WoltLab
diff --git a/‎wcfsetup/install/files/lib/action/UserBanAction.class.php‎
Lines changed: 13 additions & 56 deletions b/‎wcfsetup/install/files/lib/action/UserBanAction.class.php‎
Lines changed: 13 additions & 56 deletions
diff --git a/‎wcfsetup/install/files/lib/action/UserDisableAvatarAction.class.php‎
Lines changed: 13 additions & 56 deletions b/‎wcfsetup/install/files/lib/action/UserDisableAvatarAction.class.php‎
Lines changed: 13 additions & 56 deletions
diff --git a/‎wcfsetup/install/files/lib/action/UserDisableCoverPhotoAction.class.php‎
Lines changed: 13 additions & 56 deletions b/‎wcfsetup/install/files/lib/action/UserDisableCoverPhotoAction.class.php‎
Lines changed: 13 additions & 56 deletions
@@ -2,14 +2,7 @@
 
 namespace wcf\action;
 
-use Laminas\Diactoros\Response\JsonResponse;
-use Psr\Http\Message\ResponseInterface;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use wcf\data\user\group\UserGroup;
 use wcf\data\user\UserProfile;
-use wcf\http\Helper;
-use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\form\builder\field\BooleanFormField;
@@ -28,73 +21,37 @@
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  * @since 6.3
  */
-final class UserBanAction implements RequestHandlerInterface
+final class UserBanAction extends UserManagementAction
 {
     #[\Override]
-    public function handle(ServerRequestInterface $request): ResponseInterface
+    protected function performAction(UserProfile $userProfile, array $data): void
     {
-        $parameters = Helper::mapQueryParameters(
-            $request->getQueryParams(),
-            <<<'EOT'
-                array {
-                    id: positive-int
-                }
-                EOT
-        );
-
-        $user = UserProfileRuntimeCache::getInstance()->getObject($parameters['id']);
-        $this->assertUserCanBeBanned($user);
-
-        $form = $this->getForm();
-
-        if ($request->getMethod() === 'GET') {
-            return $form->toResponse();
-        } elseif ($request->getMethod() === 'POST') {
-            $response = $form->validateRequest($request);
-            if ($response !== null) {
-                return $response;
-            }
-
-            $data = $form->getData()['data'];
-            $reason = $data['reason'];
-            if ($data['neverExpires']) {
-                $expires = null;
-            } else {
-                $expires = $data['expires'];
-            }
-
-            (new Ban($user->getDecoratedObject(), $reason, $expires))();
-
-            return new JsonResponse([]);
+        $reason = $data['reason'];
+        if ($data['neverExpires']) {
+            $expires = null;
         } else {
-            throw new \LogicException('Unreachable');
+            $expires = $data['expires'];
         }
+
+        (new Ban($userProfile->getDecoratedObject(), $reason, $expires))();
     }
 
-    private function assertUserCanBeBanned(?UserProfile $userProfile): void
+    #[\Override]
+    protected function assertUserCanBeManaged(?UserProfile $userProfile): void
     {
-        if (!$userProfile) {
-            throw new IllegalLinkException();
-        }
-
-        if ($userProfile->userID === WCF::getUser()->userID) {
-            throw new IllegalLinkException();
-        }
+        parent::assertUserCanBeManaged($userProfile);
 
         if (!WCF::getSession()->getPermission('admin.user.canBanUser')) {
             throw new PermissionDeniedException();
         }
 
-        if (!UserGroup::isAccessibleGroup($userProfile->getGroupIDs())) {
-            throw new PermissionDeniedException();
-        }
-
         if ($userProfile->banned !== 0) {
             throw new IllegalLinkException();
         }
     }
 
-    private function getForm(): Psr15DialogForm
+    #[\Override]
+    protected function getForm(): Psr15DialogForm
     {
         $form = new Psr15DialogForm(
             static::class,
 
@@ -2,14 +2,7 @@
 
 namespace wcf\action;
 
-use Laminas\Diactoros\Response\JsonResponse;
-use Psr\Http\Message\ResponseInterface;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use wcf\data\user\group\UserGroup;
 use wcf\data\user\UserProfile;
-use wcf\http\Helper;
-use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\form\builder\field\BooleanFormField;
@@ -28,73 +21,37 @@
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  * @since 6.3
  */
-final class UserDisableAvatarAction implements RequestHandlerInterface
+final class UserDisableAvatarAction extends UserManagementAction
 {
     #[\Override]
-    public function handle(ServerRequestInterface $request): ResponseInterface
+    protected function performAction(UserProfile $userProfile, array $data): void
     {
-        $parameters = Helper::mapQueryParameters(
-            $request->getQueryParams(),
-            <<<'EOT'
-                array {
-                    id: positive-int
-                }
-                EOT
-        );
-
-        $user = UserProfileRuntimeCache::getInstance()->getObject($parameters['id']);
-        $this->assertAvatarCanBeDisabled($user);
-
-        $form = $this->getForm();
-
-        if ($request->getMethod() === 'GET') {
-            return $form->toResponse();
-        } elseif ($request->getMethod() === 'POST') {
-            $response = $form->validateRequest($request);
-            if ($response !== null) {
-                return $response;
-            }
-
-            $data = $form->getData()['data'];
-            $reason = $data['reason'];
-            if ($data['neverExpires']) {
-                $expires = null;
-            } else {
-                $expires = $data['expires'];
-            }
-
-            (new DisableAvatar($user->getDecoratedObject(), $reason, $expires))();
-
-            return new JsonResponse([]);
+        $reason = $data['reason'];
+        if ($data['neverExpires']) {
+            $expires = null;
         } else {
-            throw new \LogicException('Unreachable');
+            $expires = $data['expires'];
         }
+
+        (new DisableAvatar($userProfile->getDecoratedObject(), $reason, $expires))();
     }
 
