}
# bug 15810: blocked admins should have limited access here
if( $wgUser->isBlocked() ){
- $user = User::newFromName( $params['user'] );
- if( $user instanceof User
- && $user->getId() == $wgUser->getId() )
- {
- # User is trying to unblock themselves
- if( !$wgUser->isAllowed( 'unblockself' ) ){
- $this->dieUsageMsg( array( 'ipbnounblockself' ) );
- }
- } else {
- # User is trying to block/unblock someone else
- $this->dieUsageMsg( array( 'ipbblocked' ) );
- }
+ $status = IPBlockForm::checkUnblockSelf( $params['user'] );
+ if( $status !== true ){
+ $this->dieUsageMsg( array( $status ) );
+ }
}
if ( $params['hidename'] && !$wgUser->isAllowed( 'hideuser' ) ) {
$this->dieUsageMsg( array( 'canthide' ) );
}
# bug 15810: blocked admins should have limited access here
if( $wgUser->isBlocked() ){
- $user = User::newFromName( $params['user'] );
- if( $user instanceof User
- && $user->getId() == $wgUser->getId() )
- {
- # User is trying to unblock themselves
- if( !$wgUser->isAllowed( 'unblockself' ) ){
- $this->dieUsageMsg( array( 'ipbnounblockself' ) );
- }
- } else {
- # User is trying to block/unblock someone else
- $this->dieUsageMsg( array( 'ipbblocked' ) );
- }
+ $status = IPBlockForm::checkUnblockSelf( $params['user'] );
+ if( $status !== true ){
+ $this->dieUsageMsg( array( $status ) );
+ }
}
$id = $params['id'];
# bug 15810: blocked admins should have limited access here
if( $wgUser->isBlocked() ){
- $user = User::newFromName( $ipb->BlockAddress );
- if( $user instanceof User
- && $user->getId() == $wgUser->getId() )
- {
- # User is trying to unblock themselves
- if( !$wgUser->isAllowed( 'unblockself' ) ){
- throw new ErrorPageError( 'badaccess', 'ipbnounblockself' );
- }
- } else {
- # User is trying to block/unblock someone else
- throw new ErrorPageError( 'badaccess', 'ipbblocked' );
- }
+ $status = IPBlockForm::checkUnblockSelf( $ipb->BlockAddress );
+ if( $status !== true ){
+ throw new ErrorPageError( 'badaccess', $status );
+ }
}
$action = $wgRequest->getVal( 'action' );
global $wgEnableUserEmail, $wgSysopEmailBans;
return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) );
}
+
+ /**
+ * bug 15810: blocked admins should not be able to block/unblock
+ * others, and probably shouldn't be able to unblock themselves
+ * either.
+ * @param $user User, Int or String
+ */
+ public static function checkUnblockSelf( $user ){
+ global $wgUser;
+ if( is_int( $user ) ){
+ $user = User::newFromId( $user );
+ } elseif ( is_string( $user ) ){
+ $user = User::newFromName( $user );
+ }
+ if( $user instanceof User
+ && $user->getId() == $wgUser->getId() )
+ {
+ # User is trying to unblock themselves
+ if( $wgUser->isAllowed( 'unblockself' ) ){
+ return true;
+ } else {
+ return 'ipbnounblockself';
+ }
+ } else {
+ # User is trying to block/unblock someone else
+ return 'ipbblocked';
+ }
+ }
/**
* Backend block code.
} else {
$user = User::newFromName( $ip );
}
- if( $user instanceof User
- && $user->getId() == $wgUser->getId() )
- {
- # User is trying to unblock themselves
- if( !$wgUser->isAllowed( 'unblockself' ) ){
- throw new ErrorPageError( 'badaccess', 'ipbnounblockself' );
- }
- } else {
- # User is trying to block/unblock someone else
- throw new ErrorPageError( 'badaccess', 'ipbblocked' );
- }
+ $status = IPBlockForm::checkUnblockSelf( $user );
+ if( $status !== true ){
+ throw new ErrorPageError( 'badaccess', $status );
+ }
}
+
if( $action == 'unblock' ){
# Show unblock form
$ipu->showForm( '' );