public function testResetPassword() { $userId = 1; $timestamp = time(); $hash = Mailer::getPasswordResetHash($userId, $timestamp); $this->get(Router::url(['controller' => 'Users', 'action' => 'resetPassword', $userId, $timestamp, $hash])); $this->assertResponseOk(); }
/** * Sends an email with a link that can be used in the next * 24 hours to give the user access to the password-reset page * * @param int $userId * @return boolean */ public static function sendPasswordResetEmail($userId) { $timestamp = time(); $hash = Mailer::getPasswordResetHash($userId, $timestamp); $resetUrl = Router::url(['prefix' => false, 'controller' => 'Users', 'action' => 'resetPassword', $userId, $timestamp, $hash], true); $email = new Email(); $usersTable = TableRegistry::get('Users'); $user = $usersTable->get($userId); $email->template('reset_password')->subject('MACC website password reset')->to($user->email)->viewVars(compact('user', 'resetUrl')); return $email->send(); }
/** * Add method * * @return \App\Controller\Response */ public function add() { $user = $this->Users->newEntity(); if ($this->request->is('post') || $this->request->is('put')) { $this->request->data['password'] = $this->request->data['new_password']; if (empty($this->request->data['client_communities'][0]['id'])) { $this->request->data['client_communities'] = []; } // Ignore ClientCommunity if user is not a client if ($this->request->data['role'] != 'client') { unset($this->request->data['client_communities']); } $user = $this->Users->patchEntity($user, $this->request->data); $errors = $user->errors(); if (empty($errors) && $this->Users->save($user)) { $Mailer = new Mailer(); $result = $Mailer->sendNewAccountEmail($user, $this->request->data['new_password']); if ($result) { $this->Flash->success('User account created and login credentials emailed'); return $this->redirect(['prefix' => 'admin', 'action' => 'index']); } else { $this->Users->delete($user); $msg = 'There was an error emailing this user with their login info. No new account was created.'; $msg .= ' Please try again or contact an administrator for assistance.'; $this->Flash->error($msg); } } else { $msg = 'There was an error creating this user\'s account.'; $msg .= ' Please try again or contact an administrator for assistance.'; $this->Flash->error($msg); } } else { $this->request->data['all_communities'] = false; } $this->prepareForm($user); $this->set(['titleForLayout' => 'Add User']); $this->render('/Admin/Users/form'); }
/** * Creates respondent records and sends invitation emails * * @param int $communityId Community ID * @param string $respondentType Respondent / survey type * @param int $surveyId Survey ID * @return void */ public function sendInvitations($communityId, $respondentType, $surveyId) { $respondentsTable = TableRegistry::get('Respondents'); $this->approvedRespondents = $respondentsTable->getApprovedList($surveyId); $this->unaddressedUnapprovedRespondents = $respondentsTable->getUnaddressedUnapprovedList($surveyId); $this->communityId = $communityId; $this->respondentType = $respondentType; $this->surveyId = $surveyId; $this->setInvitees(); $this->cleanInvitees(); $this->removeApproved(); foreach ($this->invitees as $i => $invitee) { if ($this->isUnapproved($invitee['email'])) { $this->approveInvitee($invitee); continue; } $this->createRespondent($invitee); } $Mailer = new Mailer(); $success = $Mailer->sendInvitations(['surveyId' => $this->surveyId, 'communityId' => $this->communityId, 'senderEmail' => $this->Auth->user('email'), 'senderName' => $this->Auth->user('name'), 'recipients' => $this->recipients]); if ($success) { $this->successEmails = array_merge($this->successEmails, $this->recipients); } else { $this->errorEmails = array_merge($this->errorEmails, $this->recipients); } $this->setInvitationFlashMessages(); $this->request->data = []; }
/** * Remind function * * @param string $surveyType Survey type * @return \App\Controller\Response|\Cake\Network\Response|null * @throws NotFoundException * @throws ForbiddenException */ public function remind($surveyType) { $clientId = $this->getClientId(); if (!$clientId) { return $this->chooseClientToImpersonate(); } $communitiesTable = TableRegistry::get('Communities'); $communityId = $communitiesTable->getClientCommunityId($clientId); if (!$communityId) { throw new NotFoundException('Your account is not currently assigned to a community'); } $surveysTable = TableRegistry::get('Surveys'); $surveyId = $surveysTable->getSurveyId($communityId, $surveyType); $survey = $surveysTable->get($surveyId); if (!$survey->active) { throw new ForbiddenException('Reminders cannot currently be sent out: Questionnaire is inactive'); } if ($this->request->is('post')) { $Mailer = new Mailer(); $sender = $this->Auth->user(); if ($Mailer->sendReminders($surveyId, $sender)) { $this->Flash->success('Reminder email successfully sent'); return $this->redirect(['prefix' => 'client', 'controller' => 'Communities', 'action' => 'index']); } $msg = 'There was an error sending reminder emails.'; $adminEmail = Configure::read('admin_email'); $msg .= ' Email <a href="mailto:' . $adminEmail . '">' . $adminEmail . '</a> for assistance.'; $this->Flash->error($msg); // Redirect so that hitting refresh won't re-send POST request return $this->redirect(['prefix' => 'client', 'controller' => 'Surveys', 'action' => 'remind', $survey->type]); } $respondentsTable = TableRegistry::get('Respondents'); $unresponsive = $respondentsTable->getUnresponsive($surveyId); $this->set(['community' => $communitiesTable->get($communityId), 'survey' => $survey, 'titleForLayout' => 'Send Reminders to Community ' . ucwords($survey->type) . 's', 'unresponsive' => $unresponsive, 'unresponsiveCount' => count($unresponsive)]); }
