/**
* Switch the active organization
*/
public function changeUiAction()
{
$request = $this->getRequest();
$orgId = urldecode($request->getParam('org'));
$oldOrg = $this->currentUser->getCurrentOrganizationId();
$origUrl = base64_decode($request->getParam('current_uri'));
$allowedOrganizations = $this->currentUser->getAllowedOrganizations();
if (isset($allowedOrganizations[$orgId])) {
$this->currentUser->setCurrentOrganization($orgId);
if ($origUrl) {
// Check for organisation id in url, but not when a patient id is stated
if (strpos($origUrl, '/' . \MUtil_Model::REQUEST_ID1 . '/') === false) {
foreach ($this->currentUser->possibleOrgIds as $key) {
$finds[] = '/' . $key . '/' . $oldOrg;
$replaces[] = '/' . $key . '/' . $orgId;
}
$correctUrl = str_replace($finds, $replaces, $origUrl);
} else {
$correctUrl = $origUrl;
}
// \MUtil_Echo::track($origUrl, $correctUrl);
$this->getResponse()->setRedirect($correctUrl);
} else {
$this->currentUser->gotoStartPage($this->menu, $request);
}
return;
}
throw new \Gems_Exception($this->_('Inaccessible or unknown organization'), 403, null, sprintf($this->_('Access to this page is not allowed for current role: %s.'), $this->currentUser->getRole()));
}
public function changeUiAction()
{
$request = $this->getRequest();
$lang = strtolower($request->getParam('language'));
$url = base64_decode($request->getParam('current_uri'));
if (!$url || '/' !== $url[0]) {
throw new \Exception($this->_('Illegal language redirect url.'));
}
if (in_array($lang, $this->view->project->locales)) {
$this->currentUser->setLocale($lang);
if (\Gems_Cookies::setLocale($lang, $this->basepath->getBasePath())) {
if ($url) {
$this->getResponse()->setRedirect($url);
} else {
$this->currentUser->gotoStartPage($this->menu, $this->getRequest());
}
return;
}
throw new \Exception($this->_('Cookies must be enabled for setting the language.'));
}
throw new \Exception($this->_('Invalid language setting.'));
}
/**
* Reset password page.
*/
public function resetpasswordAction()
{
$errors = array();
$form = $this->createResetRequestForm();
$request = $this->getRequest();
if ($key = $this->_getParam('key')) {
$user = $this->loader->getUserLoader()->getUserByResetKey($key);
if ($user->hasValidResetKey()) {
$form = $user->getChangePasswordForm(array('askOld' => false, 'askCheck' => true, 'labelWidthFactor' => $this->labelWidthFactor));
$result = $user->authenticate(null, false);
if (!$result->isValid()) {
$this->addMessage($result->getMessages());
$this->addMessage($this->_('For that reason you cannot reset your password.'));
return;
}
if (!$request->isPost()) {
$this->accesslog->logChange($request, sprintf("User %s opened valid reset link.", $user->getLoginName()));
}
} else {
if (!$request->isPost()) {
if ($user->getLoginName()) {
$message = sprintf("User %s used old reset key.", $user->getLoginName());
} else {
$message = sprintf("Someone used a non existent reset key.", $user->getLoginName());
}
$this->accesslog->logChange($request, $message);
if ($user->hasPassword() || !$user->isActive()) {
$errors[] = $this->_('Your password reset request is no longer valid, please request a new link.');
} else {
$errors[] = $this->_('Your password input request is no longer valid, please request a new link.');
}
}
if ($user->isActive()) {
$form->getUserNameElement()->setValue($user->getLoginName());
$form->getOrganizationElement()->setValue($user->getBaseOrganizationId());
}
}
}
if ($request->isPost() && $form->isValid($request->getPost())) {
if ($form instanceof \Gems_User_Form_ResetRequestForm) {
$user = $form->getUser();
$result = $user->authenticate(null, false);
if (!$result->isValid()) {
$this->addMessage($result->getMessages());
$this->addMessage($this->_('For that reason you cannot request a password reset.'));
return;
}
$errors = $this->sendUserResetEMail($user);
if ($errors) {
$this->accesslog->logChange($request, sprintf("User %s requested reset password but got %d error(s). %s", $form->getUserNameElement()->getValue(), count($errors), implode(' ', $errors)));
} else {
// Everything went OK!
$this->addMessage($this->_('We sent you an e-mail with a reset link. Click on the link in the e-mail.'));
$this->accesslog->logChange($request);
if ($this->returnToLoginAfterReset) {
$this->setCurrentOrganizationTo($user);
$this->currentUser->gotoStartPage($this->menu, $request);
}
}
} elseif ($form instanceof \Gems_User_Form_ChangePasswordForm) {
$this->addMessage($this->_('New password is active.'));
// User set before this form was initiated
$user->setAsCurrentUser();
/**
* Log the login
*/
$this->accesslog->logChange($request, $this->_("User logged in through reset password."));
$user->gotoStartPage($this->menu, $this->getRequest());
return;
}
}
$form->populate($request->getParams());
$this->displayResetForm($form, $errors);
}