includes/api/ApiBlock.php

   1 <?php
   2
   3 /*
   4  * Created on Sep 4, 2007
   5  * API for MediaWiki 1.8+
   6  *
   7  * Copyright (C) 2007 Roan Kattouw <Firstname>.<Lastname>@home.nl
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License along
  20  * with this program; if not, write to the Free Software Foundation, Inc.,
  21  * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  22  * http://www.gnu.org/copyleft/gpl.html
  23  */
  24
  25 if (!defined('MEDIAWIKI')) {
  26         // Eclipse helper - will be ignored in production
  27         require_once ("ApiBase.php");
  28 }
  29
  30 /**
  31 * API module that facilitates the blocking of users. Requires API write mode
  32 * to be enabled.
  33 *
  34  * @ingroup API
  35  */
  36 class ApiBlock extends ApiBase {
  37
  38         /**
  39          * Std ctor.
  40          */
  41         public function __construct($main, $action) {
  42                 parent :: __construct($main, $action);
  43         }
  44
  45         /**
  46          * Blocks the user specified in the parameters for the given expiry, with the
  47          * given reason, and with all other settings provided in the params. If the block
  48          * succeeds, produces a result containing the details of the block and notice
  49          * of success. If it fails, the result will specify the nature of the error.
  50          */
  51         public function execute() {
  52                 global $wgUser, $wgBlockAllowsUTEdit;
  53                 $this->getMain()->requestWriteMode();
  54                 $params = $this->extractRequestParams();
  55
  56                 if($params['gettoken'])
  57                 {
  58                         $res['blocktoken'] = $wgUser->editToken();
  59                         $this->getResult()->addValue(null, $this->getModuleName(), $res);
  60                         return;
  61                 }
  62
  63                 if(is_null($params['user']))
  64                         $this->dieUsageMsg(array('missingparam', 'user'));
  65                 if(is_null($params['token']))
  66                         $this->dieUsageMsg(array('missingparam', 'token'));
  67                 if(!$wgUser->matchEditToken($params['token']))
  68                         $this->dieUsageMsg(array('sessionfailure'));
  69                 if(!$wgUser->isAllowed('block'))
  70                         $this->dieUsageMsg(array('cantblock'));
  71                 if($params['hidename'] && !$wgUser->isAllowed('hideuser'))
  72                         $this->dieUsageMsg(array('canthide'));
  73                 if($params['noemail'] && !$wgUser->isAllowed('blockemail'))
  74                         $this->dieUsageMsg(array('cantblock-email'));
  75
  76                 $form = new IPBlockForm('');
  77                 $form->BlockAddress = $params['user'];
  78                 $form->BlockReason = (is_null($params['reason']) ? '' : $params['reason']);
  79                 $form->BlockReasonList = 'other';
  80                 $form->BlockExpiry = ($params['expiry'] == 'never' ? 'infinite' : $params['expiry']);
  81                 $form->BlockOther = '';
  82                 $form->BlockAnonOnly = $params['anononly'];
  83                 $form->BlockCreateAccount = $params['nocreate'];
  84                 $form->BlockEnableAutoblock = $params['autoblock'];
  85                 $form->BlockEmail = $params['noemail'];
  86                 $form->BlockHideName = $params['hidename'];
  87                 $form->BlockAllowUsertalk = $params['allowusertalk'] && $wgBlockAllowsUTEdit;
  88
  89                 $userID = $expiry = null;
  90                 $retval = $form->doBlock($userID, $expiry);
  91                 if(count($retval))
  92                         // We don't care about multiple errors, just report one of them
  93                         $this->dieUsageMsg($retval);
  94
  95                 $res['user'] = $params['user'];
  96                 $res['userID'] = $userID;
  97                 $res['expiry'] = ($expiry == Block::infinity() ? 'infinite' : wfTimestamp(TS_ISO_8601, $expiry));
  98                 $res['reason'] = $params['reason'];
  99                 if($params['anononly'])
 100                         $res['anononly'] = '';
 101                 if($params['nocreate'])
 102                         $res['nocreate'] = '';
 103                 if($params['autoblock'])
 104                         $res['autoblock'] = '';
 105                 if($params['noemail'])
 106                         $res['noemail'] = '';
 107                 if($params['hidename'])
 108                         $res['hidename'] = '';
 109                 if($params['allowusertalk'])
 110                         $res['allowusertalk'] = '';
 111
 112                 $this->getResult()->addValue(null, $this->getModuleName(), $res);
 113         }
 114
 115         public function mustBePosted() { return true; }
 116
 117         public function getAllowedParams() {
 118                 global $wgBlockAllowsUTEdit;
 119                 return array (
 120                         'user' => null,
 121                         'token' => null,
 122                         'gettoken' => false,
 123                         'expiry' => 'never',
 124                         'reason' => null,
 125                         'anononly' => false,
 126                         'nocreate' => false,
 127                         'autoblock' => false,
 128                         'noemail' => false,
 129                         'hidename' => false,
 130                         'allowusertalk' => $wgBlockAllowsUTEdit,
 131                 );
 132         }
 133
 134         public function getParamDescription() {
 135                 return array (
 136                         'user' => 'Username, IP address or IP range you want to block',
 137                         'token' => 'A block token previously obtained through the gettoken parameter',
 138                         'gettoken' => 'If set, a block token will be returned, and no other action will be taken',
 139                         'expiry' => 'Relative expiry time, e.g. \'5 months\' or \'2 weeks\'. If set to \'infinite\', \'indefinite\' or \'never\', the block will never expire.',
 140                         'reason' => 'Reason for block (optional)',
 141                         'anononly' => 'Block anonymous users only (i.e. disable anonymous edits for this IP)',
 142                         'nocreate' => 'Prevent account creation',
 143                         'autoblock' => 'Automatically block the last used IP address, and any subsequent IP addresses they try to login from',
 144                         'noemail' => 'Prevent user from sending e-mail through the wiki. (Requires the "blockemail" right.)',
 145                         'hidename' => 'Hide the username from the block log. (Requires the "hideuser" right.)',
 146                         'allowusertalk' => 'Whether to allow the user to edit their own talk page (Dependent on $wgBlockAllowsUTEdit)'
 147                 );
 148         }
 149
 150         public function getDescription() {
 151                 return array(
 152                         'Block a user.'
 153                 );
 154         }
 155
 156         protected function getExamples() {
 157                 return array (
 158                         'api.php?action=block&user=123.5.5.12&expiry=3%20days&reason=First%20strike',
 159                         'api.php?action=block&user=Vandal&expiry=never&reason=Vandalism&nocreate&autoblock&noemail'
 160                 );
 161         }
 162
 163         public function getVersion() {
 164                 return __CLASS__ . ': $Id$';
 165         }
 166 }