/**
* Action called to post values of a new user.
*/
public function postnewAction()
{
// TODO prevent CSRF
$this->secure('admin');
$user = new App_Model_User();
$user->setUsername($_POST['username']);
$user->setPassword($_POST['password']);
$user->setFirstname($_POST['firstname']);
$user->setLastname($_POST['lastname']);
$user->setIsAdmin($_POST['is_admin'] == 'on');
$user->setEmail($_POST['email']);
if (0 === count($user->isValid())) {
$user->save();
return redirect_to('/admin/users');
} else {
$errors = '';
foreach ($user->isValid() as $error) {
$errors .= $error . "<br />";
}
flash_now('error', $errors);
return $this->createAction();
}
}
public function createAction()
{
if (!$this->getUser()->getIsSuperAdmin()) {
$this->addFlashMessageNotice('Only super admins may create new users');
$this->_redirect($this->getUrl(array(), 'admin_view_users'));
}
$this->view->page_heading = 'Create New User';
$form = new Admin_Form_CreateUser();
$this->view->form = $form;
if (!$this->getRequest()->isPost()) {
return;
}
$is_form_valid = $form->isValid($this->getRequest()->getPost());
if ($form->password->getValue() != $form->password_confirm->getValue()) {
$form->password_confirm->addError('This does not match the other password given');
$is_form_valid = false;
}
if ($is_form_valid) {
$user = new App_Model_User();
$user->setEmail($form->email->getValue());
$user->setPassword($form->password->getValue());
$user->setIsSuperAdmin(false);
try {
$this->getDb()->persist($user);
$this->getDb()->flush();
$this->addFlashMessageSuccess('New user has been created successfully');
$this->_redirect($this->getUrl(array(), 'admin_view_users'));
} catch (PDOException $e) {
$dbException = new App_Model_DBExceptionDecorator($e);
if ($dbException->isDuplicateKeyViolation()) {
$form->email->addError('A user with that email address already exists');
} else {
throw $e;
}
}
}
}