['anononly'] = '';
181 }
182 if ( $row->ipb_create_account ) {
183 $block['nocreate'] = '';
184 }
185 if ( $row->ipb_enable_autoblock ) {
186 $block['autoblock'] = '';
187 }
188 if ( $row->ipb_block_email ) {
189 $block['noemail'] = '';
190 }
191 if ( $row->ipb_deleted ) {
192 $block['hidden'] = '';
193 }
194 if ( $row->ipb_allow_usertalk ) {
195 $block['allowusertalk'] = '';
196 }
197 }
198 $fit = $result->addValue( array( 'query', $this->getModuleName() ), null, $block );
199 if ( !$fit ) {
200 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
201 break;
202 }
203 }
204 $result->setIndexedTagName_internal( array( 'query', $this->getModuleName() ), 'block' );
205 }
206
207 protected function prepareUsername( $user ) {
208 if ( !$user ) {
209 $this->dieUsage( 'User parameter may not be empty', 'param_user' );
210 }
211 $name = User::isIP( $user )
212 ? $user
213 : User::getCanonicalName( $user, 'valid' );
214 if ( $name === false ) {
215 $this->dieUsage( "User name {$user} is not valid", 'param_user' );
216 }
217 $this->usernames[] = $name;
218 }
219
220 public function getAllowedParams() {
221 return array(
222 'start' => array(
223 ApiBase::PARAM_TYPE => 'timestamp'
224 ),
225 'end' => array(
226 ApiBase::PARAM_TYPE => 'timestamp',
227 ),
228 'dir' => array(
229 ApiBase::PARAM_TYPE => array(
230 'newer',
231 'older'
232 ),
233 ApiBase::PARAM_DFLT => 'older'
234 ),
235 'ids' => array(
236 ApiBase::PARAM_TYPE => 'integer',
237 ApiBase::PARAM_ISMULTI => true
238 ),
239 'users' => array(
240 ApiBase::PARAM_ISMULTI => true
241 ),
242 'ip' => null,
243 'limit' => array(
244 ApiBase::PARAM_DFLT => 10,
245 ApiBase::PARAM_TYPE => 'limit',
246 ApiBase::PARAM_MIN => 1,
247 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
248 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
249 ),
250 'prop' => array(
251 ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
252 ApiBase::PARAM_TYPE => array(
253 'id',
254 'user',
255 'by',
256 'timestamp',
257 'expiry',
258 'reason',
259 'range',
260 'flags'
261 ),
262 ApiBase::PARAM_ISMULTI => true
263 )
264 );
265 }
266
267 public function getParamDescription() {
268 return array(
269 'start' => 'The timestamp to start enumerating from',
270 'end' => 'The timestamp to stop enumerating at',
271 'dir' => 'The direction in which to enumerate',
272 'ids' => 'Pipe-separated list of block IDs to list (optional)',
273 'users' => 'Pipe-separated list of users to search for (optional)',
274 'ip' => array( 'Get all blocks applying to this IP or CIDR range, including range blocks.',
275 'Cannot be used together with bkusers. CIDR ranges broader than /16 are not accepted' ),
276 'limit' => 'The maximum amount of blocks to list',
277 'prop' => array(
278 'Which properties to get',
279 ' id - Adds the id of the block',
280 ' user - Adds the username of the blocked user',
281 ' by - Adds the username of the blocking admin',
282 ' timestamp - Adds the timestamp of when the block was given',
283 ' expiry - Adds the timestamp of when the block expires',
284 ' reason - Adds the reason given for the block',
285 ' range - Adds the range of IPs affected by the block',
286 ' flags - Tags the ban with (autoblock, anononly, etc)',
287 ),
288 );
289 }
290
291 public function getDescription() {
292 return 'List all blocked users and IP addresses';
293 }
294
295 public function getPossibleErrors() {
296 return array_merge( parent::getPossibleErrors(), array(
297 array( 'code' => 'usersandip', 'info' => 'bkusers and bkip cannot be used together' ),
298 array( 'code' => 'cidrtoobroad', 'info' => 'CIDR ranges broader than /16 are not accepted' ),
299 array( 'code' => 'param_user', 'info' => 'User parameter may not be empty' ),
300 array( 'code' => 'param_user', 'info' => 'User name user is not valid' ),
301 ) );
302 }
303
304 protected function getExamples() {
305 return array(
306 'api.php?action=query&list=blocks',
307 'api.php?action=query&list=blocks&bkusers=Alice|Bob'
308 );
309 }
310
311 public function getVersion() {
312 return __CLASS__ . ': $Id$';
313 }
314 }
Wiklou, le Wiki du Wiklou