/** * Gets the first user that is an admin * @return User The admin user, if present */ private function FirstAdmin() { $sql = Access::SqlBuilder(); $tblUser = User::Schema()->Table(); $where = $sql->Equals($tblUser->Field('IsAdmin'), $sql->Value(true)); $orderBy = $sql->OrderList($sql->OrderAsc($tblUser->Field('ID'))); return User::Schema()->First($where, $orderBy); }
/** * Gets and checks the requested user * @return boolean False if processing can continue */ protected function BeforeInit() { $this->user = User::Schema()->ByID(Request::GetData('user')); if (!$this->user || !self::Guard()->Allow(BackendAction::AssignGroups(), $this->user)) { //TODO: Error message Response::Redirect(BackendRouter::ModuleUrl(new UserList())); } return parent::BeforeInit(); }
/** * * Verifies access data and saves current user if successful * @param data Array containing 'Name' and 'Password' as keys with values * @param $dontSave If true, user is not saved in session (logged in) * @return bool */ function Verify($data, $dontSave = false) { if (!isset($data['Password']) || !isset($data['Name'])) { return false; } $name = $data['Name']; $user = User::Schema()->ByName($name); if ($user) { $password = $data['Password']; $pwHash = hash('sha256', $password . $user->GetPasswordSalt()); if ($pwHash == $user->GetPassword()) { if (!$dontSave) { $this->user = $user; $_SESSION[self::$sessionParam] = $this->user->GetID(); } return true; } } return false; }
/** * Gets the site for removal if delete id is posted * @return User */ protected function RemovalObject() { $id = Request::PostData('delete'); return $id ? User::Schema()->ByID($id) : null; }