Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F27267288
0001-API-Respect-wgBlockCIDRLimit-in-action-block.patch
tstarling (Tim Starling)
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
tstarling
Nov 21 2018, 3:57 AM
2018-11-21 03:57:11 (UTC+0)
Size
2 KB
Referenced Files
None
Subscribers
None
0001-API-Respect-wgBlockCIDRLimit-in-action-block.patch
View Options
From 57ff9202b3b5ebc2dcc146fc47f22e1b4681f7a1 Mon Sep 17 00:00:00 2001
From: Kunal Mehta <legoktm@member.fsf.org>
Date: Fri, 13 Jul 2018 08:07:51 -0700
Subject: [PATCH] API: Respect $wgBlockCIDRLimit in action=block
$wgBlockCIDRLimit states how large rangeblocks are allowed to be for IPv4
and IPv6. The API now calls SpecialBlock::validateTarget() to perform
that validation step.
As a minor thing, SpecialBlock::checkUnblockSelf() is now called twice by
the API, but that can probably be cleaned up at another time.
Tests included.
Bug: T199540
Change-Id: Ic7d60240d9ebd9580c0eb3b41e4befceab69bd81
---
includes/api/ApiBlock.php | 5 +++++
tests/phpunit/includes/api/ApiBlockTest.php | 19 ++++++++++++++++++-
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/includes/api/ApiBlock.php b/includes/api/ApiBlock.php
index 3581ac8514..a498a027f5 100644
--- a/includes/api/ApiBlock.php
+++ b/includes/api/ApiBlock.php
@@ -135,6 +135,11 @@ class ApiBlock extends ApiBase {
'PageRestrictions' => $pageRestrictions,
];
+ $status = SpecialBlock::validateTarget( $params['user'], $user );
+ if ( !$status->isOK() ) {
+ $this->dieStatus( $status );
+ }
+
$retval = SpecialBlock::processForm( $data, $this->getContext() );
if ( $retval !== true ) {
$this->dieStatus( $this->errorArrayToStatus( $retval ) );
diff --git a/tests/phpunit/includes/api/ApiBlockTest.php b/tests/phpunit/includes/api/ApiBlockTest.php
index 563d5e34d8..03821f4515 100644
--- a/tests/phpunit/includes/api/ApiBlockTest.php
+++ b/tests/phpunit/includes/api/ApiBlockTest.php
@@ -18,6 +18,10 @@ class ApiBlockTest extends ApiTestCase {
);
$this->mUser = $this->getMutableTestUser()->getUser();
+ $this->setMwGlobals( 'wgBlockCIDRLimit', [
+ 'IPv4' => 16,
+ 'IPv6' => 19,
+ ] );
}
protected function getTokens() {
@@ -37,7 +41,6 @@ class ApiBlockTest extends ApiTestCase {
$tokens = $this->getTokens();
$this->assertNotNull( $this->mUser, 'Sanity check' );
- $this->assertNotSame( 0, $this->mUser->getId(), 'Sanity check' );
$this->assertArrayHasKey( 'blocktoken', $tokens, 'Sanity check' );
@@ -315,4 +318,18 @@ class ApiBlockTest extends ApiTestCase {
self::$users['sysop']->getUser()
);
}
+
+ public function testRangeBlock() {
+ $this->mUser = User::newFromName( '128.0.0.0/16', false );
+ $this->doBlock();
+ }
+
+ /**
+ * @expectedException ApiUsageException
+ * @expectedExceptionMessage Range blocks larger than /16 are not allowed.
+ */
+ public function testVeryLargeRangeBlock() {
+ $this->mUser = User::newFromName( '128.0.0.0/1', false );
+ $this->doBlock();
+ }
}
--
2.17.1
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
6716192
Default Alt Text
0001-API-Respect-wgBlockCIDRLimit-in-action-block.patch (2 KB)
Attached To
Mode
T199540: Forbid blocking IP ranges as big as /1 and /2, as done on ruwikiquote using the API
Attached
Detach File
Event Timeline
Log In to Comment