getByName() public static method

Get a role by name.
public static getByName ( array | string $Names, &$Missing = null )
$Names array | string
Ejemplo n.º 1
0
 /**
  * Connect the user with an external source.
  *
  * This controller method is meant to be used with plugins that set its data array to work.
  * Events: ConnectData
  *
  * @since 2.0.0
  * @access public
  *
  * @param string $Method Used to register multiple providers on ConnectData event.
  */
 public function connect($Method)
 {
     $this->addJsFile('entry.js');
     $this->View = 'connect';
     $IsPostBack = $this->Form->isPostBack() && $this->Form->getFormValue('Connect', null) !== null;
     $UserSelect = $this->Form->getFormValue('UserSelect');
     if (!$IsPostBack) {
         // Here are the initial data array values. that can be set by a plugin.
         $Data = array('Provider' => '', 'ProviderName' => '', 'UniqueID' => '', 'FullName' => '', 'Name' => '', 'Email' => '', 'Photo' => '', 'Target' => $this->target());
         $this->Form->setData($Data);
         $this->Form->addHidden('Target', $this->Request->get('Target', '/'));
     }
     // The different providers can check to see if they are being used and modify the data array accordingly.
     $this->EventArguments = array($Method);
     // Fire ConnectData event & error handling.
     $currentData = $this->Form->formValues();
     // Filter the form data for users here. SSO plugins must reset validated data each postback.
     $filteredData = Gdn::userModel()->filterForm($currentData, true);
     $filteredData = array_replace($filteredData, arrayTranslate($currentData, ['TransientKey', 'hpt']));
     unset($filteredData['Roles'], $filteredData['RoleID']);
     $this->Form->formValues($filteredData);
     try {
         $this->EventArguments['Form'] = $this->Form;
         $this->fireEvent('ConnectData');
         $this->fireEvent('AfterConnectData');
     } catch (Gdn_UserException $Ex) {
         $this->Form->addError($Ex);
         return $this->render('ConnectError');
     } catch (Exception $Ex) {
         if (Debug()) {
             $this->Form->addError($Ex);
         } else {
             $this->Form->addError('There was an error fetching the connection data.');
         }
         return $this->render('ConnectError');
     }
     if (!UserModel::noEmail()) {
         if (!$this->Form->getFormValue('Email') || $this->Form->getFormValue('EmailVisible')) {
             $this->Form->setFormValue('EmailVisible', true);
             $this->Form->addHidden('EmailVisible', true);
             if ($IsPostBack) {
                 $this->Form->setFormValue('Email', val('Email', $currentData));
             }
         }
     }
     $FormData = $this->Form->formValues();
     // debug
     // Make sure the minimum required data has been provided to the connect.
     if (!$this->Form->getFormValue('Provider')) {
         $this->Form->addError('ValidateRequired', t('Provider'));
     }
     if (!$this->Form->getFormValue('UniqueID')) {
         $this->Form->addError('ValidateRequired', t('UniqueID'));
     }
     if (!$this->data('Verified')) {
         // Whatever event handler catches this must Set the data 'Verified' to true to prevent a random site from connecting without credentials.
         // This must be done EVERY postback and is VERY important.
         $this->Form->addError('The connection data has not been verified.');
     }
     if ($this->Form->errorCount() > 0) {
         return $this->render();
     }
     $UserModel = Gdn::userModel();
     // Check to see if there is an existing user associated with the information above.
     $Auth = $UserModel->getAuthentication($this->Form->getFormValue('UniqueID'), $this->Form->getFormValue('Provider'));
     $UserID = val('UserID', $Auth);
     // Check to synchronise roles upon connecting.
     if (($this->data('Trusted') || c('Garden.SSO.SyncRoles')) && $this->Form->getFormValue('Roles', null) !== null) {
         $SaveRoles = $SaveRolesRegister = true;
         // Translate the role names to IDs.
         $Roles = $this->Form->getFormValue('Roles', null);
         $Roles = RoleModel::getByName($Roles);
         $RoleIDs = array_keys($Roles);
         if (empty($RoleIDs)) {
             // The user must have at least one role. This protects that.
