Blocking a user does not prevent them from doing anything except actually
editing a page, which means that blocked users can still rollback, (un)protect,
block/unblock, etc. if they have those abilities normally available to them.
I suggest this is modified so that a blocked user is prevented from doing
anything which alters the database, apart from unblocking themselves.