Page MenuHomePhabricator

D14319.id34573.diff
No OneTemporary

D14319.id34573.diff

diff --git a/src/applications/auth/controller/PhabricatorAuthLoginController.php b/src/applications/auth/controller/PhabricatorAuthLoginController.php
--- a/src/applications/auth/controller/PhabricatorAuthLoginController.php
+++ b/src/applications/auth/controller/PhabricatorAuthLoginController.php
@@ -113,6 +113,27 @@
$provider->getProviderName()));
}
} else {
+
+ // If the user already has a linked account of this type, prevent them
+ // from linking a second account. This can happen if they swap logins
+ // and then refresh the account link. See T6707. We will eventually
+ // allow this after T2549.
+ $existing_accounts = id(new PhabricatorExternalAccountQuery())
+ ->setViewer($viewer)
+ ->withUserPHIDs(array($viewer->getPHID()))
+ ->withAccountTypes(array($account->getAccountType()))
+ ->execute();
+ if ($existing_accounts) {
+ return $this->renderError(
+ pht(
+ 'Your Phabricator account is already connected to an external '.
+ 'account on this provider ("%s"), but you are currently logged '.
+ 'in to the provider with a different account. Log out of the '.
+ 'external service, then log back in with the correct account '.
+ 'before refreshing the account link.',
+ $provider->getProviderName()));
+ }
+
if ($provider->shouldAllowAccountLink()) {
return $this->processLinkUser($account);
} else {

File Metadata

Mime Type
text/plain
Expires
Fri, May 24, 2:22 PM (3 w, 1 d ago)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6289908
Default Alt Text
D14319.id34573.diff (1 KB)

Event Timeline