/** * Add client method * * @param int $communityId Community ID * @return \Cake\Network\Response|null */ public function addClient($communityId) { $community = $this->Communities->get($communityId); $usersTable = TableRegistry::get('Users'); if ($this->request->is('post')) { $client = $usersTable->newEntity($this->request->data()); $client->role = 'client'; $client->client_communities = [$this->Communities->get($communityId)]; $client->password = $this->request->data('unhashed_password'); $errors = $client->errors(); if (empty($errors) && $usersTable->save($client)) { $Mailer = new Mailer(); $result = $Mailer->sendNewAccountEmail($client, $this->request->data('unhashed_password')); if ($result) { $msg = 'Client account created for ' . $client->name . ' and login instructions emailed'; $this->Flash->success($msg); return $this->redirect(['action' => 'clients', $communityId]); } else { $msg = 'There was an error emailing account login info to ' . $client->name . '.'; $msg .= ' No new account was created. Please contact an administrator for assistance.'; $retval[] = $msg; $usersTable->delete($client); } } else { $msg = 'There was an error saving that client.'; $msg .= ' Please try again or contact an administrator for assistance.'; $this->Flash->error($msg); } } else { $client = $usersTable->newEntity(); $client->unhashed_password = $usersTable->generatePassword(); } $this->set(['client' => $client, 'communityId' => $communityId, 'communityName' => $community->name, 'salutations' => $usersTable->getSalutations(), 'role' => 'client', 'titleForLayout' => 'Add a New Client for ' . $community->name]); }
public function resetPassword($userId = null, $timestamp = null, $hash = null) { if (!$userId || !$timestamp && !$hash) { throw new NotFoundException('Incomplete URL for password-resetting. Did you leave out part of the URL when you copied and pasted it?'); } if (time() - $timestamp > 60 * 60 * 24) { throw new ForbiddenException('Sorry, that link has expired.'); } $expectedHash = Mailer::getPasswordResetHash($userId, $timestamp); if ($hash != $expectedHash) { throw new ForbiddenException('Invalid security key'); } $user = $this->Users->get($userId); $email = $user->email; if ($this->request->is(['post', 'put'])) { $this->request->data['password'] = $this->request->data('new_password'); $user = $this->Users->patchEntity($user, $this->request->data(), ['fieldList' => ['password']]); if ($this->Users->save($user)) { $this->Flash->success('Your password has been updated.'); return $this->redirect(['action' => 'login']); } } $this->request->data = []; $this->set(['email' => $email, 'pageTitle' => 'Reset Password', 'user' => $this->Users->newEntity()]); }
/** * Method for /admin/surveys/remind * * @param int $surveyId Survey ID * @return \Cake\Network\Response|null */ public function remind($surveyId) { $surveysTable = TableRegistry::get('Surveys'); $survey = $surveysTable->get($surveyId); if (!$survey->active) { throw new ForbiddenException('Reminders cannot currently be sent out: Questionnaire is inactive'); } $communitiesTable = TableRegistry::get('Communities'); $community = $communitiesTable->get($survey->community_id); if ($this->request->is('post')) { $Mailer = new Mailer(); $sender = $this->Auth->user(); if ($Mailer->sendReminders($surveyId, $sender)) { $this->Flash->success('Reminder email successfully sent'); return $this->redirect(['prefix' => 'admin', 'controller' => 'Surveys', 'action' => 'view', $community->id, $survey->type]); } $msg = 'There was an error sending reminder emails.'; $adminEmail = Configure::read('admin_email'); $msg .= ' Email <a href="mailto:' . $adminEmail . '">' . $adminEmail . '</a> for assistance.'; $this->Flash->error($msg); // Redirect so that hitting refresh won't re-send POST request return $this->redirect(['prefix' => 'admin', 'controller' => 'Surveys', 'action' => 'remind', $survey->id]); } $respondentsTable = TableRegistry::get('Respondents'); $unresponsive = $respondentsTable->getUnresponsive($surveyId); $this->set(['community' => $community, 'survey' => $survey, 'titleForLayout' => $community->name . ': Remind Community ' . ucwords($survey->type) . 's', 'unresponsive' => $unresponsive, 'unresponsiveCount' => count($unresponsive)]); $this->prepareAdminHeader(); $this->render('..' . DS . '..' . DS . 'Client' . DS . 'Surveys' . DS . 'remind'); }
/** * Allows the user to enter their email address and get a link to reset their password * * @return void */ public function forgotPassword() { $user = $this->Users->newEntity(); if ($this->request->is('post')) { $email = $this->request->data('email'); $email = strtolower(trim($email)); $adminEmail = Configure::read('admin_email'); if (empty($email)) { $msg = 'Please enter the email address you registered with to have your password reset. ' . "Email <a href=\"mailto:{$adminEmail}\">{$adminEmail}</a> for assistance."; $this->Flash->error($msg); } else { $userId = $this->Users->getIdWithEmail($email); if ($userId) { $Mailer = new Mailer(); if ($Mailer->sendPasswordResetEmail($userId)) { $msg = 'Success! You should be shortly receiving an email with a link to reset your password.'; $this->Flash->success($msg); $this->request->data = []; } else { $msg = 'There was an error sending your password-resetting email. ' . "Please try again, or email <a href=\"mailto:{$adminEmail}\">{$adminEmail}</a> for assistance."; $this->Flash->error($msg); } } else { $msg = "We couldn't find an account registered with the email address <strong>{$email}</strong>. " . 'Please make sure you spelled it correctly, and email ' . "<a href=\"mailto:{$adminEmail}\">{$adminEmail}</a> if you need assistance."; $this->Flash->error($msg); } } } $this->set(['titleForLayout' => 'Forgot Password', 'user' => $user]); }