/** * @Request({"filter": "array", "page":"int"}) * @Response("extension://system/views/admin/user/index.razr") */ public function indexAction($filter = null, $page = 0) { if ($filter) { $this['session']->set('user.filter', $filter); } else { $filter = $this['session']->get('user.filter', []); } $query = $this->users->query(); if (isset($filter['status'])) { if (is_numeric($filter['status'])) { $filter['status'] = (int) $filter['status']; $query->where(['status' => intval($filter['status'])]); if (!$filter['status']) { $query->where('access IS NOT NULL'); } } elseif ('new' == $filter['status']) { $query->where(['status' => User::STATUS_BLOCKED, 'access IS NULL']); } } if (isset($filter['search']) && strlen($filter['search'])) { $query->where(function ($query) use($filter) { $query->orWhere(['username LIKE :search', 'name LIKE :search', 'email LIKE :search'], ['search' => "%{$filter['search']}%"]); }); } $role = isset($filter['role']) && is_numeric($filter['role']) ? intval($filter['role']) : null; $permission = isset($filter['permission']) && strlen($filter['permission']) ? $filter['permission'] : null; if ($role || $permission) { if ($role) { $query->whereExists(function ($query) use($role) { $query->from('@system_user_role u')->where(['@system_user.id = u.user_id', 'u.role_id' => $role]); }); } if ($permission) { $sql = $this->getPermissionSql($permission); $query->whereExists(function ($query) use($sql) { $query->from('@system_user_role ur')->join('@system_role r', 'ur.role_id = r.id')->where(['@system_user.id = ur.user_id', $sql]); }); } } $limit = self::USERS_PER_PAGE; $count = $query->count(); $total = ceil($count / $limit); $page = max(0, min($total - 1, $page)); $users = $query->offset($page * $limit)->limit($limit)->related('roles')->orderBy('name')->get(); $roles = $this->getRoles(); if ($this['request']->isXmlHttpRequest()) { return $this['response']->json(['table' => $this['view']->render('extension://system/views/admin/user/table.razr', ['users' => $users]), 'total' => $total]); } return ['head.title' => __('Users'), 'users' => $users, 'statuses' => User::getStatuses(), 'roles' => $roles, 'permissions' => $this['permissions'], 'filter' => $filter, 'total' => $total]; }
/** * @Request({"user": "******"}) * @Response("json") */ public function registerAction($data) { $response = ['success' => false]; $errors = []; try { if ($this['user']->isAuthenticated() || $this['option']->get('system:user.registration', 'admin') == 'admin') { return $this->redirect('/'); } if (!$this['csrf']->validate($this['request']->request->get('_csrf'))) { throw new Exception(__('Invalid token. Please try again.')); } $name = trim(@$data['name']); $username = trim(@$data['username']); $email = trim(@$data['email']); $password = @$data['password']; if (empty($name)) { $errors[] = ['field' => 'name', 'message' => __('Name required.')]; } if (empty($password)) { $errors[] = ['field' => 'password', 'message' => __('Password required.')]; } if (strlen($username) < 3 || !preg_match('/^[a-zA-Z0-9_\\-]+$/', $username)) { $errors[] = ['field' => 'username', 'message' => __('Username is invalid.')]; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = ['field' => 'email', 'message' => __('Email is invalid.')]; } if ($this->users->query()->orWhere(['username = :username', 'email = :username'], ['username' => $username])->first()) { $errors[] = ['field' => 'username', 'message' => __('Username not available.'), 'dynamic' => true]; } if ($this->users->query()->orWhere(['username = :email', 'email = :email'], ['email' => $email])->first()) { $errors[] = ['field' => 'email', 'message' => __('Email not available.'), 'dynamic' => true]; } if (count($errors)) { throw new Exception(__('Signup failed')); } $user = new User(); $user->setRegistered(new \DateTime()); $user->setName($name); $user->setUsername($username); $user->setEmail($email); $user->setPassword($this['auth.password']->hash($password)); $user->setStatus(UserInterface::STATUS_BLOCKED); $user->setRoles($this->roles->where(['id' => RoleInterface::ROLE_AUTHENTICATED])->get()); $token = $this['auth.random']->generateString(32); $admin = $this['option']->get('system:user.registration') == 'approval'; if ($verify = $this['option']->get('system:user.require_verification')) { $user->setActivation($token); } elseif ($admin) { $user->setActivation($token); $user->set('verified', true); } else { $user->setStatus(UserInterface::STATUS_ACTIVE); } $this->users->save($user); if ($verify) { $this->sendVerificationMail($user); $response['success'] = __('Your user account has been created. Complete your registration, by clicking the link provided in the mail that has been sent to you.'); } elseif ($admin) { $this->sendApproveMail($user); $response['success'] = __('Your user account has been created and is pending approval by the site administrator.'); } else { $this->sendWelcomeEmail($user); $response['success'] = __('Your user account has been created.'); } if (!$response['success']) { $response['success'] = true; } if (!$this['request']->isXmlHttpRequest()) { $this['message']->success($response['success']); return $this->redirect('@system/auth/login'); } } catch (Exception $e) { if (!$this['request']->isXmlHttpRequest()) { foreach ($errors as $error) { $this['message']->error($error['message']); } } else { $response['errors'] = $errors; } } return $this['request']->isXmlHttpRequest() ? $response : $this->redirect(count($errors) ? '@system/registration' : '@system/auth/login'); }