Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 37 |
|
0.00% |
0 / 8 |
CRAP | |
0.00% |
0 / 1 |
SpecialUnlinkAccounts | |
0.00% |
0 / 36 |
|
0.00% |
0 / 8 |
182 | |
0.00% |
0 / 1 |
__construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
getLoginSecurityLevel | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDefaultAction | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getGroupName | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
isListed | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getRequestBlacklist | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
execute | |
0.00% |
0 / 27 |
|
0.00% |
0 / 1 |
42 | |||
handleFormSubmit | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 |
1 | <?php |
2 | |
3 | namespace MediaWiki\Specials; |
4 | |
5 | use ErrorPageError; |
6 | use MediaWiki\Auth\AuthenticationResponse; |
7 | use MediaWiki\Auth\AuthManager; |
8 | use MediaWiki\MainConfigNames; |
9 | use MediaWiki\Session\SessionManager; |
10 | use MediaWiki\SpecialPage\AuthManagerSpecialPage; |
11 | use MediaWiki\Status\Status; |
12 | use StatusValue; |
13 | |
14 | class SpecialUnlinkAccounts extends AuthManagerSpecialPage { |
15 | protected static $allowedActions = [ AuthManager::ACTION_UNLINK ]; |
16 | |
17 | /** |
18 | * @param AuthManager $authManager |
19 | */ |
20 | public function __construct( AuthManager $authManager ) { |
21 | parent::__construct( 'UnlinkAccounts' ); |
22 | $this->setAuthManager( $authManager ); |
23 | } |
24 | |
25 | protected function getLoginSecurityLevel() { |
26 | return 'UnlinkAccount'; |
27 | } |
28 | |
29 | protected function getDefaultAction( $subPage ) { |
30 | return AuthManager::ACTION_UNLINK; |
31 | } |
32 | |
33 | /** |
34 | * Under which header this special page is listed in Special:SpecialPages. |
35 | * @return string |
36 | */ |
37 | protected function getGroupName() { |
38 | return 'login'; |
39 | } |
40 | |
41 | public function isListed() { |
42 | return $this->getAuthManager()->canLinkAccounts(); |
43 | } |
44 | |
45 | protected function getRequestBlacklist() { |
46 | return $this->getConfig()->get( MainConfigNames::RemoveCredentialsBlacklist ); |
47 | } |
48 | |
49 | public function execute( $subPage ) { |
50 | $this->setHeaders(); |
51 | $this->loadAuth( $subPage ); |
52 | |
53 | if ( !$this->isActionAllowed( $this->authAction ) ) { |
54 | if ( $this->authAction === AuthManager::ACTION_UNLINK ) { |
55 | // Looks like there are no linked accounts to unlink |
56 | $titleMessage = $this->msg( 'cannotunlink-no-provider-title' ); |
57 | $errorMessage = $this->msg( 'cannotunlink-no-provider' ); |
58 | throw new ErrorPageError( $titleMessage, $errorMessage ); |
59 | } else { |
60 | // user probably back-button-navigated into an auth session that no longer exists |
61 | // FIXME would be nice to show a message |
62 | $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false, PROTO_HTTPS ) ); |
63 | return; |
64 | } |
65 | } |
66 | |
67 | $this->outputHeader(); |
68 | |
69 | $status = $this->trySubmit(); |
70 | |
71 | if ( $status === false || !$status->isOK() ) { |
72 | $this->displayForm( $status ); |
73 | return; |
74 | } |
75 | |
76 | /** @var AuthenticationResponse $response */ |
77 | $response = $status->getValue(); |
78 | |
79 | if ( $response->status === AuthenticationResponse::FAIL ) { |
80 | $this->displayForm( StatusValue::newFatal( $response->message ) ); |
81 | return; |
82 | } |
83 | |
84 | $status = StatusValue::newGood(); |
85 | $status->warning( $this->msg( 'unlinkaccounts-success' ) ); |
86 | $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up |
87 | |
88 | // Reset sessions - if the user unlinked an account because it was compromised, |
89 | // log attackers out from sessions obtained via that account. |
90 | $session = $this->getRequest()->getSession(); |
91 | $user = $this->getUser(); |
92 | SessionManager::singleton()->invalidateSessionsForUser( $user ); |
93 | $session->setUser( $user ); |
94 | $session->resetId(); |
95 | |
96 | $this->displayForm( $status ); |
97 | } |
98 | |
99 | public function handleFormSubmit( $data ) { |
100 | // unlink requests do not accept user input so repeat parent code but skip call to |
101 | // AuthenticationRequest::loadRequestsFromSubmission |
102 | $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests ); |
103 | return Status::newGood( $response ); |
104 | } |
105 | } |
106 | |
107 | /** |
108 | * Retain the old class name for backwards compatibility. |
109 | * @deprecated since 1.41 |
110 | */ |
111 | class_alias( SpecialUnlinkAccounts::class, 'SpecialUnlinkAccounts' ); |