/**
* @before _secured, _admin
* @param type $id
*/
public function edit($id)
{
$view = $this->getActionView();
$user = App_Model_User::first(array('id = ?' => (int) $id));
if (NULL === $user) {
$view->warningMessage(self::ERROR_MESSAGE_2);
$this->_willRenderActionView = false;
self::redirect('/admin/user/');
} elseif ($user->role == 'role_superadmin' && $this->getUser()->getRole() != 'role_superadmin') {
$view->warningMessage(self::ERROR_MESSAGE_4);
$this->_willRenderActionView = false;
self::redirect('/admin/user/');
}
$dogs = App_Model_Dog::fetchAllDogsByUserId($user->getId());
$view->set('user', $user)->set('dogs', $dogs);
if (RequestMethods::post('submitEditUser')) {
if ($this->checkCSRFToken() !== true) {
self::redirect('/admin/user/');
}
$errors = array();
if (RequestMethods::post('password') !== RequestMethods::post('password2')) {
$errors['password2'] = array('Hesla se neshodují');
}
if (RequestMethods::post('email') != $user->email) {
$email = App_Model_User::first(array('email = ?' => RequestMethods::post('email', $user->email)), array('email'));
if ($email) {
$errors['email'] = array('Tento email je již použit');
}
}
$pass = RequestMethods::post('password');
if ($pass === null || $pass == '') {
$salt = $user->getSalt();
$hash = $user->getPassword();
} else {
$salt = PasswordManager::createSalt();
$hash = PasswordManager::hashPassword($pass, $salt);
}
if ($user->imgMain == '') {
$cfg = Registry::get('configuration');
$fileManager = new FileManager(array('thumbWidth' => $cfg->thumb_width, 'thumbHeight' => $cfg->thumb_height, 'thumbResizeBy' => $cfg->thumb_resizeby, 'maxImageWidth' => $cfg->photo_maxwidth, 'maxImageHeight' => $cfg->photo_maxheight));
$photoNameRaw = RequestMethods::post('firstname') . '-' . RequestMethods::post('lastname');
$photoName = $this->_createUrlKey($photoNameRaw);
$fileErrors = $fileManager->uploadBase64Image(RequestMethods::post('croppedimage'), $photoName, 'members', time() . '_')->getUploadErrors();
$files = $fileManager->getUploadedFiles();
if (!empty($files)) {
foreach ($files as $i => $file) {
if ($file instanceof \THCFrame\Filesystem\Image) {
$imgMain = trim($file->getFilename(), '.');
$imgThumb = trim($file->getThumbname(), '.');
break;
}
}
} else {
$errors['croppedimage'] = $fileErrors;
}
} else {
$imgMain = $user->imgMain;
$imgThumb = $user->imgThumb;
}
$user->firstname = RequestMethods::post('firstname');
$user->lastname = RequestMethods::post('lastname');
$user->email = RequestMethods::post('email');
$user->password = $hash;
$user->salt = $salt;
$user->imgMain = $imgMain;
$user->imgThumb = $imgThumb;
$user->role = RequestMethods::post('role', $user->getRole());
$user->active = RequestMethods::post('active');
if (empty($errors) && $user->validate()) {
$user->save();
Event::fire('admin.log', array('success', 'User id: ' . $id));
$view->successMessage(self::SUCCESS_MESSAGE_2);
self::redirect('/admin/user/');
} else {
Event::fire('admin.log', array('fail', 'User id: ' . $id));
$view->set('errors', $errors + $user->getErrors());
}
}
}
/**
* Force password reset for user
*
* @param type $newPassword
* @return boolean
*/
public function forceResetPassword($newPassword)
{
$this->salt = PasswordManager::createSalt();
$this->password = PasswordManager::hashPassword($newPassword, $this->getSalt);
if ($this->validate()) {
$this->save();
return true;
} else {
return false;
}
}
/**
* Main authentication method which is used for user authentication
* based on two credentials such as username and password. These login
* credentials are set in database.
*
* @param string $name Username or email
* @param string $pass Password
*/
public function authenticate($name, $pass)
{
$errMessage = sprintf('%s and/or password are incorrect', ucfirst($this->_name));
$errMessageNotActive = 'Account is not active';
$user = \App_Model_User::first(array("{$this->_name} = ?" => $name));
if ($user === null) {
throw new Exception\UserNotExists($errMessage);
}
$passVerify = PasswordManager::validatePassword($pass, $user->getPassword(), $user->getSalt());
if ($passVerify === true) {
if ($user instanceof AdvancedUser) {
if (!$user->isActive()) {
throw new Exception\UserInactive($errMessageNotActive);
} elseif ($user->isAccountExpired()) {
throw new Exception\UserExpired($errMessage);
} elseif ($user->isPasswordExpired()) {
throw new Exception\UserPassExpired($errMessage);
} else {
$user->setLastLogin();
$user->setTotalLoginAttempts(0);
$user->setLastLoginAttempt(0);
$user->setFirstLoginAttempt(0);
$user->save();
$user->password = null;
$user->salt = null;
return $user;
}
} elseif ($user instanceof BasicUser) {
if (!$user->isActive()) {
throw new Exception\UserInactive($errMessageNotActive);
} else {
$user->setLastLogin();
$user->setTotalLoginAttempts(0);
$user->setLastLoginAttempt(0);
$user->setFirstLoginAttempt(0);
$user->save();
$user->password = null;
$user->salt = null;
return $user;
}
} else {
throw new Exception\Implementation(sprintf('%s is not implementing BasicUser', get_class($user)));
}
} else {
if ($this->_bruteForceDetection === true) {
if ($this->isBruteForce($user)) {
$identifier = $this->_name;
Core::getLogger()->log(sprintf('Brute Force Attack Detected for account %s', $user->{$identifier}));
throw new Exception\BruteForceAttack('WARNING: Brute Force Attack Detected. We Recommend you use captcha.');
} else {
throw new Exception\WrongPassword($errMessage);
}
} else {
throw new Exception\WrongPassword($errMessage);
}
}
}
