/**
* index method
*
* @return void
*/
function beforeFilter()
{
if ($this->request->params['action'] != 'login' && $this->request->params['action'] != 'logout') {
$user = Authsome::get();
if ($user == "") {
$this->Session->setFlash(__('No esta autenticado.'), 'flash_orange');
return $this->redirect(array('controller' => 'Users', 'action' => 'login'));
}
if ($user['User']['status'] == Configure::read('STATUS.MODIFIED')) {
return $this->redirect(array('controller' => 'Users', 'action' => 'logout'));
}
switch ($user['User']['rol']) {
case Configure::read('ROL.CHIEF'):
# code...
return $this->redirect(array('controller' => 'Sails', 'action' => 'indexComodoro'));
break;
case Configure::read('ROL.BOSS'):
# code...
return $this->redirect(array('controller' => 'Managements'));
break;
case Configure::read('ROL.PERSON'):
# code...
return $this->redirect(array('controller' => 'Users', 'action' => 'logout'));
break;
}
}
}
/**
* Initialize component
*
* @param object $controller Instantiating controller
* @access public
*/
function initialize(&$controller, $settings = array())
{
if (!count($controller->uses) || get_parent_class($controller->{$controller->modelClass}) == 'Object') {
return;
}
if (!$controller->{$controller->modelClass}->Behaviors->attached('Logable')) {
return;
}
// Auto-import user data if AuthsomeComponent is in use
if (class_exists('Authsome')) {
if (!Authsome::get('guest')) {
$controller->{$controller->modelClass}->setUserData(Authsome::get());
}
}
// Auto-import user data if AuthComponent is in use
if (!empty($controller->Auth)) {
$user = $controller->Auth->user();
if ($user !== null) {
$controller->{$controller->modelClass}->setUserData(array('User' => $user));
}
}
$controller->{$controller->modelClass}->setRequestParameters($controller->params);
$controller->{$controller->modelClass}->setUserBrowser($_SERVER['HTTP_USER_AGENT']);
$controller->{$controller->modelClass}->setUserIp($_SERVER['REMOTE_ADDR']);
}
function _isAuthorized(&$controller)
{
$action = strtolower($controller->params['action']);
$authRequiredActions = array_map('strtolower', $this->settings['auth_required']);
$authRequired = $authRequiredActions == array('*') || in_array($action, $authRequiredActions);
if ($authRequired and Authsome::get('guest')) {
$controller->Session->setFlash('Please login to access this resource');
$controller->redirect(array('controller' => 'users', 'action' => 'login'));
}
$authDeniedActions = array_map('strtolower', $this->settings['auth_denied']);
$authDenied = $authDeniedActions == array('*') || in_array($action, $authDeniedActions);
if ($authDenied and !Authsome::get('guest')) {
$controller->Session->setFlash('You are already logged in');
$controller->redirect(array('controller' => 'users', 'action' => 'dashboard'));
}
$adminRequiredActions = array_map('strtolower', $this->settings['admin_required']);
$adminRequired = $adminRequiredActions == array('*') || in_array($action, $adminRequiredActions);
if ($adminRequired and Authsome::get('group') != 'administrator') {
$controller->Session->setFlash('You must be an administrator to access this resource');
$controller->redirect(array('controller' => 'users', 'action' => 'dashboard'));
}
$deniedActions = array_map('strtolower', $this->settings['denied']);
$denied = $deniedActions == array('*') || in_array($action, $deniedActions);
if ($denied) {
$controller->Session->setFlash('You do not have access to this resource');
$controller->redirect(array('controller' => 'users', 'action' => 'index'));
}
}
function beforeFilter()
{
$user = Authsome::get();
if ($user == "") {
$this->Session->setFlash(__('No esta autenticado.'), 'flash_orange');
return $this->redirect(array('controller' => 'Users', 'action' => 'login'));
}
if ($user['User']['status'] == Configure::read('STATUS.MODIFIED')) {
return $this->redirect(array('controller' => 'Users', 'action' => 'logout'));
}
switch ($user['User']['rol']) {
case Configure::read('ROL.BOSS'):
# code...
return $this->redirect(array('controller' => 'Managements'));
break;
case Configure::read('ROL.ADMIN'):
case Configure::read('ROL.SUB-ADMIN'):
# code...
return $this->redirect(array('controller' => 'pages'));
break;
case Configure::read('ROL.PERSON'):