             $RoleIDs = $this->UserModel->newUserRoleIDs();
         }
         if (c('Garden.SSO.SyncRolesBehavior') === 'register') {
             $SaveRoles = false;
         }
         $this->Form->setFormValue('RoleID', $RoleIDs);
     } else {
         $SaveRoles = false;
         $SaveRolesRegister = false;
     }
     if ($UserID) {
         // The user is already connected.
         $this->Form->setFormValue('UserID', $UserID);
         if (c('Garden.Registration.ConnectSynchronize', true)) {
             $User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY);
             $Data = $this->Form->formValues();
             // Don't overwrite the user photo if the user uploaded a new one.
             $Photo = val('Photo', $User);
             if (!val('Photo', $Data) || $Photo && !isUrl($Photo)) {
                 unset($Data['Photo']);
             }
             // Synchronize the user's data.
             $UserModel->save($Data, array('NoConfirmEmail' => true, 'FixUnique' => true, 'SaveRoles' => $SaveRoles));
         }
         // Always save the attributes because they may contain authorization information.
         if ($Attributes = $this->Form->getFormValue('Attributes')) {
             $UserModel->saveAttribute($UserID, $Attributes);
         }
         // Sign the user in.
         Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
         Gdn::userModel()->fireEvent('AfterSignIn');
         //         $this->_setRedirect(TRUE);
         $this->_setRedirect($this->Request->get('display') == 'popup');
     } elseif ($this->Form->getFormValue('Name') || $this->Form->getFormValue('Email')) {
         $NameUnique = c('Garden.Registration.NameUnique', true);
         $EmailUnique = c('Garden.Registration.EmailUnique', true);
         $AutoConnect = c('Garden.Registration.AutoConnect');
         if ($IsPostBack && $this->Form->getFormValue('ConnectName')) {
             $searchName = $this->Form->getFormValue('ConnectName');
         } else {
             $searchName = $this->Form->getFormValue('Name');
         }
         // Get the existing users that match the name or email of the connection.
         $Search = false;
         if ($searchName && $NameUnique) {
             $UserModel->SQL->orWhere('Name', $searchName);
             $Search = true;
         }
         if ($this->Form->getFormValue('Email') && ($EmailUnique || $AutoConnect)) {
             $UserModel->SQL->orWhere('Email', $this->Form->getFormValue('Email'));
             $Search = true;
         }
         if (is_numeric($UserSelect)) {
             $UserModel->SQL->orWhere('UserID', $UserSelect);
             $Search = true;
         }
         if ($Search) {
             $ExistingUsers = $UserModel->getWhere()->resultArray();
         } else {
             $ExistingUsers = array();
         }
         // Check to automatically link the user.
         if ($AutoConnect && count($ExistingUsers) > 0) {
             if ($IsPostBack && $this->Form->getFormValue('ConnectName')) {
                 $this->Form->setFormValue('Name', $this->Form->getFormValue('ConnectName'));
             }
             foreach ($ExistingUsers as $Row) {
                 if (strcasecmp($this->Form->getFormValue('Email'), $Row['Email']) === 0) {
                     $UserID = $Row['UserID'];
                     $this->Form->setFormValue('UserID', $UserID);
                     $Data = $this->Form->formValues();
                     if (c('Garden.Registration.ConnectSynchronize', true)) {
                         // Don't overwrite a photo if the user has already uploaded one.
                         $Photo = val('Photo', $Row);
                         if (!val('Photo', $Data) || $Photo && !stringBeginsWith($Photo, 'http')) {
                             unset($Data['Photo']);
                         }
                         $UserModel->save($Data, array('NoConfirmEmail' => true, 'FixUnique' => true, 'SaveRoles' => $SaveRoles));
                     }
                     if ($Attributes = $this->Form->getFormValue('Attributes')) {
                         $UserModel->saveAttribute($UserID, $Attributes);
                     }
                     // Save the userauthentication link.
                     $UserModel->saveAuthentication(array('UserID' => $UserID, 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')));
                     // Sign the user in.
