/**
* @Request({"user": "******"}, csrf=true)
*/
public function saveAction($data)
{
if (!$this->user->isAuthenticated()) {
$this->getApplication()->abort(404);
}
try {
$user = $this->users->find($this->user->getId());
$name = trim(@$data['name']);
$email = trim(@$data['email']);
$passNew = @$data['password_new'];
$passOld = @$data['password_old'];
if (strlen($name) < 3) {
throw new Exception(__('Name is invalid.'));
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new Exception(__('Email is invalid.'));
}
if ($this->users->where(['email = ?', 'id <> ?'], [$email, $user->getId()])->first()) {
throw new Exception(__('Email not available.'));
}
if ($passNew) {
if (!$this['auth']->getUserProvider()->validateCredentials($this->user, ['password' => $passOld])) {
throw new Exception(__('Invalid Password.'));
}
if (trim($passNew) != $passNew || strlen($passNew) < 3) {
throw new Exception(__('New Password is invalid.'));
}
$user->setPassword($this['auth.password']->hash($passNew));
}
if ($email != $user->getEmail()) {
$user->set('verified', false);
}
$user->setName($name);
$user->setEmail($email);
$this['events']->dispatch('system.user.profile.save', new ProfileSaveEvent($user, $data));
$this->users->save($user);
$this['events']->dispatch('system.user.profile.saved', new ProfileSaveEvent($user, $data));
$this['message']->success(__('Profile updated.'));
} catch (Exception $e) {
$this['message']->error($e->getMessage());
}
return $this->redirect('@system/profile');
}
/**
* Gets the user roles.
*
* @param User $user
* @return array
*/
protected function getRoles(User $user = null)
{
$roles = $this->roles->where(['id <> ?'], [Role::ROLE_ANONYMOUS])->orderBy('priority')->get();
foreach ($roles as $role) {
if ($role->isAuthenticated()) {
$role->disabled = true;
}
if ($user && $user->getId() == $this['user']->getId() && $user->isAdministrator() && $role->isAdministrator()) {
$role->disabled = true;
}
}
return $roles;
}
/**
* {@inheritdoc}
*/
public function boot(Application $app)
{
if (!(isset($this['config']) ? $this['config']['app.debug'] : true)) {
$app['events']->addSubscriber(new ExceptionListener('Pagekit\\System\\Exception\\ExceptionController::showAction'));
}
$app['events']->addSubscriber(new AccessListener());
$app['events']->addSubscriber(new AdminMenuListener());
$app['events']->addSubscriber(new AliasListener());
$app['events']->addSubscriber(new AuthorizationListener());
$app['events']->addSubscriber(new CanonicalListener());
$app['events']->addSubscriber(new FrontpageListener());
$app['events']->addSubscriber(new LocaleListener());
$app['events']->addSubscriber(new LoginAttemptListener());
$app['events']->addSubscriber(new MaintenanceListener());
$app['events']->addSubscriber(new MenuListener());
$app['events']->addSubscriber(new MigrationListener());
$app['events']->addSubscriber(new ResponseListener());
$app['events']->addSubscriber(new SystemListener());
$app['events']->addSubscriber(new UserListener());
$app['events']->addSubscriber(new WidgetListener());
$app['events']->addSubscriber(new ThemeListener());
$app['events']->addSubscriber(new ThemeWidgetListener());
parent::boot($app);
$this->mergeOptions();
$app['system'] = $this;
$app['menus'] = function () {
return new MenuProvider();
};
$app['user'] = function ($app) {
if (!($user = $app['auth']->getUser())) {
$user = new UserEntity();
$roles = $app['users']->getRoleRepository()->where(['id' => RoleInterface::ROLE_ANONYMOUS])->get();
$user->setRoles($roles);
}
return $user;
};
$app['users'] = function () {
return new UserProvider();
};
$app['permissions'] = function ($app) {
return $app['events']->dispatch('system.permission', new PermissionEvent())->getPermissions();
};
$app['content'] = function () {
return new ContentHelper();
};
$app['languages'] = function () {
return new LanguageHelper();
};
$app['countries'] = function () {
return new CountryHelper();
};
$app['system.info'] = function () {
return new SystemInfoHelper();
};
$app['oauth'] = function () {
return new OAuthHelper();
};
$app['dates'] = function ($app) {
$manager = new DateHelper();
$manager->setTimezone($app['option']->get('system:app.timezone', 'UTC'));