# code...
return $this->redirect(array('controller' => 'Users', 'action' => 'logout'));
break;
}
$chief = $this->Chief->findByUserId(Authsome::get('User.id'));
$this->set('com', $chief['Chief']['last_name'] . ', ' . $chief['Chief']['name']);
}
public function persist($duration = '2 weeks')
{
$userModel = $this->__getUserModel();
if (!method_exists($userModel, 'authsomePersist')) {
throw new Exception($userModel->alias . '::authsomePersist() is not implemented!');
}
$token = $userModel->authsomePersist(Authsome::get(), $duration);
$token = $token . ':' . $duration;
return $this->Cookie->write($this->settings['cookieKey'], $token, true, $duration);
}
/**
* Sets the User_id for the created_by and modified_by fields for this model
*
* @param object $model Model using the behavior
* @return void
* @author Matt Curry
**/
function beforeValidate(&$model)
{
$settings = $this->settings[$model->alias];
$trackable_id = isset($model->trackable_id) ? $model->trackable_id : Authsome::get('id');
$trackable_id = !$trackable_id ? '0' : $trackable_id;
if (empty($model->data[$model->alias][$model->primaryKey])) {
$model->data[$model->alias][$settings['created_by_field']] = $trackable_id;
}
$model->data[$model->alias][$settings['modified_by_field']] = $trackable_id;
return true;
}
/**
* List all projects
*
* @return void
* @access public
*/
function index()
{
$this->loadModel('Project');
$currentUser = Authsome::get();
$currentUserId = $currentUser['User']['id'];
$userGroup = $currentUser['UserGroup']['name'];
if ($userGroup === ADMIN_USER_GROUP || $userGroup === INTERNAL_USER_GROUP) {
$this->paginate['Project'] = array('contain' => array('Population.id', 'Population.project_id', 'Library.id', 'Library.project_id'), 'order' => 'Project.id');
$this->set('projects', $this->paginate());
} else {
$projects = $this->Project->findUserProjects();
$this->set('projects', $projects);
$this->render('index_no_pagination');
}
}
function beforeSave(&$model)
{
if (!isset($model->id)) {
return true;
}
$settings = $this->settings[$model->alias];
$count = count($settings['exception']);
$user = Authsome::get();
if (!$user) {
return false;
}
foreach ($settings['exception'] as $key => $value) {
if ($user[$model->alias][$key] == $value) {
$count--;
}
}
if ($count == 0) {
return true;
}
$rec = $model->find('first', array('conditions' => array("{$model->alias}.{$settings['model_field']}" => $model->id), 'contain' => false));
return $rec[$model->alias][$settings['model_field']] == Authsome::get('authsome_field');
}
/**
* Returns associative array with datasets as keys (those for which
* the logged in user has permissions and associative information
* as values
*
* @param int $datasetType 0 all datasets, 1 only libraries, 2 only populations
* @param int $projectId restrict returned datasets to a certain project
* @return Array associative array with datasets as keys and associative information
* as values
* @access public
*/
public function findUserDatasets($datasetType = POPULATION_AND_LIBRARY_DATASETS, $projectId = null)
{
$userDatasets = array();
$currentUser = Authsome::get();
$currentUserId = $currentUser['User']['id'];
$userGroup = $currentUser['UserGroup']['name'];
//check if chached
if (($userDatasets = Cache::read($currentUserId . $projectId . 'userDatasets')) === false) {
if ($userGroup === ADMIN_USER_GROUP || $userGroup === INTERNAL_USER_GROUP) {
if (is_null($projectId)) {
if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t\t (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name\n\t\t\t\t\t\t as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)\n\t\t\t\t\t\t UNION SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,\n\t\t\t\t\t\t projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id)) \n\t\t\t\t\t\t as datasets ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == LIBRARY_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == POPULATION_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC";
}
}
}
} else {
if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id) where projects.id={$projectId} UNION SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id) where projects.id={$projectId}) as datasets ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == LIBRARY_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id) where projects.id={$projectId}) as datasets ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == POPULATION_DATASETS) {
$query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC";
}
}
}
}
} else {
if (is_null($projectId)) {
if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1 UNION\n\t\t\t\t\t SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == LIBRARY_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == POPULATION_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
}
}
}
} else {
if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) UNION\n\t\t\t\t\t SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == LIBRARY_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
} else {
if ($datasetType == POPULATION_DATASETS) {
$query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id, 'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC";
}
}
}
}
}
$results = $this->query($query);
foreach ($results as $result) {
$datasetName = $result['datasets']['name'];
$userDatasets[$datasetName] = $result['datasets'];
}
//cache query results
Cache::write($currentUserId . $projectId . 'userDatasets', $userDatasets);
}
return $userDatasets;
}
/**
* Search all datasets
*
* @param String $query Lucene query string
* @return void