-    private function assertAvatarCanBeDisabled(?UserProfile $userProfile): void
+    #[\Override]
+    protected function assertUserCanBeManaged(?UserProfile $userProfile): void
     {
-        if (!$userProfile) {
-            throw new IllegalLinkException();
-        }
-
-        if ($userProfile->userID === WCF::getUser()->userID) {
-            throw new IllegalLinkException();
-        }
+        parent::assertUserCanBeManaged($userProfile);
 
         if (!WCF::getSession()->getPermission('admin.user.canDisableAvatar')) {
             throw new PermissionDeniedException();
         }
 
-        if (!UserGroup::isAccessibleGroup($userProfile->getGroupIDs())) {
-            throw new PermissionDeniedException();
-        }
-
         if ($userProfile->disableAvatar !== 0) {
             throw new IllegalLinkException();
         }
     }
 
-    private function getForm(): Psr15DialogForm
+    #[\Override]
+    protected function getForm(): Psr15DialogForm
     {
         $form = new Psr15DialogForm(
             static::class,
 
@@ -2,14 +2,7 @@
 
 namespace wcf\action;
 
-use Laminas\Diactoros\Response\JsonResponse;
-use Psr\Http\Message\ResponseInterface;
-use Psr\Http\Message\ServerRequestInterface;
-use Psr\Http\Server\RequestHandlerInterface;
-use wcf\data\user\group\UserGroup;
 use wcf\data\user\UserProfile;
-use wcf\http\Helper;
-use wcf\system\cache\runtime\UserProfileRuntimeCache;
 use wcf\system\exception\IllegalLinkException;
 use wcf\system\exception\PermissionDeniedException;
 use wcf\system\form\builder\field\BooleanFormField;
@@ -28,73 +21,37 @@
  * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
  * @since 6.3
  */
-final class UserDisableCoverPhotoAction implements RequestHandlerInterface
+final class UserDisableCoverPhotoAction extends UserManagementAction
 {
     #[\Override]
-    public function handle(ServerRequestInterface $request): ResponseInterface
+    protected function performAction(UserProfile $userProfile, array $data): void
     {
-        $parameters = Helper::mapQueryParameters(
-            $request->getQueryParams(),
-            <<<'EOT'
-                array {
-                    id: positive-int
-                }
-                EOT
-        );
-
-        $user = UserProfileRuntimeCache::getInstance()->getObject($parameters['id']);
-        $this->assertCoverPhotoCanBeDisabled($user);
-
-        $form = $this->getForm();
-
-        if ($request->getMethod() === 'GET') {
-            return $form->toResponse();
-        } elseif ($request->getMethod() === 'POST') {
-            $response = $form->validateRequest($request);
-            if ($response !== null) {
-                return $response;
-            }
-
-            $data = $form->getData()['data'];
-            $reason = $data['reason'];
-            if ($data['neverExpires']) {
-                $expires = null;
-            } else {
-                $expires = $data['expires'];
-            }
-
-            (new DisableCoverPhoto($user->getDecoratedObject(), $reason, $expires))();
-
-            return new JsonResponse([]);
+        $reason = $data['reason'];
+        if ($data['neverExpires']) {
+            $expires = null;
         } else {
-            throw new \LogicException('Unreachable');
+            $expires = $data['expires'];
         }
+
+        (new DisableCoverPhoto($userProfile->getDecoratedObject(), $reason, $expires))();
     }
 
-    private function assertCoverPhotoCanBeDisabled(?UserProfile $userProfile): void
+    #[\Override]
+    protected function assertUserCanBeManaged(?UserProfile $userProfile): void
     {
-        if (!$userProfile) {
-            throw new IllegalLinkException();
-        }
-
-        if ($userProfile->userID === WCF::getUser()->userID) {
-            throw new IllegalLinkException();
-        }
+        parent::assertUserCanBeManaged($userProfile);
 
         if (!WCF::getSession()->getPermission('admin.user.canDisableCoverPhoto')) {
             throw new PermissionDeniedException();
         }
 
-        if (!UserGroup::isAccessibleGroup($userProfile->getGroupIDs())) {
-            throw new PermissionDeniedException();
-        }
-
         if ($userProfile->disableCoverPhoto !== 0) {
             throw new IllegalLinkException();
         }
     }
 
-    private function getForm(): Psr15DialogForm
+    #[\Override]
+    protected function getForm(): Psr15DialogForm
     {
         $form = new Psr15DialogForm(
             static::class,