/**
* Verifies the current user cannot delete his role.
*
* Request current user password before deletion of any User Roles.
*
* @param Request $request Current router request.
*
* @return void
*/
protected function beforeDelete(Request $request)
{
if (!$request->post('password') || !Crypt::hashCompare($this->user->password, $request->post('password'))) {
if (!$request->is('xhr')) {
Helpers\FlashMessage::set($this->labels['general']['not_authorized'], 'danger');
}
$request->redirectTo('index');
}
if ($this->user->role_id == $this->resource->getPrimaryKeyValue()) {
if (!$request->is('xhr')) {
Helpers\FlashMessage::set($this->labels['errors']['delete']['self'], 'danger');
}
$request->redirectTo('index');
}
parent::beforeDelete($request);
}
/**
* Assign current user as a resource object.
*
* @param Request $request Current Router Request.
*
* @return void
*/
protected function assignCurrentUserAsResource(Request $request)
{
if (in_array($request->action(), array('edit', 'delete', 'show', 'export'), true)) {
$request->redirectTo('index');
}
$this->resource = $this->user;
$this->removeAccessibleAttributes(array('role_id'));
}
/**
* Permissions verification gate.
*
* @param Request $request Current Router Request.
*
* @see \CMS\Helpers\CMSUsers::userCan()
*
* @return boolean
*/
protected function checkPermissions(Request $request)
{
$controller = $this->getControllerName();
$action = $this->getActionName();
if (!Helpers\CMSUsers::userCan(array('controller' => $controller, 'action' => $action))) {
Helpers\FlashMessage::set($this->labels['general']['no_access'], 'danger');
$request->redirectTo(array('controller' => 'account'));
}
return true;
}
/**
* Loads Resource object.
*
* @param Request $request Current router request.
*
* @return void
*/
protected function loadResource(Request $request)
{
if (!$this->resource->exists()) {
if (!$request->get('id')) {
$request->redirectTo('index');
}
$resourceModel = $this->resource;
$this->resource = $resourceModel::find()->where($resourceModel::primaryKeyField() . ' = ?', array($request->get('id')))->first();
if (!$this->resource) {
Helpers\FlashMessage::set($this->labels['errors']['not_exists'], 'danger');
$request->redirectTo('index');
}
}
}
/**
* Reset access action.
*
* @param Request $request Current router request.
*
* @return void
*/
public function renew(Request $request)
{
$user = Models\CMSUser::find()->where('DATE_ADD(updated_on, INTERVAL 60 MINUTE) > UTC_TIMESTAMP() AND SHA1(CONCAT(password, ?, email)) = ?', array(Core\Config()->USER_AUTH['cookie_salt'], $request->get('id')))->first();
if ($user) {
$new_password = Core\Utils::generatePassword(10);
if ($user->save(array('password' => $new_password), true)) {
$this->new_password = $new_password;
}
} else {
$request->redirectTo(array('controller' => 'authentication'));
}
}
