/**
* Prevents Association of not owned resource.
*
* @param \Core\Modules\Router\Request $request Request object.
*
* @return void
*/
private function preventAssociationOfNotOwnedResource(Request $request)
{
foreach ($this->attributes as $attribute => $options) {
if ($request->post($attribute)) {
$association = $this->resource->getAssociationMetaDataByKey($attribute);
if (!$association && isset($this->resource->hasAndBelongsToMany[$attribute])) {
$association = $this->resource->hasAndBelongsToMany[$attribute];
}
if ($association && $this->user->owns($association['class_name'])) {
if (!Helpers\Ownership::checkIds($request->post($attribute), $association['class_name'])) {
$this->resource->setError($attribute, 'not_exists');
}
}
}
}
}
/**
* Reset access action.
*
* @param Request $request Current router request.
*
* @return void
*/
public function renew(Request $request)
{
$user = Models\CMSUser::find()->where('DATE_ADD(updated_on, INTERVAL 60 MINUTE) > UTC_TIMESTAMP() AND SHA1(CONCAT(password, ?, email)) = ?', array(Core\Config()->USER_AUTH['cookie_salt'], $request->get('id')))->first();
if ($user) {
$new_password = Core\Utils::generatePassword(10);
if ($user->save(array('password' => $new_password), true)) {
$this->new_password = $new_password;
}
} else {
$request->redirectTo(array('controller' => 'authentication'));
}
}
