MediaWiki  master
SpecialUnlinkAccounts.php
Go to the documentation of this file.
1 <?php
2 
6 
8  protected static $allowedActions = [ AuthManager::ACTION_UNLINK ];
9 
10  public function __construct() {
11  parent::__construct( 'UnlinkAccounts' );
12  }
13 
14  protected function getLoginSecurityLevel() {
15  return 'UnlinkAccount';
16  }
17 
18  protected function getDefaultAction( $subPage ) {
19  return AuthManager::ACTION_UNLINK;
20  }
21 
26  protected function getGroupName() {
27  return 'users';
28  }
29 
30  public function isListed() {
31  return AuthManager::singleton()->canLinkAccounts();
32  }
33 
34  protected function getRequestBlacklist() {
35  return $this->getConfig()->get( 'RemoveCredentialsBlacklist' );
36  }
37 
38  public function execute( $subPage ) {
39  $this->setHeaders();
40  $this->loadAuth( $subPage );
41 
42  if ( !$this->isActionAllowed( $this->authAction ) ) {
43  if ( $this->authAction === AuthManager::ACTION_UNLINK ) {
44  // Looks like there are no linked accounts to unlink
45  $titleMessage = $this->msg( 'cannotunlink-no-provider-title' );
46  $errorMessage = $this->msg( 'cannotunlink-no-provider' );
47  throw new ErrorPageError( $titleMessage, $errorMessage );
48  } else {
49  // user probably back-button-navigated into an auth session that no longer exists
50  // FIXME would be nice to show a message
51  $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false, PROTO_HTTPS ) );
52  return;
53  }
54  }
55 
56  $this->outputHeader();
57 
58  $status = $this->trySubmit();
59 
60  if ( $status === false || !$status->isOK() ) {
61  $this->displayForm( $status );
62  return;
63  }
64 
66  $response = $status->getValue();
67 
68  if ( $response->status === AuthenticationResponse::FAIL ) {
69  $this->displayForm( StatusValue::newFatal( $response->message ) );
70  return;
71  }
72 
73  $status = StatusValue::newGood();
74  $status->warning( $this->msg( 'unlinkaccounts-success' ) );
75  $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up
76 
77  // Reset sessions - if the user unlinked an account because it was compromised,
78  // log attackers out from sessions obtained via that account.
79  $session = $this->getRequest()->getSession();
80  $user = $this->getUser();
81  SessionManager::singleton()->invalidateSessionsForUser( $user );
82  $session->setUser( $user );
83  $session->resetId();
84 
85  $this->displayForm( $status );
86  }
87 
88  public function handleFormSubmit( $data ) {
89  // unlink requests do not accept user input so repeat parent code but skip call to
90  // AuthenticationRequest::loadRequestsFromSubmission
91  $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests );
92  return Status::newGood( $response );
93  }
94 }
loadAuth( $subPage, $authAction=null, $reset=false)
Load or initialize $authAction, $authRequests and $subPage.
static newFatal( $message,... $parameters)
Factory function for fatal errors.
Definition: StatusValue.php:69
$response
A special page subclass for authentication-related special pages.
getOutput()
Get the OutputPage being used for this instance.
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
const PROTO_HTTPS
Definition: Defines.php:200
isActionAllowed( $action)
Checks whether AuthManager is ready to perform the action.
An error page which can definitely be safely rendered using the OutputPage.
static newGood( $value=null)
Factory function for good results.
Definition: StatusValue.php:81
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes! ...
getGroupName()
Under which header this special page is listed in Special:SpecialPages.
displayForm( $status)
Display the form.
getUser()
Shortcut to get the User executing this instance.
getConfig()
Shortcut to get main config object.
performAuthenticationStep( $action, array $requests)
string $subPage
Subpage of the special page.
outputHeader( $summaryMessageKey='')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
getPageTitle( $subpage=false)
Get a self-referential title object.
trySubmit()
Attempts to do an authentication step with the submitted data.