/** * Edit a user - handles both form and processing. */ public function edit($userId) { $this->requireAdmin(); $method = $this->request->getMethod(); $user = $this->userStore->getById($userId); if (empty($user)) { throw new NotFoundException(Lang::get('user_n_not_found', $userId)); } $this->layout->title = $user->getName(); $this->layout->subtitle = Lang::get('edit_user'); $values = array_merge($user->getDataArray(), $this->getParams()); $form = $this->userForm($values, 'edit/' . $userId); if ($method != 'POST' || $method == 'POST' && !$form->validate()) { $view = new b8\View('UserForm'); $view->type = 'edit'; $view->user = $user; $view->form = $form; return $view->render(); } $name = $this->getParam('name', null); $email = $this->getParam('email', null); $password = $this->getParam('password', null); $isAdmin = (int) $this->getParam('is_admin', 0); $this->userService->updateUser($user, $name, $email, $password, $isAdmin); header('Location: ' . PHPCI_URL . 'user'); die; }
/** * @covers PHPUnit::execute */ public function testExecute_DoesNotChangePasswordIfEmpty() { $user = new User(); $user->setHash(password_hash('testing', PASSWORD_DEFAULT)); $user = $this->testedService->updateUser($user, 'Test', '*****@*****.**', '', 0); $this->assertTrue(password_verify('testing', $user->getHash())); }
/** * Edit a user - handles both form and processing. */ public function edit($userId) { if (!$_SESSION['user']->getIsAdmin()) { throw new ForbiddenException('You do not have permission to do that.'); } $method = $this->request->getMethod(); $user = $this->userStore->getById($userId); if (empty($user)) { throw new NotFoundException('User with ID: ' . $userId . ' does not exist.'); } $values = array_merge($user->getDataArray(), $this->getParams()); $form = $this->userForm($values, 'edit/' . $userId); if ($method != 'POST' || $method == 'POST' && !$form->validate()) { $view = new b8\View('UserForm'); $view->type = 'edit'; $view->user = $user; $view->form = $form; return $view->render(); } $name = $this->getParam('name', null); $email = $this->getParam('email', null); $password = $this->getParam('password', null); $isAdmin = (int) $this->getParam('is_admin', 0); $this->userService->updateUser($user, $name, $email, $password, $isAdmin); header('Location: ' . PHPCI_URL . 'user'); die; }