/**
* This completes the credential reset process.
*
* @param type $code
* @param type $data
* @return type
*/
public function update($id, $data)
{
$documentManager = $this->options->getDocumentManager();
$token = $documentManager->createQueryBuilder($this->options->getDocumentClass())->field('code')->equals($id)->field('expires')->gt(new \DateTime())->getQuery()->getSingleResult();
if (!isset($token)) {
throw new Exception\DocumentNotFoundException();
}
$identity = $documentManager->getRepository($this->options->getIdentityClass())->findOneBy(['identityName' => $token->getIdentityName()]);
$identity->setCredential($data['credential']);
//need to trick AccessControl to allow update even though there is no authenticated identity
$accessControlIdentity = new Identity();
$accessControlIdentity->addRole('forgotCredentialController');
$serviceLocator = $this->options->getServiceLocator();
$serviceLocator->setService('identity', $accessControlIdentity);
$serviceLocator->get('accesscontroller')->resetRoles(true);
$documentManager->remove($token);
$this->flush();
$this->response->setStatusCode(204);
return $this->response;
}
public function addRole($role)
{
$this->__load();
return parent::addRole($role);
}
