/** * Check if the given password is correct (is the logged user password). * * @static * @author Krzysztof Trzos * @access public * @param string $sPassword * @return boolean * @since 1.0.0, 2015-01-26 * @version 1.0.0, 2015-01-26 */ public static function passConfirm($sPassword) { $oLoggedUser = \Model\User::getLoggedUser(); $sPasswordToCompare = $oLoggedUser->getPassword(); $sEncrypted = \Model\User::encryptPassword($oLoggedUser->getLogin(), $sPassword); if ($sEncrypted === $sPasswordToCompare) { return TRUE; } else { return __('Wrong password passed. Try again.'); } }
/** * Reset logged user permissions. * * @static * @return array * @since 1.0.0, 2015-01-10 * @version 2.1.0-dev */ public static function reset() { $oUser = \Model\User::getLoggedUser(); $aPermissions = []; foreach ($oUser->getRoles() as $oRole) { /* @var $oRole \Model\User\Role */ foreach ($oRole->getPermissions() as $oPermission) { /* @var $oPermission \Model\User\Permission */ $aPermissions[$oPermission->getName()] = $oPermission->getName(); } } static::setPerms($aPermissions); return $aPermissions; }
/** * Create \Model\File instance on the basis of sent form data. * * @access private * @param array $dataBatch * @return \Model\File * @since 1.0.0-alpha * @version 1.0.0-alpha */ private function createFileBySentData($dataBatch) { $oLoggedUser = User::getLoggedUser(); $aExplodedFile = explode('.', $dataBatch['name']); $sPath = PATH_TEMP . 'form_files' . DS . $this->getFormObject()->getName() . DS . $this->getName(); $sPath = str_replace([PATH_PUBLIC, DS], ['', '/'], $sPath); $oFileManager = \FileManager::factory(); $oFileManager->prepareDir($sPath); $oFileManager->parseFileData($dataBatch, $aExplodedFile[0]); $oFileManager->upload($sPath, FileManager::UPLOAD_SAVE_BOTH); $oFile = new \Model\File(); $oFile->setPath($sPath); $oFile->setSize($dataBatch['size']); $oFile->setExt($oFileManager->getExt()); $oFile->setName($oFileManager->getName()); $oFile->setMime($oFileManager->getMime()); $oFile->setStatus(0); if ($oLoggedUser !== NULL) { $oFile->setAuthor($oLoggedUser); } return $oFile; }
/** * Method in which can do some operations before saving to database. * * @access protected * @param Form $form * @since 1.0.0-alpha * @version 1.0.0-alpha */ protected function beforeSave(Form &$form) { if ($this->getModel()->hasLocales()) { $aDoNotSaveFor = array_diff(Core::getLanguages(), $form->getCheckedLanguages()); foreach ($aDoNotSaveFor as $sLang) { $this->getModel()->removeLocales($sLang); } } if (property_exists($this->getModel(), 'author') && !$this->getModel()->getAuthor() instanceof User) { $this->getModel()->setAuthor(User::getLoggedUser()); } if (property_exists($this->getModel(), 'modification_date')) { $this->getModel()->updateModificationDate(); } }
/** * Check permissions for * * @static * @access public * @param string $sType * @throws Exception\Code403 * @since 1.0.0-alpha * @version 1.0.0-alpha */ public function checkPermissions($sType) { switch ($sType) { case 'add': if (!\UserPermissions::hasPerm(static::getPermissionPrefix() . 'add')) { throw new Exception\Code403(__('Permission denied.')); } break; case 'edit': case 'delete': if (!\UserPermissions::hasPerm(static::getPermissionPrefix() . 'edit_all') && $this->getModel()->hasField('author')) { $iAuthorID = $this->getModel()->getAuthor()->getId(); $oUser = User::getLoggedUser(); if (!\UserPermissions::hasPerm(static::getPermissionPrefix() . 'edit_all') || $iAuthorID != $oUser->getId()) { throw new Exception\Code403(__('Access denied.')); } } break; } }
/** * ACTION - Change user password. * * @access public * @return View * @since 1.3.0, 2015-01-27 * @version 1.0.2-dev, 2015-03-02 */ public function actionChangePassword() { if (!Model\User::isLogged()) { Router::relocateToRoute('home'); } // get user $oUser = Model\User::getLoggedUser(); /* create form instance */ $oModelFormConfig = ModelFormConfig::factory()->setFieldsRestriction(['password'])->setMessage(__('Password changed successfully.')); $oModelForm = $oUser->form('user_profile', $oModelFormConfig); $oForm = $oModelForm->generate(); // add local actions Router\LocalActions::addLocalAction(__('View profile'), 'user_password_change', 'user_profile')->setParameters(['id' => $oUser->getId()]); Router\LocalActions::addLocalAction(__('Edit profile'), 'user_password_change', 'user_profile_edit'); // return profile modification form return View::factory('base/form')->bind('oForm', $oForm); }