namespace MediaWiki\Block;
use DateTime;
+use DateTimeZone;
use DeferredUpdates;
+use Hooks;
use IP;
use MediaWiki\Config\ServiceOptions;
+use MediaWiki\Permissions\PermissionManager;
use MediaWiki\User\UserIdentity;
use MWCryptHash;
use User;
/** @var WebRequest */
private $currentRequest;
+ /** @var PermissionManager */
+ private $permissionManager;
+
/**
* TODO Make this a const when HHVM support is dropped (T192166)
*
* @var array
* @since 1.34
- * */
+ */
public static $constructorOptions = [
'ApplyIpBlocksToXff',
'CookieSetOnAutoblock',
* @param ServiceOptions $options
* @param User $currentUser
* @param WebRequest $currentRequest
+ * @param PermissionManager $permissionManager
*/
public function __construct(
ServiceOptions $options,
User $currentUser,
- WebRequest $currentRequest
+ WebRequest $currentRequest,
+ PermissionManager $permissionManager
) {
$options->assertRequiredOptions( self::$constructorOptions );
$this->options = $options;
$this->currentUser = $currentUser;
$this->currentRequest = $currentRequest;
+ $this->permissionManager = $permissionManager;
}
/**
*/
public function getUserBlock( User $user, $fromReplica ) {
$isAnon = $user->getId() === 0;
+ $fromMaster = !$fromReplica;
// TODO: If $user is the current user, we should use the current request. Otherwise,
// we should not look for XFF or cookie blocks.
$globalUserName = $sessionUser->isSafeToLoad()
? $sessionUser->getName()
: IP::sanitizeIP( $this->currentRequest->getIP() );
- if ( $user->getName() === $globalUserName && !$user->isAllowed( 'ipblock-exempt' ) ) {
+ if ( $user->getName() === $globalUserName &&
+ !$this->permissionManager->userHasRight( $user, 'ipblock-exempt' ) ) {
$ip = $this->currentRequest->getIP();
}
// User/IP blocking
// After this, $blocks is an array of blocks or an empty array
// TODO: remove dependency on DatabaseBlock
- $blocks = DatabaseBlock::newListFromTarget( $user, $ip, !$fromReplica );
+ $blocks = DatabaseBlock::newListFromTarget( $user, $ip, $fromMaster );
// Cookie blocking
$cookieBlock = $this->getBlockFromCookieValue( $user, $request );
$xff = array_map( 'trim', explode( ',', $xff ) );
$xff = array_diff( $xff, [ $ip ] );
// TODO: remove dependency on DatabaseBlock
- $xffblocks = DatabaseBlock::getBlocksForIPList( $xff, $isAnon, !$fromReplica );
+ $xffblocks = DatabaseBlock::getBlocksForIPList( $xff, $isAnon, $fromMaster );
$blocks = array_merge( $blocks, $xffblocks );
}
// Filter out any duplicated blocks, e.g. from the cookie
$blocks = $this->getUniqueBlocks( $blocks );
+ $block = null;
if ( count( $blocks ) > 0 ) {
if ( count( $blocks ) === 1 ) {
$block = $blocks[ 0 ];
'originalBlocks' => $blocks,
] );
}
- return $block;
}
- return null;
+ Hooks::run( 'GetUserBlock', [ clone $user, $ip, &$block ] );
+
+ return $block;
}
/**
if ( $block instanceof SystemBlock ) {
$systemBlocks[] = $block;
} elseif ( $block->getType() === DatabaseBlock::TYPE_AUTO ) {
+ /** @var DatabaseBlock $block */
+ '@phan-var DatabaseBlock $block';
if ( !isset( $databaseBlocks[$block->getParentBlockId()] ) ) {
$databaseBlocks[$block->getParentBlockId()] = $block;
}
}
}
- return array_merge( $systemBlocks, $databaseBlocks );
+ return array_values( array_merge( $systemBlocks, $databaseBlocks ) );
}
/**
* Try to load a block from an ID given in a cookie value. If the block is invalid
- * or doesn't exist, remove the cookie.
+ * doesn't exist, or the cookie value is malformed, remove the cookie.
*
* @param UserIdentity $user
* @param WebRequest $request
UserIdentity $user,
WebRequest $request
) {
- $blockCookieId = $this->getIdFromCookieValue( $request->getCookie( 'BlockID' ) );
+ $cookieValue = $request->getCookie( 'BlockID' );
+ if ( is_null( $cookieValue ) ) {
+ return false;
+ }
- if ( $blockCookieId !== null ) {
+ $blockCookieId = $this->getIdFromCookieValue( $cookieValue );
+ if ( !is_null( $blockCookieId ) ) {
// TODO: remove dependency on DatabaseBlock
$block = DatabaseBlock::newFromID( $blockCookieId );
if (
$block instanceof DatabaseBlock &&
- $this->shouldApplyCookieBlock( $block, $user->isAnon() )
+ $this->shouldApplyCookieBlock( $block, !$user->isRegistered() )
) {
return $block;
}
- $this->clearBlockCookie( $request->response() );
}
+ $this->clearBlockCookie( $request->response() );
+
return false;
}
}
// Set the cookie. Reformat the MediaWiki datetime as a Unix timestamp for the cookie.
- $expiryValue = DateTime::createFromFormat( 'YmdHis', $expiryTime )->format( 'U' );
+ $expiryValue = DateTime::createFromFormat(
+ 'YmdHis',
+ $expiryTime,
+ new DateTimeZone( 'UTC' )
+ )->format( 'U' );
$cookieOptions = [ 'httpOnly' => false ];
$cookieValue = $this->getCookieValue( $block );
$response->setCookie( 'BlockID', $cookieValue, $expiryValue, $cookieOptions );
dépôts / lhc / web / wiklou.git / blobdiff