/** * @Request({"user": "******"}, csrf=true) */ public function saveAction($data) { $user = App::user(); if (!$user->isAuthenticated()) { App::abort(404); } try { $user = User::find($user->id); if ($password = @$data['password_new']) { if (!App::auth()->getUserProvider()->validateCredentials($user, ['password' => @$data['password_old']])) { throw new Exception(__('Invalid Password.')); } if (trim($password) != $password || strlen($password) < 3) { throw new Exception(__('Invalid Password.')); } $user->password = App::get('auth.password')->hash($password); } if (@$data['email'] != $user->email) { $user->set('verified', false); } $user->name = @$data['name']; $user->email = @$data['email']; $user->validate(); $user->save(); return ['message' => 'success']; } catch (Exception $e) { App::abort(400, $e->getMessage()); } }
/** * @Access(admin=true) * @Request({"order": "array"}) */ public function adminMenuAction($order) { if (!$order) { App::abort(400, __('Missing order data.')); } $user = User::find(App::user()->id); $user->set('admin.menu', $order); $user->save(); return ['message' => __('Order saved.')]; }
/** * @Access("user: manage users") * @Request({"id": "int"}) */ public function editAction($id = 0) { if (!$id) { $user = User::create(['roles' => [Role::ROLE_AUTHENTICATED]]); } else { if (!($user = User::find($id))) { App::abort(404, 'User not found.'); } } return ['$view' => ['title' => $id ? __('Edit User') : __('Add User'), 'name' => 'system/user/admin/user-edit.php'], '$data' => ['user' => $user, 'config' => ['statuses' => User::getStatuses(), 'roles' => array_values($this->getRoles($user)), 'emailVerification' => App::module('system/user')->config('require_verification'), 'currentUser' => App::user()->id]]]; }
/** * @Route("/", methods="GET") * @Route("/{id}", methods="GET", requirements={"id"="\d+"}) */ public function indexAction($id = 0) { $self = App::user(); $userprofile = App::module('bixie/userprofile'); $id = $id ?: $self->id; if (!$self->hasAccess('user: manage users') && $id != $self->id) { App::abort(403, 'Insufficient permissions.'); } if (!($user = User::find($id))) { App::abort(404, 'User not found.'); } return ['config' => $userprofile->config(), 'fields' => Field::getProfileFields(), 'profilevalues' => Profilevalue::getUserProfilevalues($user), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]]; }
/** * {@inheritdoc} */ public function match(array $parameters = []) { if (isset($parameters['id'])) { return $parameters; } if (!isset($parameters['slug'])) { App::abort(404, 'Userprofile not found.'); } $slug_key = App::module('bixie/userprofile')->config('slug_key', 'username'); $slug = $parameters['slug']; $id = false; foreach ($this->cacheEntries as $entry) { if ($entry[$slug_key] === $slug) { $id = $entry['id']; } } if (!$id) { switch ($slug_key) { case 'id': $user = User::find($slug); break; case 'name': $user = User::where(['name' => $slug])->first(); break; case 'username': $user = User::findByUsername($slug); break; default: $user = false; break; } if (!$user) { App::abort(404, 'Userprofile not found.'); } $this->addCache($user); $id = $user->id; } $parameters['id'] = $id; return $parameters; }
/** * {@inheritdoc} */ public function find($id) { return User::find($id); }
/** * @Route("/{id}", methods="DELETE", requirements={"id"="\d+"}) * @Request({"id": "int"}, csrf=true) */ public function deleteAction($id) { if (App::user()->id == $id) { App::abort(400, __('Unable to delete yourself.')); } if ($user = User::find($id)) { $user->delete(); } return ['message' => 'success']; }
}, 'view.scripts' => function ($event, $scripts) use($app) { $version = $app->module('bixie/pk-framework')->getVersionKey($app->package('bixie/userprofile')->get('version')); $scripts->register('link-userprofile', 'bixie/userprofile:app/bundle/link-userprofile.js', '~panel-link', ['version' => $version]); $scripts->register('user-section-userprofile', 'bixie/userprofile:app/bundle/user-section-userprofile.js', ['~user-edit', 'bixie-fieldtypes'], ['version' => $version]); }, 'view.data' => function ($event, $data) use($app) { $route = $app->request()->attributes->get('_route'); if (strpos($route, '@userprofile') === 0 || $route == '@user/edit') { $data->add('$fieldtypes', ['ajax_url' => 'api/userprofile/profile/ajax']); } //load profile if (in_array($route, ['@userprofile', '@userprofile/registration', '@user/edit'])) { $self = $app->user(); $edit_id = $app->request()->get('id'); if ($route == '@user/edit') { //blank user when admin creates new user $user = $edit_id ? \Pagekit\User\Model\User::find($edit_id) : \Pagekit\User\Model\User::create(); } else { $user = $self; } if ($self->hasAccess('user: manage users') || $user->id == $self->id) { $profileUser = ProfileUser::load($user); $data->add('$userprofile', ['fields' => array_values(\Bixie\Userprofile\Model\Field::getProfileFields()), 'profilevalues' => $app->module('bixie/userprofile')->getProfile($user), 'profile_user' => $profileUser]); } } }, 'view.styles' => function ($event, $styles) use($app) { $route = $app->request()->attributes->get('_route'); if (strpos($route, '@userprofile') === 0 || in_array($route, ['@user/edit'])) { foreach ($app->module('bixie/userprofile')->getFieldTypes() as $type) { $type->addStyles($styles); } }