protected function model()
{
$mySelf = $this->session->user();
$user = $this->user;
/** @var UserModel $user */
if ($this->editingSelf) {
$id = $mySelf->idField();
$f = $user->findById($id);
if (!$f) {
throw new FatalException("User {$id} not found");
}
} else {
$myRole = $mySelf->roleField();
$id = $this->request->getAttribute("@id");
if ($id) {
$f = $user->findById($id);
if (!$f) {
throw new FatalException("User {$id} not found");
}
}
if ($myRole < UserInterface::USER_ROLE_ADMIN && $mySelf->idField() != $user->idField()) {
// Can't edit other users.
throw new HttpException(403);
}
if ($user->roleField() > $myRole) {
// Can't edit a user with a higher role.
throw new HttpException(403);
}
}
// Set a default role for a new user.
if (!exists($user->roleField())) {
$user->roleField($this->adminSettings->defaultRole());
}
$login = ['id' => null, 'username' => $user->usernameField(), 'realName' => $user->realNameField(), 'password' => strlen($user->passwordField()) || $id ? self::DUMMY_PASS : '', 'active' => $user->activeField(), 'role' => $user->roleField()];
$this->modelController->setModel($login);
}
