* The MWNamespace class is deprecated. Use MediaWikiServices::getNamespaceInfo.
* ExtensionRegistry->load() is deprecated, as it breaks dependency checking.
Instead, use ->queue().
+* User::isBlocked() is deprecated since it does not tell you if the user is
+ blocked from editing a particular page. Use User::getBlock() or
+ PermissionManager::isBlockedFrom() or PermissionManager::userCan() instead.
* …
=== Other changes in 1.34 ===
case APCOND_IPINRANGE:
return IP::isInRange( $user->getRequest()->getIP(), $cond[1] );
case APCOND_BLOCKED:
- return $user->isBlocked();
+ // @TODO Should partial blocks prevent auto promote?
+ return (bool)$user->getBlock();
case APCOND_ISBOT:
return in_array( 'bot', User::getGroupPermissions( $user->getGroups() ) );
default:
$this->requireOnlyOneParameter( $params, 'user', 'userid' );
# T17810: blocked admins should have limited access here
- if ( $user->isBlocked() ) {
+ $block = $user->getBlock();
+ if ( $block ) {
$status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
if ( $status !== true ) {
$this->dieWithError(
$status,
null,
- [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
+ [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $block ) ]
);
}
}
$vals['anon'] = true;
}
- if ( isset( $this->prop['blockinfo'] ) && $user->isBlocked() ) {
- $vals = array_merge( $vals, self::getBlockInfo( $user->getBlock() ) );
+ if ( isset( $this->prop['blockinfo'] ) ) {
+ $block = $user->getBlock();
+ if ( $block ) {
+ $vals = array_merge( $vals, self::getBlockInfo( $block ) );
+ }
}
if ( isset( $this->prop['hasmsg'] ) ) {
$user = $this->getUser();
$this->checkUserRightsAny( RevisionDeleter::getRestriction( $params['type'] ) );
- if ( $user->isBlocked() ) {
- $this->dieBlocked( $user->getBlock() );
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ $block = $user->getBlock();
+ if ( $block ) {
+ $this->dieBlocked( $block );
}
if ( !$params['ids'] ) {
// make sure the user is allowed
$this->checkUserRightsAny( 'changetags' );
- if ( $user->isBlocked() ) {
- $this->dieBlocked( $user->getBlock() );
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ $block = $user->getBlock();
+ if ( $block ) {
+ $this->dieBlocked( $block );
}
// Check if user can add tags
$this->dieWithError( 'apierror-permissiondenied-unblock', 'permissiondenied' );
}
# T17810: blocked admins should have limited access here
- if ( $user->isBlocked() ) {
+ $block = $user->getBlock();
+ if ( $block ) {
$status = SpecialBlock::checkUnblockSelf( $params['user'], $user );
if ( $status !== true ) {
$this->dieWithError(
$status,
null,
- [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $user->getBlock() ) ]
+ [ 'blockinfo' => ApiQueryUserInfo::getBlockInfo( $block ) ]
);
}
}
// Deny if the user is blocked and doesn't have the full 'userrights' permission.
// This matches what Special:UserRights does for the web UI.
- if ( $pUser->isBlocked() && !$pUser->isAllowed( 'userrights' ) ) {
- $this->dieBlocked( $pUser->getBlock() );
+ if ( !$pUser->isAllowed( 'userrights' ) ) {
+ // @TODO Should the user be blocked from changing user rights if they
+ // are partially blocked?
+ $block = $pUser->getBlock();
+ if ( $block ) {
+ $this->dieBlocked( $block );
+ }
}
$params = $this->extractRequestParams();
}
public function beginSecondaryAuthentication( $user, array $reqs ) {
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
if ( !$this->blockDisablesLogin ) {
return AuthenticationResponse::newAbstain();
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
return AuthenticationResponse::newFail(
new \Message( 'login-userblocked', [ $user->getName() ] )
);
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'applychangetags' ) ) {
return Status::newFatal( 'tags-apply-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `applychangetags`
+ // right.
return Status::newFatal( 'tags-apply-blocked', $user->getName() );
}
}
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'changetags' ) ) {
return Status::newFatal( 'tags-update-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `changetags`
+ // right.
return Status::newFatal( 'tags-update-blocked', $user->getName() );
}
}
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'managechangetags' ) ) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `managechangetags`
+ // right.
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'managechangetags' ) ) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `managechangetags`
+ // right.