                     Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
                     Gdn::userModel()->fireEvent('AfterSignIn');
                     //         $this->_setRedirect(TRUE);
                     $this->_setRedirect($this->Request->get('display') == 'popup');
                     $this->render();
                     return;
                 }
             }
         }
         $CurrentUserID = Gdn::session()->UserID;
         // Massage the existing users.
         foreach ($ExistingUsers as $Index => $UserRow) {
             if ($EmailUnique && $UserRow['Email'] == $this->Form->getFormValue('Email')) {
                 $EmailFound = $UserRow;
                 break;
             }
             if ($UserRow['Name'] == $this->Form->getFormValue('Name')) {
                 $NameFound = $UserRow;
             }
             if ($CurrentUserID > 0 && $UserRow['UserID'] == $CurrentUserID) {
                 unset($ExistingUsers[$Index]);
                 $CurrentUserFound = true;
             }
         }
         if (isset($EmailFound)) {
             // The email address was found and can be the only user option.
             $ExistingUsers = array($UserRow);
             $this->setData('NoConnectName', true);
         } elseif (isset($CurrentUserFound)) {
             $ExistingUsers = array_merge(array('UserID' => 'current', 'Name' => sprintf(t('%s (Current)'), Gdn::session()->User->Name)), $ExistingUsers);
         }
         if (!isset($NameFound) && !$IsPostBack) {
             $this->Form->setFormValue('ConnectName', $this->Form->getFormValue('Name'));
         }
         $this->setData('ExistingUsers', $ExistingUsers);
         if (UserModel::noEmail()) {
             $EmailValid = true;
         } else {
             $EmailValid = validateRequired($this->Form->getFormValue('Email'));
         }
         if ((!$UserSelect || $UserSelect == 'other') && $this->Form->getFormValue('Name') && $EmailValid && (!is_array($ExistingUsers) || count($ExistingUsers) == 0)) {
             // There is no existing user with the suggested name so we can just create the user.
             $User = $this->Form->formValues();
             $User['Password'] = randomString(50);
             // some password is required
             $User['HashMethod'] = 'Random';
             $User['Source'] = $this->Form->getFormValue('Provider');
             $User['SourceID'] = $this->Form->getFormValue('UniqueID');
             $User['Attributes'] = $this->Form->getFormValue('Attributes', null);
             $User['Email'] = $this->Form->getFormValue('ConnectEmail', $this->Form->getFormValue('Email', null));
             $UserID = $UserModel->register($User, array('CheckCaptcha' => false, 'ValidateEmail' => false, 'NoConfirmEmail' => true, 'SaveRoles' => $SaveRolesRegister));
             $User['UserID'] = $UserID;
             $this->Form->setValidationResults($UserModel->validationResults());
             if ($UserID) {
                 $UserModel->saveAuthentication(array('UserID' => $UserID, 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')));
                 $this->Form->setFormValue('UserID', $UserID);
                 $this->Form->setFormValue('UserSelect', false);
                 Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
                 Gdn::userModel()->fireEvent('AfterSignIn');
                 // Send the welcome email.
                 if (c('Garden.Registration.SendConnectEmail', false)) {
                     try {
                         $UserModel->sendWelcomeEmail($UserID, '', 'Connect', array('ProviderName' => $this->Form->getFormValue('ProviderName', $this->Form->getFormValue('Provider', 'Unknown'))));
                     } catch (Exception $Ex) {
                         // Do nothing if emailing doesn't work.
                     }
                 }
                 $this->_setRedirect(true);
             }
         }
     }
     // Save the user's choice.
     if ($IsPostBack) {
         // The user has made their decision.
         $PasswordHash = new Gdn_PasswordHash();
         if (!$UserSelect || $UserSelect == 'other') {
             // The user entered a username.
             $ConnectNameEntered = true;
             if ($this->Form->validateRule('ConnectName', 'ValidateRequired')) {
                 $ConnectName = $this->Form->getFormValue('ConnectName');
                 $User = false;
                 if (c('Garden.Registration.NameUnique')) {
                     // Check to see if there is already a user with the given name.
                     $User = $UserModel->getWhere(array('Name' => $ConnectName))->firstRow(DATASET_TYPE_ARRAY);
                 }
                 if (!$User) {
                     $this->Form->validateRule('ConnectName', 'ValidateUsername');
                 }
             }
         } else {
             // The user selected an existing user.
             $ConnectNameEntered = false;
             if ($UserSelect == 'current') {
                 if (Gdn::session()->UserID == 0) {
                     // This shouldn't happen, but a use could sign out in another browser and click submit on this form.
