/** * @Request({"user": "******"}, csrf=true) */ public function saveAction($data) { if (!$this->user->isAuthenticated()) { $this->getApplication()->abort(404); } try { $user = $this->users->find($this->user->getId()); $name = trim(@$data['name']); $email = trim(@$data['email']); $passNew = @$data['password_new']; $passOld = @$data['password_old']; if (strlen($name) < 3) { throw new Exception(__('Name is invalid.')); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { throw new Exception(__('Email is invalid.')); } if ($this->users->where(['email = ?', 'id <> ?'], [$email, $user->getId()])->first()) { throw new Exception(__('Email not available.')); } if ($passNew) { if (!$this['auth']->getUserProvider()->validateCredentials($this->user, ['password' => $passOld])) { throw new Exception(__('Invalid Password.')); } if (trim($passNew) != $passNew || strlen($passNew) < 3) { throw new Exception(__('New Password is invalid.')); } $user->setPassword($this['auth.password']->hash($passNew)); } if ($email != $user->getEmail()) { $user->set('verified', false); } $user->setName($name); $user->setEmail($email); $this['events']->dispatch('system.user.profile.save', new ProfileSaveEvent($user, $data)); $this->users->save($user); $this['events']->dispatch('system.user.profile.saved', new ProfileSaveEvent($user, $data)); $this['message']->success(__('Profile updated.')); } catch (Exception $e) { $this['message']->error($e->getMessage()); } return $this->redirect('@system/profile'); }
/** * Gets the user roles. * * @param User $user * @return array */ protected function getRoles(User $user = null) { $roles = $this->roles->where(['id <> ?'], [Role::ROLE_ANONYMOUS])->orderBy('priority')->get(); foreach ($roles as $role) { if ($role->isAuthenticated()) { $role->disabled = true; } if ($user && $user->getId() == $this['user']->getId() && $user->isAdministrator() && $role->isAdministrator()) { $role->disabled = true; } } return $roles; }