* @access public
*/
public function all($query = "*:*")
{
$this->loadModel('Project');
//adjust fields to allow search accross all samples including weighted datasets
unset($this->searchFields['Search By Blast Statistics']);
unset($this->searchFields['Search By Name']['hmm_name']);
#unset($this->searchFields['Search By Name']['kegg_name']);
unset($this->searchFields['Search By ID']['hmm_id']);
#unset($this->searchFields['Search By ID']['kegg_id']);
//if a query string has been passed in as a variable
if ($query != "*:*") {
$this->Session->write('searchField', 1);
} else {
$query = $this->data['Search']['query'];
$field = $this->data['Search']['field'];
try {
$query = $this->generateLuceneQuery($query, $field);
} catch (Exception $e) {
$this->set('exception', $e->errorMessage());
$this->Session->write('query', $query);
$this->Session->write('numHits', 0);
$this->Session->write('searchField', $field);
$this->render();
}
}
asort($this->searchFields['Search By ID']);
asort($this->searchFields['Search By Name']);
//get user id to make/get user specific cache
$currentUser = Authsome::get();
$currentUserId = $currentUser['User']['id'];
//try to use cache for default query *:*"
if ($query != "*:*" || ($searchAllResults = Cache::read($currentUserId . 'searchAllResults')) === false) {
//start search all
$totalHits = 0;
//returns all datasets the current user has access to
$datasets = $this->Project->findUserDatasets(LIBRARY_DATASETS);
$facets = array('habitat' => array(), 'location' => array(), 'filter' => array(), 'project' => array(), 'depth' => array());
foreach ($datasets as &$dataset) {
$numHits = 0;
//get number of hits
try {
$numHits = $this->Solr->count($dataset['name'], $query);
} catch (Exception $e) {
$this->set('exception', LUCENE_QUERY_EXCEPTION);
break;
}
$totalHits += $numHits;
$dataset['hits'] = $numHits;
//get number of overall counts
if ($query === '*:*') {
$counts = $numHits;
} else {
$counts = $this->count($dataset['name']);
}
$dataset['counts'] = $counts;
if ($numHits > 0) {
$this->loadModel('Library');
$libraryMetadata = $this->Library->find('all', array('fields' => array('sample_habitat', 'sample_filter', 'sample_longitude', 'sample_latitude', 'sample_depth'), 'conditions' => array('Library.name' => $dataset['name'])));
$habitat = $libraryMetadata[0]['Library']['sample_habitat'];
$filter = $libraryMetadata[0]['Library']['sample_filter'];
$depth = $libraryMetadata[0]['Library']['sample_depth'];
$location = trim($libraryMetadata[0]['Library']['sample_latitude'] . " " . $libraryMetadata[0]['Library']['sample_longitude']);
if (empty($habitat)) {
$habitat = 'unassigned';
}
if (empty($location)) {
$location = 'unassigned';
}
if (empty($filter)) {
$filter = 'unassigned';
}
if (empty($depth)) {
$depth = 'unassigned';
}
if (empty($dataset['project'])) {
$project = 'unassigned';
} else {
$project = $dataset['project'];
}
if (array_key_exists($habitat, $facets['habitat'])) {
$facets['habitat'][$habitat] += $numHits;
} else {
$facets['habitat'][$habitat] = $numHits;
}
if (array_key_exists($location, $facets['location'])) {
$facets['location'][$location] += $numHits;
} else {
$facets['location'][$location] = $numHits;
}
if (array_key_exists($depth, $facets['depth'])) {
$facets['depth'][$depth] += $numHits;
} else {
$facets['depth'][$depth] = $numHits;
}
if (array_key_exists($filter, $facets['filter'])) {
$facets['filter'][$filter] += $numHits;
} else {
$facets['filter'][$filter] = $numHits;
}
if (array_key_exists($project, $facets['project'])) {
$facets['project'][$project] += $numHits;
} else {
$facets['project'][$project] = $numHits;
}
}
if ($dataset['counts'] > 0) {
$percent = round($dataset['hits'] / $dataset['counts'] * 100, 2);
} else {
$percent = 0;
}
$dataset['perc'] = $percent;
}
if ($totalHits > 0) {
foreach ($facets as $key => $value) {
arsort($facets[$key]);
$facets[$key] = array_slice($facets[$key], 0, NUM_TOP_FACET_COUNTS, true);
}
}
//sort results by absolute counts
usort($datasets, array('SearchController', 'sortResultsByCounts'));
//store everything in the searchAllResults object for caching
$searchAllResults['datasets'] = $datasets;
$searchAllResults['facets'] = $facets;
$searchAllResults['numHits'] = $totalHits;
$searchAllResults['query'] = $query;
$searchAllResults['numDatasets'] = count($datasets);
//cache query results
if ($query === '*:*') {
Cache::write($currentUserId . 'searchAllResults', $searchAllResults);
}
}
//store data in session for search all view
$this->Session->write('searchResults', $searchAllResults['datasets']);
$this->Session->write('searchFields', $this->searchFields);
$this->Session->write('query', $searchAllResults['query']);
$this->Session->write('facets', $searchAllResults['facets']);
$this->Session->write('numHits', $searchAllResults['numHits']);
$this->Session->write('numDatasets', $searchAllResults['numDatasets']);
}
public function _findAccount($state, $query, $results = array())
{
if ($state == 'before') {
$query['conditions'] = array("{$this->alias}.{$this->primaryKey}" => Authsome::get('id'));
$query['fields'] = array('first_name', 'last_name', 'location');
return $query;
} elseif ($state == 'after') {
if (empty($results[0])) {
return false;
}
return $results[0];
}
}
/**
* Wrapper around retrieving user data
*
* Can be overriden in the Model to provide advanced control
*
* @param array $result single Model record being authenticated against
* @param string $key field to retrieve. Leave null to get entire User record
* @return mixed User record. or null if no user is logged in.