                     $this->Form->addError('@You were unexpectedly signed out.');
                 } else {
                     $UserSelect = Gdn::session()->UserID;
                 }
             }
             $User = $UserModel->getID($UserSelect, DATASET_TYPE_ARRAY);
         }
         if (isset($User) && $User) {
             // Make sure the user authenticates.
             if (!$User['UserID'] == Gdn::session()->UserID) {
                 if ($this->Form->validateRule('ConnectPassword', 'ValidateRequired', sprintf(t('ValidateRequired'), t('Password')))) {
                     try {
                         if (!$PasswordHash->checkPassword($this->Form->getFormValue('ConnectPassword'), $User['Password'], $User['HashMethod'], $this->Form->getFormValue('ConnectName'))) {
                             if ($ConnectNameEntered) {
                                 $this->Form->addError('The username you entered has already been taken.');
                             } else {
                                 $this->Form->addError('The password you entered is incorrect.');
                             }
                         }
                     } catch (Gdn_UserException $Ex) {
                         $this->Form->addError($Ex);
                     }
                 }
             }
         } elseif ($this->Form->errorCount() == 0) {
             // The user doesn't exist so we need to add another user.
             $User = $this->Form->formValues();
             $User['Name'] = $User['ConnectName'];
             $User['Password'] = randomString(50);
             // some password is required
             $User['HashMethod'] = 'Random';
             $UserID = $UserModel->register($User, array('CheckCaptcha' => false, 'NoConfirmEmail' => true, 'SaveRoles' => $SaveRolesRegister));
             $User['UserID'] = $UserID;
             $this->Form->setValidationResults($UserModel->validationResults());
             if ($UserID && c('Garden.Registration.SendConnectEmail', false)) {
                 // Send the welcome email.
                 $UserModel->sendWelcomeEmail($UserID, '', 'Connect', array('ProviderName' => $this->Form->getFormValue('ProviderName', $this->Form->getFormValue('Provider', 'Unknown'))));
             }
         }
         if ($this->Form->errorCount() == 0) {
             // Save the authentication.
             if (isset($User) && val('UserID', $User)) {
                 $UserModel->saveAuthentication(array('UserID' => $User['UserID'], 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')));
                 $this->Form->setFormValue('UserID', $User['UserID']);
             }
             // Sign the appropriate user in.
             Gdn::session()->start($this->Form->getFormValue('UserID'), true, (bool) $this->Form->getFormValue('RememberMe', true));
             Gdn::userModel()->fireEvent('AfterSignIn');
             $this->_setRedirect(true);
         }
     }
     $this->render();
 }
Ejemplo n.º 2
0
 /**
  * SSO facilitator page. Plugins use event `ConnectData` to complete SSO connections.
  *
  * Users only see this page for non-seamless connections that prompt them to finish connecting
  * by entering a username and/or password (and possibly email).
  *
  * @since 2.0.0
  * @access public
  *
  * @param string $Method Used to register multiple providers on ConnectData event.
  */
 public function connect($Method)
 {
     // Basic page setup.
     $this->addJsFile('entry.js');
     $this->View = 'connect';
     $this->addDefinition('Username already exists.', t('Username already exists.'));
     $this->addDefinition('Choose a name to identify yourself on the site.', t('Choose a name to identify yourself on the site.'));
     // Determine what step in the process we're at.
     $IsPostBack = $this->Form->isPostBack() && $this->Form->getFormValue('Connect', null) !== null;
     $UserSelect = $this->Form->getFormValue('UserSelect');
     /**
      * When a user is connecting through SSO she is prompted to choose a username.
      * If she chooses an existing username, she is prompted to enter the password to claim it.
      * Setting AllowConnect = false disables that workflow, forcing the user to choose a unique username.
      */
     $allowConnect = c('Garden.Registration.AllowConnect', true);
     $this->setData('AllowConnect', $allowConnect);
     $this->addDefinition('AllowConnect', $allowConnect);
     if (!$IsPostBack) {
         // Initialize data array that can be set by a plugin.
         $Data = ['Provider' => '', 'ProviderName' => '', 'UniqueID' => '', 'FullName' => '', 'Name' => '', 'Email' => '', 'Photo' => '', 'Target' => $this->target()];
         $this->Form->setData($Data);
         $this->Form->addHidden('Target', $this->Request->get('Target', '/'));
     }
     // SSO providers can check to see if they are being used and modify the data array accordingly.
     $this->EventArguments = [$Method];
     // Filter the form data for users.
