/**
* @Request({"user": "******"}, csrf=true)
*/
public function saveAction($data)
{
$user = App::user();
if (!$user->isAuthenticated()) {
App::abort(404);
}
try {
$user = User::find($user->id);
if ($password = @$data['password_new']) {
if (!App::auth()->getUserProvider()->validateCredentials($user, ['password' => @$data['password_old']])) {
throw new Exception(__('Invalid Password.'));
}
if (trim($password) != $password || strlen($password) < 3) {
throw new Exception(__('Invalid Password.'));
}
$user->password = App::get('auth.password')->hash($password);
}
if (@$data['email'] != $user->email) {
$user->set('verified', false);
}
$user->name = @$data['name'];
$user->email = @$data['email'];
$user->validate();
$user->save();
return ['message' => 'success'];
} catch (Exception $e) {
App::abort(400, $e->getMessage());
}
}
/**
* @Access(admin=true)
* @Request({"order": "array"})
*/
public function adminMenuAction($order)
{
if (!$order) {
App::abort(400, __('Missing order data.'));
}
$user = User::find(App::user()->id);
$user->set('admin.menu', $order);
$user->save();
return ['message' => __('Order saved.')];
}
/**
* @Access("user: manage users")
* @Request({"id": "int"})
*/
public function editAction($id = 0)
{
if (!$id) {
$user = User::create(['roles' => [Role::ROLE_AUTHENTICATED]]);
} else {
if (!($user = User::find($id))) {
App::abort(404, 'User not found.');
}
}
return ['$view' => ['title' => $id ? __('Edit User') : __('Add User'), 'name' => 'system/user/admin/user-edit.php'], '$data' => ['user' => $user, 'config' => ['statuses' => User::getStatuses(), 'roles' => array_values($this->getRoles($user)), 'emailVerification' => App::module('system/user')->config('require_verification'), 'currentUser' => App::user()->id]]];
}
/**
* @Route("/", methods="GET")
* @Route("/{id}", methods="GET", requirements={"id"="\d+"})
*/
public function indexAction($id = 0)
{
$self = App::user();
$userprofile = App::module('bixie/userprofile');
$id = $id ?: $self->id;
if (!$self->hasAccess('user: manage users') && $id != $self->id) {
App::abort(403, 'Insufficient permissions.');
}
if (!($user = User::find($id))) {
App::abort(404, 'User not found.');
}
return ['config' => $userprofile->config(), 'fields' => Field::getProfileFields(), 'profilevalues' => Profilevalue::getUserProfilevalues($user), 'user' => ['id' => $user->id, 'username' => $user->username, 'name' => $user->name, 'email' => $user->email]];
}
/**
* {@inheritdoc}
*/
public function match(array $parameters = [])
{
if (isset($parameters['id'])) {
return $parameters;
}
if (!isset($parameters['slug'])) {
App::abort(404, 'Userprofile not found.');
}
$slug_key = App::module('bixie/userprofile')->config('slug_key', 'username');
$slug = $parameters['slug'];
$id = false;
foreach ($this->cacheEntries as $entry) {
if ($entry[$slug_key] === $slug) {
$id = $entry['id'];
}
}
if (!$id) {
switch ($slug_key) {
case 'id':
$user = User::find($slug);
break;
case 'name':
$user = User::where(['name' => $slug])->first();
break;
case 'username':
$user = User::findByUsername($slug);
break;
default:
$user = false;
break;
}
if (!$user) {
App::abort(404, 'Userprofile not found.');
}
$this->addCache($user);
$id = $user->id;
}
$parameters['id'] = $id;
return $parameters;
}
/**
* {@inheritdoc}
*/
public function find($id)
{
return User::find($id);
}
/**
* @Route("/{id}", methods="DELETE", requirements={"id"="\d+"})
* @Request({"id": "int"}, csrf=true)
*/
public function deleteAction($id)
{
if (App::user()->id == $id) {
App::abort(400, __('Unable to delete yourself.'));
}
if ($user = User::find($id)) {
$user->delete();
}
return ['message' => 'success'];
}
}, 'view.scripts' => function ($event, $scripts) use($app) {
$version = $app->module('bixie/pk-framework')->getVersionKey($app->package('bixie/userprofile')->get('version'));
$scripts->register('link-userprofile', 'bixie/userprofile:app/bundle/link-userprofile.js', '~panel-link', ['version' => $version]);
$scripts->register('user-section-userprofile', 'bixie/userprofile:app/bundle/user-section-userprofile.js', ['~user-edit', 'bixie-fieldtypes'], ['version' => $version]);
}, 'view.data' => function ($event, $data) use($app) {
$route = $app->request()->attributes->get('_route');
if (strpos($route, '@userprofile') === 0 || $route == '@user/edit') {
$data->add('$fieldtypes', ['ajax_url' => 'api/userprofile/profile/ajax']);
}
//load profile
if (in_array($route, ['@userprofile', '@userprofile/registration', '@user/edit'])) {
$self = $app->user();
$edit_id = $app->request()->get('id');
if ($route == '@user/edit') {
//blank user when admin creates new user
$user = $edit_id ? \Pagekit\User\Model\User::find($edit_id) : \Pagekit\User\Model\User::create();
} else {
$user = $self;
}
if ($self->hasAccess('user: manage users') || $user->id == $self->id) {
$profileUser = ProfileUser::load($user);
$data->add('$userprofile', ['fields' => array_values(\Bixie\Userprofile\Model\Field::getProfileFields()), 'profilevalues' => $app->module('bixie/userprofile')->getProfile($user), 'profile_user' => $profileUser]);
}
}
}, 'view.styles' => function ($event, $styles) use($app) {
$route = $app->request()->attributes->get('_route');
if (strpos($route, '@userprofile') === 0 || in_array($route, ['@user/edit'])) {
foreach ($app->module('bixie/userprofile')->getFieldTypes() as $type) {
$type->addStyles($styles);
}
}
