/**
* Patch an entity.
*
* @param string $id
* @param Request $request
* @return Response
*/
public function patchOne(Request $request, $id)
{
/** @var User $model */
$model = $this->findOrFailEntity($id);
// Check if the email is being changed, and initialize confirmation
$email = $request->get('email');
if ($email && $model->email != $email) {
$emailConfirmToken = $model->createEmailConfirmToken($email, $model->email);
$loginToken = $model->makeLoginToken($model->user_id);
$this->dispatch(new SendEmailConfirmationEmail($model, $email, $emailConfirmToken, $loginToken));
$request->merge(['email_confirmed' => null]);
}
// Change in email has been confirmed, set the new email
if ($token = $request->headers->get('email-confirm-token')) {
if (!($email = $model->getEmailFromToken($token))) {
throw new ValidationException(new MessageBag(['email_confirmed' => 'The email confirmation token is not valid.']));
} else {
$model->email = $email;
}
}
$this->checkEntityIdMatchesRoute($request, $id, $this->getModel(), false);
$this->validateRequest($request->except('email'), $this->getValidationRules(), true);
$model->fill($request->except('email'));
$model->save();
// Extract the profile and update if necessary
$profileUpdateDetails = $request->get('_user_profile', []);
if (!empty($profileUpdateDetails)) {
/** @var UserProfile $profile */
$profile = UserProfile::findOrNew($id);
// The user profile may not exist for the user
$this->validateRequest($profileUpdateDetails, UserProfile::getValidationRules(), $profile->exists);
$profile->fill($profileUpdateDetails);
$model->setProfile($profile);
}
/** @var \Tymon\JWTAuth\JWTAuth $jwtAuth */
// Extract the credentials and update if necessary
$credentialUpdateDetails = $request->get('_user_credential', []);
if (!empty($credentialUpdateDetails)) {
$credentials = UserCredential::findOrNew($id);
/** @var UserCredential $credentials */
$credentials->fill($credentialUpdateDetails);
$model->setCredential($credentials);
}
$jwtAuth = App::make('Tymon\\JWTAuth\\JWTAuth');
$token = $jwtAuth->fromUser($model);
return $this->getResponse()->header('Authorization-Update', $token)->noContent();
}
public function testPatchOneBySelfUserPassword()
{
$user = $this->createUser(['user_type' => 'guest']);
$userToUpdate = $user;
$token = $this->tokenFromUser($user);
$update = ['_userCredential' => ['password' => 'foobarfoobar']];
$this->patch('/users/' . $userToUpdate->user_id, $update, ['HTTP_AUTHORIZATION' => 'Bearer ' . $token]);
$updatedCredentials = UserCredential::find($userToUpdate->user_id);
$this->assertResponseStatus(204);
$this->assertResponseHasNoContent();
$this->assertTrue(Hash::check('foobarfoobar', $updatedCredentials->password));
}