     // SSO plugins must reset validated data each postback.
     $currentData = $this->Form->formValues();
     $filteredData = Gdn::userModel()->filterForm($currentData, true);
     $filteredData = array_replace($filteredData, arrayTranslate($currentData, ['TransientKey', 'hpt']));
     unset($filteredData['Roles'], $filteredData['RoleID']);
     $this->Form->formValues($filteredData);
     // Fire ConnectData event & error handling.
     try {
         // Where your SSO plugin does magic.
         $this->EventArguments['Form'] = $this->Form;
         $this->fireEvent('ConnectData');
         $this->fireEvent('AfterConnectData');
     } catch (Gdn_UserException $Ex) {
         // Your SSO magic said no.
         $this->Form->addError($Ex);
         return $this->render('ConnectError');
     } catch (Exception $Ex) {
         // Your SSO magic blew up.
         if (debug()) {
             $this->Form->addError($Ex);
         } else {
             $this->Form->addError('There was an error fetching the connection data.');
         }
         return $this->render('ConnectError');
     }
     // Allow a provider to not send an email address but require one be manually entered.
     if (!UserModel::noEmail()) {
         $emailProvided = $this->Form->getFormValue('Email');
         $emailRequested = $this->Form->getFormValue('EmailVisible');
         if (!$emailProvided || $emailRequested) {
             $this->Form->setFormValue('EmailVisible', true);
             $this->Form->addHidden('EmailVisible', true);
             if ($IsPostBack) {
                 $this->Form->setFormValue('Email', val('Email', $currentData));
             }
         }
         if ($IsPostBack && $emailRequested) {
             $this->Form->validateRule('Email', 'ValidateRequired');
             $this->Form->validateRule('Email', 'ValidateEmail');
         }
     }
     // Make sure the minimum required data has been provided by the connection.
     if (!$this->Form->getFormValue('Provider')) {
         $this->Form->addError('ValidateRequired', t('Provider'));
     }
     if (!$this->Form->getFormValue('UniqueID')) {
         $this->Form->addError('ValidateRequired', t('UniqueID'));
     }
     if (!$this->data('Verified')) {
         // Whatever event handler catches this must set the data 'Verified' = true
         // to prevent a random site from connecting without credentials.
         // This must be done EVERY postback and is VERY important.
         $this->Form->addError(t('The connection data has not been verified.'));
     }
     // If we've accrued errors, stop here and show them.
     if ($this->Form->errorCount() > 0) {
         $this->render();
         return;
     }
     // Check if we need to sync roles
     if (($this->data('Trusted') || c('Garden.SSO.SyncRoles')) && $this->Form->getFormValue('Roles', null) !== null) {
         $SaveRoles = $SaveRolesRegister = true;
         // Translate the role names to IDs.
         $Roles = $this->Form->getFormValue('Roles', null);
         $Roles = RoleModel::getByName($Roles);
         $RoleIDs = array_keys($Roles);
         // Ensure user has at least one role.
         if (empty($RoleIDs)) {
             $RoleIDs = $this->UserModel->newUserRoleIDs();
         }
         // Allow role syncing to only happen on first connect.
         if (c('Garden.SSO.SyncRolesBehavior') === 'register') {
             $SaveRoles = false;
         }
         $this->Form->setFormValue('RoleID', $RoleIDs);
     } else {
         $SaveRoles = false;
         $SaveRolesRegister = false;
     }
     $UserModel = Gdn::userModel();
     // Find an existing user associated with this provider & uniqueid.
     $Auth = $UserModel->getAuthentication($this->Form->getFormValue('UniqueID'), $this->Form->getFormValue('Provider'));
     $UserID = val('UserID', $Auth);
     // The user is already in the UserAuthentication table
     if ($UserID) {
         $this->Form->setFormValue('UserID', $UserID);
         // Update their info.
         if (c('Garden.Registration.ConnectSynchronize', true)) {
             $User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY);
             $Data = $this->Form->formValues();
             // Don't overwrite the user photo if the user uploaded a new one.
             $Photo = val('Photo', $User);
             if (!val('Photo', $Data) || $Photo && !isUrl($Photo)) {
                 unset($Data['Photo']);
             }
             // Synchronize the user's data.
