Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 37 |
|
0.00% |
0 / 8 |
CRAP | |
0.00% |
0 / 1 |
| SpecialUnlinkAccounts | |
0.00% |
0 / 36 |
|
0.00% |
0 / 8 |
182 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
| getLoginSecurityLevel | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getDefaultAction | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getGroupName | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| isListed | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| getRequestBlacklist | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| execute | |
0.00% |
0 / 27 |
|
0.00% |
0 / 1 |
42 | |||
| handleFormSubmit | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | namespace MediaWiki\Specials; |
| 4 | |
| 5 | use ErrorPageError; |
| 6 | use MediaWiki\Auth\AuthenticationResponse; |
| 7 | use MediaWiki\Auth\AuthManager; |
| 8 | use MediaWiki\MainConfigNames; |
| 9 | use MediaWiki\Session\SessionManager; |
| 10 | use MediaWiki\SpecialPage\AuthManagerSpecialPage; |
| 11 | use MediaWiki\Status\Status; |
| 12 | use StatusValue; |
| 13 | |
| 14 | class SpecialUnlinkAccounts extends AuthManagerSpecialPage { |
| 15 | protected static $allowedActions = [ AuthManager::ACTION_UNLINK ]; |
| 16 | |
| 17 | /** |
| 18 | * @param AuthManager $authManager |
| 19 | */ |
| 20 | public function __construct( AuthManager $authManager ) { |
| 21 | parent::__construct( 'UnlinkAccounts' ); |
| 22 | $this->setAuthManager( $authManager ); |
| 23 | } |
| 24 | |
| 25 | protected function getLoginSecurityLevel() { |
| 26 | return 'UnlinkAccount'; |
| 27 | } |
| 28 | |
| 29 | protected function getDefaultAction( $subPage ) { |
| 30 | return AuthManager::ACTION_UNLINK; |
| 31 | } |
| 32 | |
| 33 | /** |
| 34 | * Under which header this special page is listed in Special:SpecialPages. |
| 35 | * @return string |
| 36 | */ |
| 37 | protected function getGroupName() { |
| 38 | return 'login'; |
| 39 | } |
| 40 | |
| 41 | public function isListed() { |
| 42 | return $this->getAuthManager()->canLinkAccounts(); |
| 43 | } |
| 44 | |
| 45 | protected function getRequestBlacklist() { |
| 46 | return $this->getConfig()->get( MainConfigNames::RemoveCredentialsBlacklist ); |
| 47 | } |
| 48 | |
| 49 | public function execute( $subPage ) { |
| 50 | $this->setHeaders(); |
| 51 | $this->loadAuth( $subPage ); |
| 52 | |
| 53 | if ( !$this->isActionAllowed( $this->authAction ) ) { |
| 54 | if ( $this->authAction === AuthManager::ACTION_UNLINK ) { |
| 55 | // Looks like there are no linked accounts to unlink |
| 56 | $titleMessage = $this->msg( 'cannotunlink-no-provider-title' ); |
| 57 | $errorMessage = $this->msg( 'cannotunlink-no-provider' ); |
| 58 | throw new ErrorPageError( $titleMessage, $errorMessage ); |
| 59 | } else { |
| 60 | // user probably back-button-navigated into an auth session that no longer exists |
| 61 | // FIXME would be nice to show a message |
| 62 | $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false, PROTO_HTTPS ) ); |
| 63 | return; |
| 64 | } |
| 65 | } |
| 66 | |
| 67 | $this->outputHeader(); |
| 68 | |
| 69 | $status = $this->trySubmit(); |
| 70 | |
| 71 | if ( $status === false || !$status->isOK() ) { |
| 72 | $this->displayForm( $status ); |
| 73 | return; |
| 74 | } |
| 75 | |
| 76 | /** @var AuthenticationResponse $response */ |
| 77 | $response = $status->getValue(); |
| 78 | |
| 79 | if ( $response->status === AuthenticationResponse::FAIL ) { |
| 80 | $this->displayForm( StatusValue::newFatal( $response->message ) ); |
| 81 | return; |
| 82 | } |
| 83 | |
| 84 | $status = StatusValue::newGood(); |
| 85 | $status->warning( $this->msg( 'unlinkaccounts-success' ) ); |
| 86 | $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up |
| 87 | |
| 88 | // Reset sessions - if the user unlinked an account because it was compromised, |
| 89 | // log attackers out from sessions obtained via that account. |
| 90 | $session = $this->getRequest()->getSession(); |
| 91 | $user = $this->getUser(); |
| 92 | SessionManager::singleton()->invalidateSessionsForUser( $user ); |
| 93 | $session->setUser( $user ); |
| 94 | $session->resetId(); |
| 95 | |
| 96 | $this->displayForm( $status ); |
| 97 | } |
| 98 | |
| 99 | public function handleFormSubmit( $data ) { |
| 100 | // unlink requests do not accept user input so repeat parent code but skip call to |
| 101 | // AuthenticationRequest::loadRequestsFromSubmission |
| 102 | $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests ); |
| 103 | return Status::newGood( $response ); |
| 104 | } |
| 105 | } |
| 106 | |
| 107 | /** |
| 108 | * Retain the old class name for backwards compatibility. |
| 109 | * @deprecated since 1.41 |
| 110 | */ |
| 111 | class_alias( SpecialUnlinkAccounts::class, 'SpecialUnlinkAccounts' ); |