public function execute()
{
if (!$this->hasAnyRoutes()) {
$this->dieUsage('No password reset routes are available.', 'moduledisabled');
}
$params = $this->extractRequestParams() + ['user' => null, 'email' => null];
$this->requireOnlyOneParameter($params, 'user', 'email');
$passwordReset = new PasswordReset($this->getConfig(), AuthManager::singleton());
$status = $passwordReset->isAllowed($this->getUser(), $params['capture']);
if (!$status->isOK()) {
$this->dieStatus(Status::wrap($status));
}
$status = $passwordReset->execute($this->getUser(), $params['user'], $params['email'], $params['capture']);
if (!$status->isOK()) {
$status->value = null;
$this->dieStatus(Status::wrap($status));
}
$result = $this->getResult();
$result->addValue(['resetpassword'], 'status', 'success');
if ($params['capture']) {
$passwords = $status->getValue() ?: [];
ApiResult::setArrayType($passwords, 'kvp', 'user');
ApiResult::setIndexedTagName($passwords, 'p');
$result->addValue(['resetpassword'], 'passwords', $passwords);
}
}
/**
* Process the form. At this point we know that the user passes all the criteria in
* userCanExecute(), and if the data array contains 'Username', etc, then Username
* resets are allowed.
* @param array $data
* @throws MWException
* @throws ThrottledError|PermissionsError
* @return Status
*/
public function onSubmit(array $data)
{
if (isset($data['Capture']) && !$this->getUser()->isAllowed('passwordreset')) {
// The user knows they don't have the passwordreset permission,
// but they tried to spoof the form. That's naughty
throw new PermissionsError('passwordreset');
}
$username = isset($data['Username']) ? $data['Username'] : null;
$email = isset($data['Email']) ? $data['Email'] : null;
$capture = !empty($data['Capture']);
$this->method = $username ? 'username' : 'email';
$this->result = Status::wrap($this->passwordReset->execute($this->getUser(), $username, $email, $capture));
if ($capture && $this->result->isOK()) {
$this->passwords = $this->result->getValue();
}
if ($this->result->hasMessage('actionthrottledtext')) {
throw new ThrottledError();
}
return $this->result;
}
