[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  final class PhabricatorAuthUnlinkController
   4    extends PhabricatorAuthController {
   5  
   6    private $providerKey;
   7  
   8    public function willProcessRequest(array $data) {
   9      $this->providerKey = $data['pkey'];
  10    }
  11  
  12    public function processRequest() {
  13      $request = $this->getRequest();
  14      $viewer = $request->getUser();
  15  
  16      list($type, $domain) = explode(':', $this->providerKey, 2);
  17  
  18      // Check that this account link actually exists. We don't require the
  19      // provider to exist because we want users to be able to delete links to
  20      // dead accounts if they want.
  21      $account = id(new PhabricatorExternalAccount())->loadOneWhere(
  22        'accountType = %s AND accountDomain = %s AND userPHID = %s',
  23        $type,
  24        $domain,
  25        $viewer->getPHID());
  26      if (!$account) {
  27        return $this->renderNoAccountErrorDialog();
  28      }
  29  
  30      // Check that the provider (if it exists) allows accounts to be unlinked.
  31      $provider_key = $this->providerKey;
  32      $provider = PhabricatorAuthProvider::getEnabledProviderByKey($provider_key);
  33      if ($provider) {
  34        if (!$provider->shouldAllowAccountUnlink()) {
  35          return $this->renderNotUnlinkableErrorDialog($provider);
  36        }
  37      }
  38  
  39      // Check that this account isn't the last account which can be used to
  40      // login. We prevent you from removing the last account.
  41      if ($account->isUsableForLogin()) {
  42        $other_accounts = id(new PhabricatorExternalAccount())->loadAllWhere(
  43          'userPHID = %s',
  44          $viewer->getPHID());
  45  
  46        $valid_accounts = 0;
  47        foreach ($other_accounts as $other_account) {
  48          if ($other_account->isUsableForLogin()) {
  49            $valid_accounts++;
  50          }
  51        }
  52  
  53        if ($valid_accounts < 2) {
  54          return $this->renderLastUsableAccountErrorDialog();
  55        }
  56      }
  57  
  58      if ($request->isDialogFormPost()) {
  59        $account->delete();
  60  
  61        id(new PhabricatorAuthSessionEngine())->terminateLoginSessions(
  62          $viewer,
  63          $request->getCookie(PhabricatorCookies::COOKIE_SESSION));
  64  
  65        return id(new AphrontRedirectResponse())->setURI($this->getDoneURI());
  66      }
  67  
  68      return $this->renderConfirmDialog($account);
  69    }
  70  
  71    private function getDoneURI() {
  72      return '/settings/panel/external/';
  73    }
  74  
  75    private function renderNoAccountErrorDialog() {
  76      $dialog = id(new AphrontDialogView())
  77        ->setUser($this->getRequest()->getUser())
  78        ->setTitle(pht('No Such Account'))
  79        ->appendChild(
  80          pht(
  81            'You can not unlink this account because it is not linked.'))
  82        ->addCancelButton($this->getDoneURI());
  83  
  84      return id(new AphrontDialogResponse())->setDialog($dialog);
  85    }
  86  
  87    private function renderNotUnlinkableErrorDialog(
  88      PhabricatorAuthProvider $provider) {
  89  
  90      $dialog = id(new AphrontDialogView())
  91        ->setUser($this->getRequest()->getUser())
  92        ->setTitle(pht('Permanent Account Link'))
  93        ->appendChild(
  94          pht(
  95            'You can not unlink this account because the administrator has '.
  96            'configured Phabricator to make links to %s accounts permanent.',
  97            $provider->getProviderName()))
  98        ->addCancelButton($this->getDoneURI());
  99  
 100      return id(new AphrontDialogResponse())->setDialog($dialog);
 101    }
 102  
 103    private function renderLastUsableAccountErrorDialog() {
 104      $dialog = id(new AphrontDialogView())
 105        ->setUser($this->getRequest()->getUser())
 106        ->setTitle(pht('Last Valid Account'))
 107        ->appendChild(
 108          pht(
 109            'You can not unlink this account because you have no other '.
 110            'valid login accounts. If you removed it, you would be unable '.
 111            'to login. Add another authentication method before removing '.
 112            'this one.'))
 113        ->addCancelButton($this->getDoneURI());
 114  
 115      return id(new AphrontDialogResponse())->setDialog($dialog);
 116    }
 117  
 118    private function renderConfirmDialog() {
 119      $provider_key = $this->providerKey;
 120      $provider = PhabricatorAuthProvider::getEnabledProviderByKey($provider_key);
 121  
 122      if ($provider) {
 123        $title = pht('Unlink "%s" Account?', $provider->getProviderName());
 124        $body = pht(
 125          'You will no longer be able to use your %s account to '.
 126          'log in to Phabricator.',
 127          $provider->getProviderName());
 128      } else {
 129        $title = pht('Unlink Account?');
 130        $body = pht(
 131          'You will no longer be able to use this account to log in '.
 132          'to Phabricator.');
 133      }
 134  
 135      $dialog = id(new AphrontDialogView())
 136        ->setUser($this->getRequest()->getUser())
 137        ->setTitle($title)
 138        ->appendParagraph($body)
 139        ->appendParagraph(
 140          pht(
 141            'Note: Unlinking an authentication provider will terminate any '.
 142            'other active login sessions.'))
 143        ->addSubmitButton(pht('Unlink Account'))
 144        ->addCancelButton($this->getDoneURI());
 145  
 146      return id(new AphrontDialogResponse())->setDialog($dialog);
 147    }
 148  
 149  }