$manager->setFormats([DateHelper::NONE => '', DateHelper::FULL => __('DATE_FULL'), DateHelper::LONG => __('DATE_LONG'), DateHelper::MEDIUM => __('DATE_MEDIUM'), DateHelper::SHORT => __('DATE_SHORT'), DateHelper::INTERVAL => __('DATE_INTERVAL')]);
return $manager;
};
$app->extend('mailer', function ($mailer, $app) {
$address = $app['config']->get('mail.from.address');
$name = $app['config']->get('mail.from.name');
$mailer->registerPlugin(new ImpersonatePlugin($address, $name));
return $mailer;
});
if (isset($app['profiler'])) {
$app->on('system.init', function () use($app) {
$app['profiler']->add(new SystemDataCollector($app['system.info']), 'extension://system/views/profiler/toolbar/system.php', 'extension://system/views/profiler/panel/system.php', 50);
$app['profiler']->add(new UserDataCollector($app['auth']), 'extension://system/views/profiler/toolbar/user.php', null, -20);
});
}
}
/**
* @Request({"user": "******"})
* @Response("json")
*/
public function registerAction($data)
{
$response = ['success' => false];
$errors = [];
try {
if ($this['user']->isAuthenticated() || $this['option']->get('system:user.registration', 'admin') == 'admin') {
return $this->redirect('/');
}
if (!$this['csrf']->validate($this['request']->request->get('_csrf'))) {
throw new Exception(__('Invalid token. Please try again.'));
}
$name = trim(@$data['name']);
$username = trim(@$data['username']);
$email = trim(@$data['email']);
$password = @$data['password'];
if (empty($name)) {
$errors[] = ['field' => 'name', 'message' => __('Name required.')];
}
if (empty($password)) {
$errors[] = ['field' => 'password', 'message' => __('Password required.')];
}
if (strlen($username) < 3 || !preg_match('/^[a-zA-Z0-9_\\-]+$/', $username)) {
$errors[] = ['field' => 'username', 'message' => __('Username is invalid.')];
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = ['field' => 'email', 'message' => __('Email is invalid.')];
}
if ($this->users->query()->orWhere(['username = :username', 'email = :username'], ['username' => $username])->first()) {
$errors[] = ['field' => 'username', 'message' => __('Username not available.'), 'dynamic' => true];
}
if ($this->users->query()->orWhere(['username = :email', 'email = :email'], ['email' => $email])->first()) {
$errors[] = ['field' => 'email', 'message' => __('Email not available.'), 'dynamic' => true];
}
if (count($errors)) {
throw new Exception(__('Signup failed'));
}
$user = new User();
$user->setRegistered(new \DateTime());
$user->setName($name);
$user->setUsername($username);
$user->setEmail($email);
$user->setPassword($this['auth.password']->hash($password));
$user->setStatus(UserInterface::STATUS_BLOCKED);
$user->setRoles($this->roles->where(['id' => RoleInterface::ROLE_AUTHENTICATED])->get());
$token = $this['auth.random']->generateString(32);
$admin = $this['option']->get('system:user.registration') == 'approval';
if ($verify = $this['option']->get('system:user.require_verification')) {
$user->setActivation($token);
} elseif ($admin) {
$user->setActivation($token);
$user->set('verified', true);
} else {
$user->setStatus(UserInterface::STATUS_ACTIVE);
}
$this->users->save($user);
if ($verify) {
$this->sendVerificationMail($user);
$response['success'] = __('Your user account has been created. Complete your registration, by clicking the link provided in the mail that has been sent to you.');
} elseif ($admin) {
$this->sendApproveMail($user);
$response['success'] = __('Your user account has been created and is pending approval by the site administrator.');
} else {
$this->sendWelcomeEmail($user);
$response['success'] = __('Your user account has been created.');
}
if (!$response['success']) {
$response['success'] = true;
}
if (!$this['request']->isXmlHttpRequest()) {
$this['message']->success($response['success']);
return $this->redirect('@system/auth/login');
}
} catch (Exception $e) {
if (!$this['request']->isXmlHttpRequest()) {
foreach ($errors as $error) {
$this['message']->error($error['message']);
}
} else {
$response['errors'] = $errors;
}
}
return $this['request']->isXmlHttpRequest() ? $response : $this->redirect(count($errors) ? '@system/registration' : '@system/auth/login');
}
