API: Some raw message cleanup
[mediawiki.git] / includes / specials / SpecialUnlinkAccounts.php
blob86bc7ed30f3c5ac891a0abb0c87b3816001d6b6e
1 <?php
3 use MediaWiki\Auth\AuthenticationResponse;
4 use MediaWiki\Auth\AuthManager;
5 use MediaWiki\Session\SessionManager;
7 class SpecialUnlinkAccounts extends AuthManagerSpecialPage {
8 protected static $allowedActions = [ AuthManager::ACTION_UNLINK ];
10 public function __construct() {
11 parent::__construct( 'UnlinkAccounts' );
14 protected function getLoginSecurityLevel() {
15 return 'UnlinkAccount';
18 protected function getDefaultAction( $subPage ) {
19 return AuthManager::ACTION_UNLINK;
22 /**
23 * Under which header this special page is listed in Special:SpecialPages.
25 protected function getGroupName() {
26 return 'users';
29 public function isListed() {
30 return AuthManager::singleton()->canLinkAccounts();
33 protected function getRequestBlacklist() {
34 return $this->getConfig()->get( 'RemoveCredentialsBlacklist' );
37 public function execute( $subPage ) {
38 $this->setHeaders();
39 $this->loadAuth( $subPage );
40 $this->outputHeader();
42 $status = $this->trySubmit();
44 if ( $status === false || !$status->isOK() ) {
45 $this->displayForm( $status );
46 return;
49 /** @var AuthenticationResponse $response */
50 $response = $status->getValue();
52 if ( $response->status === AuthenticationResponse::FAIL ) {
53 $this->displayForm( StatusValue::newFatal( $response->message ) );
54 return;
57 $status = StatusValue::newGood();
58 $status->warning( wfMessage( 'unlinkaccounts-success' ) );
59 $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up
61 // Reset sessions - if the user unlinked an account because it was compromised,
62 // log attackers out from sessions obtained via that account.
63 $session = $this->getRequest()->getSession();
64 $user = $this->getUser();
65 SessionManager::singleton()->invalidateSessionsForUser( $user );
66 $session->setUser( $user );
67 $session->resetId();
69 $this->displayForm( $status );
72 public function handleFormSubmit( $data ) {
73 // unlink requests do not accept user input so repeat parent code but skip call to
74 // AuthenticationRequest::loadRequestsFromSubmission
75 $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests );
76 return Status::newGood( $response );