*/
use MediaWiki\MediaWikiServices;
-use MediaWiki\Revision\RevisionStore;
/**
* @ingroup API
*/
class ApiTag extends ApiBase {
- /** @var RevisionStore */
+ use ApiBlockInfoTrait;
+
+ /** @var \MediaWiki\Revision\RevisionStore */
private $revisionStore;
public function execute() {
// make sure the user is allowed
$this->checkUserRightsAny( 'changetags' );
- // @TODO Use PermissionManager::isBlockedFrom() instead.
+ // Fail early if the user is sitewide blocked.
$block = $user->getBlock();
- if ( $block ) {
+ if ( $block && $block->isSitewide() ) {
$this->dieBlocked( $block );
}
}
protected function processIndividual( $type, $params, $id ) {
+ $user = $this->getUser();
$idResult = [ $type => $id ];
// validate the ID
switch ( $type ) {
case 'rcid':
$valid = RecentChange::newFromId( $id );
+ if ( $valid && $this->getPermissionManager()->isBlockedFrom( $user, $valid->getTitle() ) ) {
+ $idResult['status'] = 'error';
+ $idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+ 'apierror-blocked',
+ 'blocked',
+ [ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+ ) );
+ return $idResult;
+ }
break;
case 'revid':
$valid = $this->revisionStore->getRevisionById( $id );
+ if (
+ $valid &&
+ $this->getPermissionManager()->isBlockedFrom( $user, $valid->getPageAsLinkTarget() )
+ ) {
+ $idResult['status'] = 'error';
+ $idResult += $this->getErrorFormatter()->formatMessage( ApiMessage::create(
+ 'apierror-blocked',
+ 'blocked',
+ [ 'blockinfo' => $this->getBlockDetails( $user->getBlock() ) ]
+ ) );
+ return $idResult;
+ }
break;
case 'logid':
$valid = self::validateLogId( $id );
->userHasRight( $user, 'applychangetags' )
) {
return Status::newFatal( 'tags-apply-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `applychangetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-apply-blocked', $user->getName() );
}
}
->userHasRight( $user, 'changetags' )
) {
return Status::newFatal( 'tags-update-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `changetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-update-blocked', $user->getName() );
}
}
->userHasRight( $user, 'managechangetags' )
) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `managechangetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
->userHasRight( $user, 'managechangetags' )
) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `managechangetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
->userHasRight( $user, 'managechangetags' )
) {
return Status::newFatal( 'tags-manage-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `managechangetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
->userHasRight( $user, 'deletechangetags' )
) {
return Status::newFatal( 'tags-delete-no-permission' );
- } elseif ( $user->getBlock() ) {
- // @TODO Ensure that the block does not apply to the `deletechangetags`
- // right.
+ } elseif ( $user->getBlock() && $user->getBlock()->isSitewide() ) {
return Status::newFatal( 'tags-manage-blocked', $user->getName() );
}
}
'ApiHelp' => \SpecialApiHelp::class,
'Blankpage' => \SpecialBlankpage::class,
'Diff' => \SpecialDiff::class,
- 'EditTags' => \SpecialEditTags::class,
+ 'EditTags' => [
+ 'class' => \SpecialEditTags::class,
+ 'services' => [
+ 'PermissionManager',
+ ],
+ ],
'Emailuser' => \SpecialEmailUser::class,
'Movepage' => \MovePageForm::class,
'Mycontributions' => \SpecialMycontributions::class,
* @ingroup SpecialPage
*/
+use MediaWiki\Permissions\PermissionManager;
+
/**
* Special page for adding and removing change tags to individual revisions.
* A lot of this is copied out of SpecialRevisiondelete.
/** @var string */
private $reason;
- public function __construct() {
+ /** @var PermissionManager */
+ private $permissionManager;
+
+ /**
+ * @inheritDoc
+ *
+ * @param PermissionManager $permissionManager
+ */
+ public function __construct( PermissionManager $permissionManager ) {
parent::__construct( 'EditTags', 'changetags' );
+
+ $this->permissionManager = $permissionManager;
}
public function doesWrites() {
$user = $this->getUser();
$request = $this->getRequest();
- // Check blocks
- // @TODO Use PermissionManager::isBlockedFrom() instead.
- $block = $user->getBlock();
- if ( $block ) {
- throw new UserBlockedError( $block );
- }
-
$this->setHeaders();
$this->outputHeader();
$output->addWikiMsg( 'undelete-header' );
return;
}
+
+ // Check blocks
+ if ( $this->permissionManager->isBlockedFrom( $user, $this->targetObj ) ) {
+ throw new UserBlockedError( $user->getBlock() );
+ }
+
// Give a link to the logs/hist for this page
$this->showConvenienceLinks();