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'managechangetags' ) ) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `managechangetags`
+ // right.
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
if ( !is_null( $user ) ) {
if ( !$user->isAllowed( 'deletechangetags' ) ) {
return Status::newFatal( 'tags-delete-no-permission' );
- } elseif ( $user->isBlocked() ) {
+ } elseif ( $user->getBlock() ) {
+ // @TODO Ensure that the block does not apply to the `deletechangetags`
+ // right.
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
&& $watchingUser->isEmailConfirmed()
&& $watchingUser->getId() != $userTalkId
&& !in_array( $watchingUser->getName(), $wgUsersNotifiedOnAllChanges )
- && !( $wgBlockDisablesLogin && $watchingUser->isBlocked() )
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
+ && !( $wgBlockDisablesLogin && $watchingUser->getBlock() )
&& Hooks::run( 'SendWatchlistEmailNotification', [ $watchingUser, $title, $this ] )
) {
$this->compose( $watchingUser, self::WATCHLIST );
wfDebug( __METHOD__ . ": user talk page edited, but user does not exist\n" );
} elseif ( $targetUser->getId() == $editor->getId() ) {
wfDebug( __METHOD__ . ": user edited their own talk page, no notification sent\n" );
- } elseif ( $wgBlockDisablesLogin && $targetUser->isBlocked() ) {
+ } elseif ( $wgBlockDisablesLogin && $targetUser->getBlock() ) {
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
wfDebug( __METHOD__ . ": talk page owner is blocked and cannot login, no notification sent\n" );
} elseif ( $targetUser->getOption( 'enotifusertalkpages' )
&& ( !$minorEdit || $targetUser->getOption( 'enotifminoredits' ) )
} elseif ( is_string( $target ) ) {
$target = User::newFromName( $target );
}
- if ( $performer->isBlocked() ) {
+ if ( $performer->getBlock() ) {
if ( $target instanceof User && $target->getId() == $performer->getId() ) {
# User is trying to unblock themselves
+ // @TODO Ensure that the block does not apply to the `unblockself`
+ // right.
if ( $performer->isAllowed( 'unblockself' ) ) {
return true;
# User blocked themselves and is now trying to reverse it
if ( ( $id !== null ) || ( $id === null && IP::isIPAddress( $username ) ) ) {
if ( $sp->getUser()->isAllowed( 'block' ) ) { # Block / Change block / Unblock links
- if ( $target->isBlocked() && $target->getBlock()->getType() != Block::TYPE_AUTO ) {
+ if ( $target->getBlock() && $target->getBlock()->getType() != Block::TYPE_AUTO ) {
$tools['block'] = $linkRenderer->makeKnownLink( # Change block link
SpecialPage::getTitleFor( 'Block', $username ),
$sp->msg( 'change-blocklink' )->text()
$request = $this->getRequest();
// Check blocks
- if ( $user->isBlocked() ) {
- throw new UserBlockedError( $user->getBlock() );
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ $block = $user->getBlock();
+ if ( $block ) {
+ throw new UserBlockedError( $block );
}
$this->setHeaders();
$user = $this->getUser();
// Check blocks
- if ( $user->isBlocked() ) {
- throw new UserBlockedError( $user->getBlock() );
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ $block = $user->getBlock();
+ if ( $block ) {
+ throw new UserBlockedError( $block );
}
$this->setHeaders();
* (e.g. they don't have the userrights permission), then don't
* allow them to change any user rights.
*/
- if ( $user->isBlocked() && !$user->isAllowed( 'userrights' ) ) {
- throw new UserBlockedError( $user->getBlock() );
+ if ( !$user->isAllowed( 'userrights' ) ) {
+ // @TODO Should the user be blocked from changing user rights if they
+ // are partially blocked?
+ $block = $user->getBlock();
+ if ( $block ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
}
$this->checkReadOnly();
$user = $session->getUser();
if ( $user->isLoggedIn() ) {
$this->loadFromUserObject( $user );
- if ( $user->isBlocked() ) {
+ if ( $user->getBlock() ) {
// If this user is autoblocked, set a cookie to track the Block. This has to be done on
// every session load, because an autoblocked editor might not edit again from the same
// IP address after being blocked.
/**
* Check if user is blocked
*
+ * @deprecated since 1.34, use User::getBlock() or
+ * PermissionManager::isBlockedFrom() or
+ * PermissionManager::userCan() instead.