*/
public function user(Model $Model, $result, $key = null)
{
if (method_exists($Model, 'user')) {
return $Model->user($key, $result);
}
if (class_exists('AuthComponent')) {
return AuthComponent::user($key);
}
if (class_exists('Authsome')) {
return Authsome::get($key);
}
if (method_exists($Model, 'get')) {
$className = get_class($Model);
$ref = new ReflectionMethod($className, 'get');
if ($ref->isStatic()) {
return $className::get($key);
}
}
return false;
}
function _login()
{
$this->layout = Configure::read('front_end_layout');
$guest = Authsome::get();
debug($guest);
die;
if (isset($_GET["ident"])) {
if ($this->User->activateAccount($_GET)) {
$this->flash("Thank you. Your account is now active.", "login");
} else {
$this->flash("Sorry. There were problems in your account activation.", "login");
}
} else {
if (isset($user['success'])) {
$user = $this->User->read(null, $user["User"]["id"]);
$this->Session->write("User", $user);
$this->Session->write("User.id", $user["User"]["id"]);
$this->Session->write("UserGroup.id", $user["UserGroup"]["id"]);
$this->Session->write("UserGroup.name", $user["UserGroup"]["name"]);
$this->Session->write('Company.id', $user['Company']['id']);
$this->redirect("/dashboard");
} elseif (isset($user['error'])) {
$this->flash($user['error']['message'], 'login');
}
}
}
/**
* Retrieves the user_id for the current model. Can be overriden in model
*
* This method tries to retrieve the trackable_id in the following order:
*
* - Model->getTrackableId()
* - Model->trackable_id
* - AuthComponent::user($user_primaryKey)
* - Authsome::get($user_primaryKey)
* - User::get($user_primaryKey)
*
* @param object $Model Model using the behavior
* @return mixed user_id integer if available, false otherwise
* @access public
*/
public function getTrackableId(Model $Model)
{
$trackableId = null;
if (method_exists($Model, 'getTrackableId')) {
$trackableId = $Model->getTrackableId();
}
if (!empty($Model->trackable_id)) {
$trackableId = $Model->trackable_id;
}
if (!$trackableId && class_exists('AuthComponent')) {
$trackableId = AuthComponent::user($this->settings[$Model->alias]['user_primaryKey']);
}
if (!$trackableId && class_exists('Authsome')) {
$trackableId = Authsome::get($this->settings[$Model->alias]['user_primaryKey']);
}
if (!$trackableId) {
$className = get_class($Model);
if (method_exists($className, 'get')) {
$trackableId = $className::get($this->settings[$Model->alias]['user_primaryKey']);
}
}
return $trackableId;
}
function __findDashboard()
{
return $this->find('first', array('conditions' => array("{$this->alias}.{$this->primaryKey}" => Authsome::get($this->primaryKey)), 'contain' => false));
}
public function account() {
if ($this->data) {
if ($this->data['User']['new_password']) {
$this->User->passwordReset();
$this->data['User']['password'] = $this->data['User']['new_password'];
}
if ($this->User->save($this->data)) {
$this->Redirect->flash('account_saved', array('action' => 'index'));
}
$this->Redirect->flash('input_errors');
}
$id = Authsome::get('User.id');
$this->data = $this->User->findById($id);
}