             $UserModel->save($Data, ['NoConfirmEmail' => true, 'FixUnique' => true, 'SaveRoles' => $SaveRoles]);
             $this->EventArguments['UserID'] = $UserID;
             $this->fireEvent('AfterConnectSave');
         }
         // Always save the attributes because they may contain authorization information.
         if ($Attributes = $this->Form->getFormValue('Attributes')) {
             $UserModel->saveAttribute($UserID, $Attributes);
         }
         // Sign the user in.
         Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
         Gdn::userModel()->fireEvent('AfterSignIn');
         // Send them on their way.
         $this->_setRedirect(Gdn::request()->get('display') === 'popup');
         // If a name of email has been provided
     } elseif ($this->Form->getFormValue('Name') || $this->Form->getFormValue('Email')) {
         // Decide how to handle our first time connecting.
         $NameUnique = c('Garden.Registration.NameUnique', true);
         $EmailUnique = c('Garden.Registration.EmailUnique', true);
         $AutoConnect = c('Garden.Registration.AutoConnect');
         // Decide which name to search for.
         if ($IsPostBack && $this->Form->getFormValue('ConnectName')) {
             $searchName = $this->Form->getFormValue('ConnectName');
         } else {
             $searchName = $this->Form->getFormValue('Name');
         }
         // Find existing users that match the name or email of the connection.
         // First, discover if we have search criteria.
         $Search = false;
         $ExistingUsers = [];
         if ($searchName && $NameUnique) {
             $UserModel->SQL->orWhere('Name', $searchName);
             $Search = true;
         }
         if ($this->Form->getFormValue('Email') && ($EmailUnique || $AutoConnect)) {
             $UserModel->SQL->orWhere('Email', $this->Form->getFormValue('Email'));
             $Search = true;
         }
         if (is_numeric($UserSelect)) {
             $UserModel->SQL->orWhere('UserID', $UserSelect);
             $Search = true;
         }
         // Now do the search if we found some criteria.
         if ($Search) {
             $ExistingUsers = $UserModel->getWhere()->resultArray();
         }
         // Get the email and decide if we can safely find a match.
         $submittedEmail = $this->Form->getFormValue('Email');
         $canMatchEmail = strlen($submittedEmail) > 0 && !UserModel::noEmail();
         // Check to automatically link the user.
         if ($AutoConnect && count($ExistingUsers) > 0) {
             if ($IsPostBack && $this->Form->getFormValue('ConnectName')) {
                 $this->Form->setFormValue('Name', $this->Form->getFormValue('ConnectName'));
             }
             if ($canMatchEmail) {
                 // Check each existing user for an exact email match.
                 foreach ($ExistingUsers as $Row) {
                     if (strcasecmp($submittedEmail, $Row['Email']) === 0) {
                         // Add the UserID to the form, then get the unified user data set from it.
                         $UserID = $Row['UserID'];
                         $this->Form->setFormValue('UserID', $UserID);
                         $Data = $this->Form->formValues();
                         // User synchronization.
                         if (c('Garden.Registration.ConnectSynchronize', true)) {
                             // Don't overwrite a photo if the user has already uploaded one.
                             $Photo = val('Photo', $Row);
                             if (!val('Photo', $Data) || $Photo && !stringBeginsWith($Photo, 'http')) {
                                 unset($Data['Photo']);
                             }
                             // Update the user.
                             $UserModel->save($Data, ['NoConfirmEmail' => true, 'FixUnique' => true, 'SaveRoles' => $SaveRoles]);
                             $this->EventArguments['UserID'] = $UserID;
                             $this->fireEvent('AfterConnectSave');
                         }
                         // Always save the attributes because they may contain authorization information.
                         if ($Attributes = $this->Form->getFormValue('Attributes')) {
                             $UserModel->saveAttribute($UserID, $Attributes);
                         }
                         // Save the user authentication association.
                         $UserModel->saveAuthentication(['UserID' => $UserID, 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')]);
                         // Sign the user in.
                         Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
                         Gdn::userModel()->fireEvent('AfterSignIn');
                         $this->_setRedirect(Gdn::request()->get('display') === 'popup');
                         $this->render();
                         return;
                     }
                 }
             }
         }
         // Did not autoconnect!
         // Explore alternatives for a first-time connection.
         // This will be zero for a guest.
