From edfe2cd8e6432826f76668b68d5d11eaaa400acb Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 18 Nov 2020 14:22:44 +0100
Subject: [PATCH] Add SessionHandler::applyPendingUserChange()

---
 .../MultifactorAuthenticationForm.class.php   |  2 +-
 .../system/session/SessionHandler.class.php   | 27 ++++++++++++++++++-
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
index 9d10d2b204..3dc227958a 100644
--- a/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
+++ b/wcfsetup/install/files/lib/form/MultifactorAuthenticationForm.class.php
@@ -125,7 +125,7 @@ class MultifactorAuthenticationForm extends AbstractFormBuilderForm {
 		
 		WCF::getDB()->commitTransaction();
 		
-		WCF::getSession()->changeUser($this->user);
+		WCF::getSession()->applyPendingUserChange($this->user);
 		
 		$this->saved();
 	}
diff --git a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
index cf677051f6..0f0839a323 100644
--- a/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
+++ b/wcfsetup/install/files/lib/system/session/SessionHandler.class.php
@@ -717,11 +717,36 @@ final class SessionHandler extends SingletonFactory {
 		}
 	}
 	
+	/**
+	 * Applies the pending user change, calling `changeUser()` for the user returned
+	 * by `getPendingUserChange()`.
+	 * 
+	 * As a safety check you must provide the `$expectedUser` as a parameter, it must match the
+	 * data stored within the session.
+	 *
+	 * @throws \RuntimeException If the `$expectedUser` does not match.
+	 * @throws \BadMethodCallException If `getPendingUserChange()` returns `null`.
+	 */
+	public function applyPendingUserChange(User $expectedUser): void {
+		$user = $this->getPendingUserChange();
+		$this->clearPendingUserChange();
+		
+		if ($user->userID !== $expectedUser->userID) {
+			throw new \RuntimeException('Mismatching expectedUser.');
+		}
+		
+		if (!$user) {
+			throw new \BadMethodCallException('No pending user change.');
+		}
+		
+		$this->changeUser($user);
+	}
+	
 	/**
 	 * Returns the pending user change initiated by changeUserAfterMultifactor().
 	 */
 	public function getPendingUserChange(): ?User {
-		$userId = WCF::getSession()->getVar(self::CHANGE_USER_AFTER_MULTIFACTOR_KEY);
+		$userId = $this->getVar(self::CHANGE_USER_AFTER_MULTIFACTOR_KEY);
 		if (!$userId) {
 			return null;
 		}
-- 
2.20.1