From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Mon, 29 Feb 2016 17:12:17 +0000 (-0500)
Subject: Allow API action=logout with BotPasswords
X-Git-Tag: 1.31.0-rc.0~7780^2
X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/comptes/journal.php?a=commitdiff_plain;h=00658d680007c63f02627bc18a56792db2999f34;p=lhc%2Fweb%2Fwiklou.git

Allow API action=logout with BotPasswords

Since login is handled specially, do the same for logout.

Bug: T128335
Change-Id: Ib3b12d7045449b5c44f5ff7d1ecfce14416e8400
---

diff --git a/includes/api/ApiLogout.php b/includes/api/ApiLogout.php
index 2c3820848f..6a26e2e350 100644
--- a/includes/api/ApiLogout.php
+++ b/includes/api/ApiLogout.php
@@ -24,6 +24,8 @@
  * @file
  */
 
+use MediaWiki\Session\BotPasswordSessionProvider;
+
 /**
  * API module to allow users to log out of the wiki. API equivalent of
  * Special:Userlogout.
@@ -33,8 +35,15 @@
 class ApiLogout extends ApiBase {
 
 	public function execute() {
-		// Make sure it's possible to log out
 		$session = MediaWiki\Session\SessionManager::getGlobalSession();
+
+		// Handle bot password logout specially
+		if ( $session->getProvider() instanceof BotPasswordSessionProvider ) {
+			$session->unpersist();
+			return;
+		}
+
+		// Make sure it's possible to log out
 		if ( !$session->canSetUser() ) {
 			$this->dieUsage(
 				'Cannot log out when using ' .