search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / includes / specials / SpecialUnlinkAccounts.php
blobe4f0de21d633dccf95ac5efac7c89c06d939d080
1 <?php
2
3 namespace MediaWiki\Specials;
4
5 use ErrorPageError;
6 use MediaWiki\Auth\AuthenticationResponse;
7 use MediaWiki\Auth\AuthManager;
8 use MediaWiki\MainConfigNames;
9 use MediaWiki\Session\SessionManager;
10 use MediaWiki\SpecialPage\AuthManagerSpecialPage;
11 use MediaWiki\Status\Status;
12 use StatusValue;
13
14 /**
15 * @ingroup SpecialPage
16 * @ingroup Auth
17 */
18 class SpecialUnlinkAccounts extends AuthManagerSpecialPage {
19 /** @inheritDoc */
20 protected static $allowedActions = [ AuthManager::ACTION_UNLINK ];
21
22 /**
23 * @param AuthManager $authManager
24 */
25 public function __construct( AuthManager $authManager ) {
26 parent::__construct( 'UnlinkAccounts' );
27 $this->setAuthManager( $authManager );
28 }
29
30 protected function getLoginSecurityLevel() {
31 return 'UnlinkAccount';
32 }
33
34 protected function getDefaultAction( $subPage ) {
35 return AuthManager::ACTION_UNLINK;
36 }
37
38 /**
39 * Under which header this special page is listed in Special:SpecialPages.
40 * @return string
41 */
42 protected function getGroupName() {
43 return 'login';
44 }
45
46 public function isListed() {
47 return $this->getAuthManager()->canLinkAccounts();
48 }
49
50 protected function getRequestBlacklist() {
51 return $this->getConfig()->get( MainConfigNames::RemoveCredentialsBlacklist );
52 }
53
54 public function execute( $subPage ) {
55 $this->setHeaders();
56 $this->loadAuth( $subPage );
57
58 if ( !$this->isActionAllowed( $this->authAction ) ) {
59 if ( $this->authAction === AuthManager::ACTION_UNLINK ) {
60 // Looks like there are no linked accounts to unlink
61 $titleMessage = $this->msg( 'cannotunlink-no-provider-title' );
62 $errorMessage = $this->msg( 'cannotunlink-no-provider' );
63 throw new ErrorPageError( $titleMessage, $errorMessage );
64 } else {
65 // user probably back-button-navigated into an auth session that no longer exists
66 // FIXME would be nice to show a message
67 $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false, PROTO_HTTPS ) );
68 return;
69 }
70 }
71
72 $this->outputHeader();
73
74 $status = $this->trySubmit();
75
76 if ( $status === false || !$status->isOK() ) {
77 $this->displayForm( $status );
78 return;
79 }
80
81 /** @var AuthenticationResponse $response */
82 $response = $status->getValue();
83
84 if ( $response->status === AuthenticationResponse::FAIL ) {
85 $this->displayForm( StatusValue::newFatal( $response->message ) );
86 return;
87 }
88
89 $status = StatusValue::newGood();
90 $status->warning( $this->msg( 'unlinkaccounts-success' ) );
91 $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up
92
93 // Reset sessions - if the user unlinked an account because it was compromised,
94 // log attackers out from sessions obtained via that account.
95 $session = $this->getRequest()->getSession();
96 $user = $this->getUser();
97 SessionManager::singleton()->invalidateSessionsForUser( $user );
98 $session->setUser( $user );
99 $session->resetId();
100
101 $this->displayForm( $status );
102 }
103
104 public function handleFormSubmit( $data ) {
105 // unlink requests do not accept user input so repeat parent code but skip call to
106 // AuthenticationRequest::loadRequestsFromSubmission
107 $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests );
108 return Status::newGood( $response );
109 }
110 }
111
112 /**
113 * Retain the old class name for backwards compatibility.
114 * @deprecated since 1.41
115 */
116 class_alias( SpecialUnlinkAccounts::class, 'SpecialUnlinkAccounts' );
MediaWiki Core