         $CurrentUserID = Gdn::session()->UserID;
         // Evaluate the existing users for matches.
         foreach ($ExistingUsers as $Index => $UserRow) {
             if ($EmailUnique && $canMatchEmail && $UserRow['Email'] == $submittedEmail) {
                 // An email match overrules any other options.
                 $EmailFound = $UserRow;
                 break;
             }
             // Detect a simple name match.
             if ($UserRow['Name'] == $this->Form->getFormValue('Name')) {
                 $NameFound = $UserRow;
             }
             // Detect if we have a match on the current user session.
             if ($CurrentUserID > 0 && $UserRow['UserID'] == $CurrentUserID) {
                 unset($ExistingUsers[$Index]);
                 $CurrentUserFound = true;
             }
         }
         // Handle special cases for what we matched on.
         if (isset($EmailFound)) {
             // The email address was found and can be the only user option.
             $ExistingUsers = [$UserRow];
             $this->setData('NoConnectName', true);
         } elseif (isset($CurrentUserFound)) {
             // If we're already logged in to Vanilla, assume that's an option we want.
             $ExistingUsers = array_merge(['UserID' => 'current', 'Name' => sprintf(t('%s (Current)'), Gdn::session()->User->Name)], $ExistingUsers);
         }
         // Pre-populate our ConnectName field with the passed name if we couldn't match it.
         if (!isset($NameFound) && !$IsPostBack) {
             $this->Form->setFormValue('ConnectName', $this->Form->getFormValue('Name'));
         }
         // Block connecting to an existing user if it's disallowed.
         if (!$allowConnect) {
             // Make sure photo of existing user doesn't show on the form.
             $this->Form->setFormValue("Photo", null);
             // Ignore existing users found.
             $ExistingUsers = [];
         }
         // Set our final answer on matched users.
         $this->setData('ExistingUsers', $ExistingUsers);
         // Validate our email address if we have one.
         if (UserModel::noEmail()) {
             $emailValid = true;
         } else {
             $emailValid = validateRequired($this->Form->getFormValue('Email'));
         }
         // Set some nice variable names for logic clarity.
         $noMatches = !is_array($ExistingUsers) || count($ExistingUsers) == 0;
         $didNotPickUser = !$UserSelect || $UserSelect == 'other';
         $haveName = $this->Form->getFormValue('Name');
         // Should we create a new user?
         if ($didNotPickUser && $haveName && $emailValid && $noMatches) {
             // Create the user.
             $User = $this->Form->formValues();
             $User['Password'] = randomString(16);
             // Required field.
             $User['HashMethod'] = 'Random';
             $User['Source'] = $this->Form->getFormValue('Provider');
             $User['SourceID'] = $this->Form->getFormValue('UniqueID');
             $User['Attributes'] = $this->Form->getFormValue('Attributes', null);
             $User['Email'] = $this->Form->getFormValue('ConnectEmail', $this->Form->getFormValue('Email', null));
             $User['Name'] = $this->Form->getFormValue('ConnectName', $this->Form->getFormValue('Name', null));
             $UserID = $UserModel->register($User, ['CheckCaptcha' => false, 'ValidateEmail' => false, 'NoConfirmEmail' => true, 'SaveRoles' => $SaveRolesRegister]);
             $User['UserID'] = $UserID;
             $this->EventArguments['UserID'] = $UserID;
             $this->fireEvent('AfterConnectSave');
             $this->Form->setValidationResults($UserModel->validationResults());
             // Save the association to the new user.
             if ($UserID) {
                 $UserModel->saveAuthentication(['UserID' => $UserID, 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')]);
                 $this->Form->setFormValue('UserID', $UserID);
                 $this->Form->setFormValue('UserSelect', false);
                 // Sign in as the new user.
                 Gdn::session()->start($UserID, true, (bool) $this->Form->getFormValue('RememberMe', true));
                 Gdn::userModel()->fireEvent('AfterSignIn');
                 // Send the welcome email.
                 if (c('Garden.Registration.SendConnectEmail', false)) {
                     try {
                         $providerName = $this->Form->getFormValue('ProviderName', $this->Form->getFormValue('Provider', 'Unknown'));
                         $UserModel->sendWelcomeEmail($UserID, '', 'Connect', ['ProviderName' => $providerName]);
                     } catch (Exception $Ex) {
                         // Do nothing if emailing doesn't work.
