/** * Finds the User model based on its primary key value. * If the model is not found, a 404 HTTP exception will be thrown. * @param integer $id * @return User the loaded model * @throws NotFoundHttpException if the model cannot be found */ protected function findModel($id) { if (($model = User::findOne($id)) !== null) { return $model; } else { throw new NotFoundHttpException(Yii::t('gromver.platform', 'The requested page does not exist.')); } }
/** * Finds the User model based on its primary key value. * If the model is not found, a 404 HTTP exception will be thrown. * @param integer $id * @return User the loaded model * @throws ForbiddenHttpException * @throws NotFoundHttpException if the model cannot be found */ protected function findModel($id) { /** @var $model User */ if (($model = User::findOne($id)) !== null) { // проверка на суперадминство if ($model->getIsSuperAdmin() && $model->id != Yii::$app->user->id) { throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.')); } // проверка на право админить данного пользователя if (!Yii::$app->user->can('administrateUser', ['user' => $model])) { throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.')); } return $model; } else { throw new NotFoundHttpException(Yii::t('gromver.platform', 'The requested page does not exist.')); } }
private function sendPasswordResetEmail($email) { /** @var User $user */ $user = User::findOne(['status' => User::STATUS_ACTIVE, 'email' => $email]); if (!$user) { return false; } //$user->password_reset_token = Yii::$app->security->generateRandomString(); $user->generatePasswordResetToken(); if ($user->save(false)) { /** @var \gromver\platform\core\modules\auth\Module $authModule */ $authModule = $this->module; $mailer = Instance::ensure($authModule->mailer, BaseMailer::className()); return $mailer->compose($authModule->emailLayoutPasswordResetToken, ['user' => $user])->setFrom(Yii::$app->supportEmail)->setTo($user->email)->setSubject(Yii::t('gromver.platform', 'Password reset for {name}.', ['name' => isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']]))->send(); } return false; }