public function initialAction() { $serviceLocator = $this->getServiceLocator(); $entityManager = $serviceLocator->get('entity-manager'); $user = $serviceLocator->get('user-entity'); //check if user already exists $numberUsers = $entityManager->getRepository(get_class($user))->countAdminUsers(); if ($numberUsers) { return $this->redir()->toRoute('admin/default', array('controller' => 'log', 'action' => 'in')); } $form = new \Admin\Form\User($user, $entityManager); $form->get('submit')->setValue('Submit'); //region add language name + select flag $languageForm = new Language($this->getServiceLocator()); $form->add($languageForm->get('isoCode')); $languageName = $languageForm->get('name'); $languageName->setName('language_name'); $form->add($languageName); $form->getInputFilter()->add($languageForm->getInputFilter()->get('isoCode')); $languageNameInputFilter = $languageForm->getInputFilter()->get('name'); $languageNameInputFilter->setName($languageName->getName()); $form->getInputFilter()->add($languageNameInputFilter); //endregion $request = $this->getRequest(); if ($request->isPost()) { $form->setData($request->getPost()); //set the role field to not required $form->getInputFilter()->get('role')->setRequired(false); if ($form->isValid()) { $newPassword = $form->getInputFilter()->get('password_fields')->get('password')->getValue(); if ($newPassword) { $user->setUpass($form->getInputFilter()->get('password_fields')->get('password')->getValue()); } $user->setRegDate(); $user->setRole(User::USER_SUPER_ADMIN); $entityManager->persist($user); $lang = new Lang(); $lang->setIsoCode($form->getInputFilter()->getInputs()['isoCode']->getValue()); $lang->setName($form->getInputFilter()->getInputs()['language_name']->getValue()); $lang->setStatus($lang::STATUS_DEFAULT); $entityManager->persist($lang); $entityManager->flush(); $langCode = $lang->getIsoCode(); $locale = $locale = $langCode != 'en' ? $langCode . '_' . strtoupper($langCode) : 'en_US'; $this->flashMessenger()->addSuccessMessage($this->translator->translate("The user has been added successfully. Please log below.", 'default', $locale)); return $this->redir()->toRoute('admin/default', ['controller' => 'log', 'action' => 'in']); } } return ['form' => $form, 'flagCode' => $this->getRequest()->isPost() ? $this->params()->fromPost('isoCode') : null]; }
public function handleCreateUpdate($data, $id = null) { $entityManager = $this->getServiceLocator()->get('entity-manager'); $user = $this->getServiceLocator()->get('user-entity'); //accessed it from service manager as this way the User::setPasswordAdapter() is initialized if ($id) { $user = $entityManager->find(get_class($user), $id); if (!$user) { return $this->redirMissingUser($id); } } $loggedInUser = $this->getServiceLocator()->get('current-user'); $editOwn = $loggedInUser->getId() == $user->getId(); //security check - is the edited user really having a role equal or less privileged to the editing user if (!$loggedInUser->canEdit($user->getRole())) { return $this->redirToList('You have no right to edit this user', 'error'); } $currentUserName = $user->getUname(); $currentEmail = $user->getEmail(); $form = new \Admin\Form\User($loggedInUser, $this->getServiceLocator()->get('entity-manager')); $form->bind($user); $form->setData($data); $action = $id ? 'edit' : 'add'; if ($form->isValid($action, $currentUserName, $currentEmail, $editOwn)) { //security check - is the new role equal or less privileged to the editing user $newRole = $form->getData()->getRole(); if (!$loggedInUser->canEdit($newRole)) { //this protection is redundant as there will be notFoundInTheHaystack validation error return $this->redirToList('You have no right to assign this user role', 'error'); } if ($editOwn && isset($data['role'])) { return $this->redirToList('You have no right to assign new role to yourself', 'error'); } $newPassword = $form->getInputFilter()->get('password_fields')->get('password')->getValue(); if ($newPassword) { $user->setUpass($form->getInputFilter()->get('password_fields')->get('password')->getValue()); } $user->setRegDate(); $entityManager->persist($user); $entityManager->flush(); if ($this->getRequest()->isPost()) { $this->getResponse()->setStatusCode(201); } return $this->redirToList('The user has been ' . $action . 'ed successfully'); } return $this->renderData($action, $form, $editOwn, $user); }