r64256 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r64255‎ \| r64256 \| r64257 >
Date:	15:05, 27 March 2010
Author:	happy-melon
Status:	ok
Tags:
Comment:	Per r64228 CR: make the check a static method in IPBlockForm to reduce duplication.
Modified paths:	/trunk/phase3/includes/api/ApiBlock.php (modified) (history) /trunk/phase3/includes/api/ApiUnblock.php (modified) (history) /trunk/phase3/includes/specials/SpecialBlockip.php (modified) (history) /trunk/phase3/includes/specials/SpecialIpblocklist.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/api/ApiUnblock.php
—	—	@@ -64,18 +64,10 @@
65	65	}
66	66	# bug 15810: blocked admins should have limited access here
67	67	if( $wgUser->isBlocked() ){
68		~~- $user = User::newFromName( $params['user'] );~~
69		~~- if( $user instanceof User~~
70		~~- && $user->getId() == $wgUser->getId() )~~
71		~~- {~~
72		~~- # User is trying to unblock themselves~~
73		~~- if( !$wgUser->isAllowed( 'unblockself' ) ){~~
74		~~- $this->dieUsageMsg( array( 'ipbnounblockself' ) );~~
75		~~- }~~
76		~~- } else {~~
77		~~- # User is trying to block/unblock someone else~~
78		~~- $this->dieUsageMsg( array( 'ipbblocked' ) );~~
79		~~- }~~
	68	+ $status = IPBlockForm::checkUnblockSelf( $params['user'] );
	69	+ if( $status !== true ){
	70	+ $this->dieUsageMsg( array( $status ) );
	71	+ }
80	72	}
81	73
82	74	$id = $params['id'];
Index: trunk/phase3/includes/api/ApiBlock.php
—	—	@@ -66,18 +66,10 @@
67	67	}
68	68	# bug 15810: blocked admins should have limited access here
69	69	if( $wgUser->isBlocked() ){
70		~~- $user = User::newFromName( $params['user'] );~~
71		~~- if( $user instanceof User~~
72		~~- && $user->getId() == $wgUser->getId() )~~
73		~~- {~~
74		~~- # User is trying to unblock themselves~~
75		~~- if( !$wgUser->isAllowed( 'unblockself' ) ){~~
76		~~- $this->dieUsageMsg( array( 'ipbnounblockself' ) );~~
77		~~- }~~
78		~~- } else {~~
79		~~- # User is trying to block/unblock someone else~~
80		~~- $this->dieUsageMsg( array( 'ipbblocked' ) );~~
81		~~- }~~
	70	+ $status = IPBlockForm::checkUnblockSelf( $params['user'] );
	71	+ if( $status !== true ){
	72	+ $this->dieUsageMsg( array( $status ) );
	73	+ }
82	74	}
83	75	if ( $params['hidename'] && !$wgUser->isAllowed( 'hideuser' ) ) {
84	76	$this->dieUsageMsg( array( 'canthide' ) );
Index: trunk/phase3/includes/specials/SpecialIpblocklist.php
—	—	@@ -41,18 +41,12 @@
42	42	} else {
43	43	$user = User::newFromName( $ip );
44	44	}
45		~~- if( $user instanceof User~~
46		~~- && $user->getId() == $wgUser->getId() )~~
47		~~- {~~
48		~~- # User is trying to unblock themselves~~
49		~~- if( !$wgUser->isAllowed( 'unblockself' ) ){~~
50		~~- throw new ErrorPageError( 'badaccess', 'ipbnounblockself' );~~
51		~~- }~~
52		~~- } else {~~
53		~~- # User is trying to block/unblock someone else~~
54		~~- throw new ErrorPageError( 'badaccess', 'ipbblocked' );~~
55		~~- }~~
	45	+ $status = IPBlockForm::checkUnblockSelf( $user );
	46	+ if( $status !== true ){
	47	+ throw new ErrorPageError( 'badaccess', $status );
	48	+ }
56	49	}
	50	+
57	51	if( $action == 'unblock' ){
58	52	# Show unblock form
59	53	$ipu->showForm( '' );
Index: trunk/phase3/includes/specials/SpecialBlockip.php
—	—	@@ -27,18 +27,10 @@
28	28
29	29	# bug 15810: blocked admins should have limited access here
30	30	if( $wgUser->isBlocked() ){
31		~~- $user = User::newFromName( $ipb->BlockAddress );~~
32		~~- if( $user instanceof User~~
33		~~- && $user->getId() == $wgUser->getId() )~~
34		~~- {~~
35		~~- # User is trying to unblock themselves~~
36		~~- if( !$wgUser->isAllowed( 'unblockself' ) ){~~
37		~~- throw new ErrorPageError( 'badaccess', 'ipbnounblockself' );~~
38		~~- }~~
39		~~- } else {~~
40		~~- # User is trying to block/unblock someone else~~
41		~~- throw new ErrorPageError( 'badaccess', 'ipbblocked' );~~
42		~~- }~~
	31	+ $status = IPBlockForm::checkUnblockSelf( $ipb->BlockAddress );
	32	+ if( $status !== true ){
	33	+ throw new ErrorPageError( 'badaccess', $status );
	34	+ }
43	35	}
44	36
45	37	$action = $wgRequest->getVal( 'action' );
—	—	@@ -376,6 +368,34 @@
377	369	global $wgEnableUserEmail, $wgSysopEmailBans;
378	370	return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) );
379	371	}
	372	+
	373	+ /**
	374	+ * bug 15810: blocked admins should not be able to block/unblock
	375	+ * others, and probably shouldn't be able to unblock themselves
	376	+ * either.
	377	+ * @param $user User, Int or String
	378	+ */
	379	+ public static function checkUnblockSelf( $user ){
	380	+ global $wgUser;
	381	+ if( is_int( $user ) ){
	382	+ $user = User::newFromId( $user );
	383	+ } elseif ( is_string( $user ) ){
	384	+ $user = User::newFromName( $user );
	385	+ }
	386	+ if( $user instanceof User
	387	+ && $user->getId() == $wgUser->getId() )
	388	+ {
	389	+ # User is trying to unblock themselves
	390	+ if( $wgUser->isAllowed( 'unblockself' ) ){
	391	+ return true;
	392	+ } else {
	393	+ return 'ipbnounblockself';
	394	+ }
	395	+ } else {
	396	+ # User is trying to block/unblock someone else
	397	+ return 'ipbblocked';
	398	+ }
	399	+ }
380	400
381	401	/**
382	402	* Backend block code.

Follow-up revisions

Revision	Commit summary	Author	Date
r64274	Fix coding style in r64230, r64256	catrope	21:31, 27 March 2010

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r64228	(bug 15810) stop blocked admins from unblocking themselves or others.	happy-melon	22:02, 26 March 2010

Status & tagging log

19:38, 2 November 2010 😂 (talk | contribs) changed the status of r64256 [removed: new added: ok]