public function executeLogout()
{
CMSBackendAuth::getInstance()->logout();
$this->redirect($this->createUrl('/'));
}
/**
* @param $resource
* @return bool
*/
public function isAllowed($resource)
{
$instance = CMSBackendAuth::getInstance();
if (!$instance->isCMSBackendAuthenticated()) {
return false;
}
/* if user is god */
if ($instance->getUser()->getId() == 1) {
return true;
}
if (!$resource || $resource == null) {
return false;
}
return true;
// return Permission::getInstance()->isAllowed($resource);
}
/**
* Change password, XHR request
*
* POST /user/change_pass
* @return string
*/
public function executeChangePass()
{
$current = $this->post('current_pass');
$new = $this->post('new_pass');
$confirm = $this->post('confirm_pass');
$user = $this->getSessionUser();
$error = [];
if ($new != $confirm) {
$error['confirm'] = t('Confirm password not match!');
}
if ($user->getPassword() != \Users::hashPassword($current, $user->getPassword())) {
$error['current_pass'] = t('Current password not valid!');
}
$ajax = new \AjaxResponse();
$ajax->type = \AjaxResponse::ERROR;
if (!empty($error)) {
$ajax->message = t('Lỗi');
$ajax->error = $error;
return $this->renderText($ajax->toString());
}
//everything ok
$user->setPassword(\Users::hashPassword($new, $user->getPassword()));
//reset password but keep salt
if ($user->save(false)) {
//quick save
$ajax->type = \AjaxResponse::SUCCESS;
$ajax->message = t('Password was change. Plz login again with new password!');
CMSBackendAuth::getInstance()->logout();
} else {
$ajax->message = t('Something went wrong, plz try again. Thanks!');
}
return $this->renderText($ajax->toString());
}
public function end()
{
\CMSBackend\Library\MobileMenu::addMenu($this->items);
return $this->render(array('user' => CMSBackendAuth::getInstance()->getUser(), 'items' => $this->items, 'deep' => $this->deep));
}