+ *
* @param bool $fromReplica Whether to check the replica DB instead of
* the master. Hacked from false due to horrible probs on site.
* @return bool True if blocked, false otherwise
// $user->isAllowed(). It is also checked in Title::checkUserBlock()
// to give a better error message in the common case.
$config = RequestContext::getMain()->getConfig();
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
if (
$this->isLoggedIn() &&
$config->get( 'BlockDisablesLogin' ) &&
- $this->isBlocked()
+ $this->getBlock()
) {
$anon = new User;
$this->mRights = array_intersect( $this->mRights, $anon->getRights() );
* @return bool A block was spread
*/
public function spreadAnyEditBlock() {
- if ( $this->isLoggedIn() && $this->isBlocked() ) {
+ if ( $this->isLoggedIn() && $this->getBlock() ) {
return $this->spreadBlock();
}
if ( $checkUserBlock && ( ( $processed % $checkUserBlock ) == 0 ) ) {
$user->clearInstanceCache( 'name' ); // reload from DB!
- if ( $user->isBlocked() ) {
+ // @TODO Use PermissionManager::isBlockedFrom() instead.
+ if ( $user->getBlock() ) {
$this->output( $user->getName() . " was blocked! Aborting.\n" );
break;
}
// Confirm that the block has been applied as required.
$this->assertTrue( $user1->isLoggedIn() );
- $this->assertTrue( $user1->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user1->getBlock() );
$this->assertEquals( Block::TYPE_USER, $block->getType() );
$this->assertTrue( $block->isAutoblocking() );
$this->assertGreaterThanOrEqual( 1, $block->getId() );
$this->assertNotEquals( $user1->getToken(), $user2->getToken() );
$this->assertTrue( $user2->isAnon() );
$this->assertFalse( $user2->isLoggedIn() );
- $this->assertTrue( $user2->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user2->getBlock() );
// Non-strict type-check.
$this->assertEquals( true, $user2->getBlock()->isAutoblocking(), 'Autoblock does not work' );
// Can't directly compare the objects because of member type differences.
$user3 = User::newFromSession( $request3 );
$user3->load();
$this->assertTrue( $user3->isLoggedIn() );
- $this->assertTrue( $user3->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user3->getBlock() );
$this->assertEquals( true, $user3->getBlock()->isAutoblocking() ); // Non-strict type-check.
// Clean up.
// 2. Test that the cookie IS NOT present.
$this->assertTrue( $user->isLoggedIn() );
- $this->assertTrue( $user->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user->getBlock() );
$this->assertEquals( Block::TYPE_USER, $block->getType() );
$this->assertTrue( $block->isAutoblocking() );
$this->assertGreaterThanOrEqual( 1, $user->getBlockId() );
// 2. Test the cookie's expiry timestamp.
$this->assertTrue( $user1->isLoggedIn() );
- $this->assertTrue( $user1->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user1->getBlock() );
$this->assertEquals( Block::TYPE_USER, $block->getType() );
$this->assertTrue( $block->isAutoblocking() );
$this->assertGreaterThanOrEqual( 1, $user1->getBlockId() );
$user2->load();
$this->assertTrue( $user2->isAnon() );
$this->assertFalse( $user2->isLoggedIn() );
- $this->assertFalse( $user2->isBlocked() );
+ $this->assertNull( $user2->getBlock() );
// Clean up.
$block->delete();
$user1 = User::newFromSession( $request1 );
$user1->mBlock = $block;
$user1->load();
- $this->assertTrue( $user1->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user1->getBlock() );
// 2. Create a new request, set the cookie to just the block ID, and the user should
// still get blocked when they log in again.
$this->assertNotEquals( $user1->getToken(), $user2->getToken() );
$this->assertTrue( $user2->isAnon() );
$this->assertFalse( $user2->isLoggedIn() );
- $this->assertTrue( $user2->isBlocked() );
+ $this->assertInstanceOf( Block::class, $user2->getBlock() );
$this->assertEquals( true, $user2->getBlock()->isAutoblocking() ); // Non-strict type-check.
// Clean up.
$user = User::newFromSession( $request );
// logged in users should be inmune to cookie block of type ip/range
- $this->assertFalse( $user->isBlocked() );
+ $this->assertNull( $user->getBlock() );
// cookie is being cleared
$cookies = $request->response()->getCookies();