}
public function execute() {
+ $pUser = $this->getUser();
+
+ // Deny if the user is blocked and doesn't have the full 'userrights' permission.
+ // This matches what Special:UserRights does for the web UI.
+ if ( $pUser->isBlocked() && !$pUser->isAllowed( 'userrights' ) ) {
+ $this->dieBlocked( $pUser->getBlock() );
+ }
+
$params = $this->extractRequestParams();
$user = $this->getUrUser( $params );
);
$result = $this->getResult();
- $result->setIndexedTagName( $r['added'], 'group' );
- $result->setIndexedTagName( $r['removed'], 'group' );
+ ApiResult::setIndexedTagName( $r['added'], 'group' );
+ ApiResult::setIndexedTagName( $r['removed'], 'group' );
$result->addValue( null, $this->getModuleName(), $r );
}
public function getAllowedParams() {
return array(
'user' => array(
- ApiBase::PARAM_TYPE => 'string',
+ ApiBase::PARAM_TYPE => 'user',
),
'userid' => array(
ApiBase::PARAM_TYPE => 'integer',
return $this->getUrUser( $params )->getName();
}
- public function getExamplesMessages() {
+ protected function getExamplesMessages() {
return array(
'action=userrights&user=FooBot&add=bot&remove=sysop|bureaucrat&token=123ABC'
=> 'apihelp-userrights-example-user',