                     }
                 }
                 // Move along.
                 $this->_setRedirect(Gdn::request()->get('display') === 'popup');
             }
         }
     }
     // Finished our connection logic.
     // Save the user's choice.
     if ($IsPostBack) {
         $PasswordHash = new Gdn_PasswordHash();
         if (!$UserSelect || $UserSelect == 'other') {
             // The user entered a username. Validate it.
             $ConnectNameEntered = true;
             if ($this->Form->validateRule('ConnectName', 'ValidateRequired')) {
                 $ConnectName = $this->Form->getFormValue('ConnectName');
                 $User = false;
                 if (c('Garden.Registration.NameUnique')) {
                     // Check to see if there is already a user with the given name.
                     $User = $UserModel->getWhere(array('Name' => $ConnectName))->firstRow(DATASET_TYPE_ARRAY);
                 }
                 if (!$User) {
                     // Using a new username, so validate it.
                     $this->Form->validateRule('ConnectName', 'ValidateUsername');
                 }
             }
         } else {
             // The user selected an existing user.
             $ConnectNameEntered = false;
             if ($UserSelect == 'current') {
                 if (Gdn::session()->UserID == 0) {
                     // This should never happen, but a user could click submit on a stale form.
                     $this->Form->addError('@You were unexpectedly signed out.');
                 } else {
                     $UserSelect = Gdn::session()->UserID;
                 }
             }
             $User = $UserModel->getID($UserSelect, DATASET_TYPE_ARRAY);
         }
         // End user selection.
         if (isset($User) && $User) {
             // Make sure the user authenticates.
             if (!$User['UserID'] == Gdn::session()->UserID && $allowConnect) {
                 $hasPassword = $this->Form->validateRule('ConnectPassword', 'ValidateRequired', sprintf(t('ValidateRequired'), t('Password')));
                 if ($hasPassword) {
                     // Validate their password.
                     try {
                         $password = $this->Form->getFormValue('ConnectPassword');
                         $name = $this->Form->getFormValue('ConnectName');
                         if (!$PasswordHash->checkPassword($password, $User['Password'], $User['HashMethod'], $name)) {
                             if ($ConnectNameEntered) {
                                 $this->Form->addError('The username you entered has already been taken.');
                             } else {
                                 $this->Form->addError('The password you entered is incorrect.');
                             }
                         }
                     } catch (Gdn_UserException $Ex) {
                         $this->Form->addError($Ex);
                     }
                 }
             }
         } elseif ($this->Form->errorCount() == 0) {
             // The user doesn't exist so we need to add another user.
             $User = $this->Form->formValues();
             $User['Name'] = $User['ConnectName'];
             $User['Password'] = randomString(16);
             // Required field.
             $User['HashMethod'] = 'Random';
             $UserID = $UserModel->register($User, ['CheckCaptcha' => false, 'NoConfirmEmail' => true, 'SaveRoles' => $SaveRolesRegister]);
             $User['UserID'] = $UserID;
             $this->EventArguments['UserID'] = $UserID;
             $this->fireEvent('AfterConnectSave');
             $this->Form->setValidationResults($UserModel->validationResults());
             // Send the welcome email.
             if ($UserID && c('Garden.Registration.SendConnectEmail', false)) {
                 $providerName = $this->Form->getFormValue('ProviderName', $this->Form->getFormValue('Provider', 'Unknown'));
                 $UserModel->sendWelcomeEmail($UserID, '', 'Connect', ['ProviderName' => $providerName]);
             }
         }
         // Save the user authentication association.
         if ($this->Form->errorCount() == 0) {
             if (isset($User) && val('UserID', $User)) {
                 $UserModel->saveAuthentication(['UserID' => $User['UserID'], 'Provider' => $this->Form->getFormValue('Provider'), 'UniqueID' => $this->Form->getFormValue('UniqueID')]);
                 $this->Form->setFormValue('UserID', $User['UserID']);
             }
             // Sign the user in.
             Gdn::session()->start($this->Form->getFormValue('UserID'), true, (bool) $this->Form->getFormValue('RememberMe', true));
             Gdn::userModel()->fireEvent('AfterSignIn');
             // Move along.
             $this->_setRedirect(Gdn::request()->get('display') === 'popup');
         }
     }
     // End of user choice processing.
     $this->render();
 }