public function logoutAction()
{
$adminSession = Pimcore_Tool_Authentication::getSession();
if ($adminSession->user instanceof User) {
Pimcore_API_Plugin_Broker::getInstance()->preLogoutUser($adminSession->user);
$adminSession->user = null;
}
Zend_Session::destroy();
// cleanup pimcore-cookies => 315554400 => strtotime('1980-01-01')
setcookie("pimcore_opentabs", false, 315554400, "/");
$this->_redirect("/admin/login/");
}
public static function getSession()
{
return Pimcore_Tool_Authentication::getSession();
}
public function updateCurrentUserAction()
{
$user = $this->getUser();
if ($user != null) {
if ($user->getId() == $this->_getParam("id")) {
$values = Zend_Json::decode($this->_getParam("data"));
unset($values["admin"]);
unset($values["permissions"]);
unset($values["roles"]);
unset($values["active"]);
if (!empty($values["new_password"])) {
$oldPasswordCheck = false;
if (empty($values["old_password"])) {
// if the user want to reset the password, the old password isn't required
$adminSession = Pimcore_Tool_Authentication::getSession();
if ($adminSession->password_reset) {
$oldPasswordCheck = true;
}
} else {
// the password have to match
$oldPassword = Pimcore_Tool_Authentication::getPasswordHash($user->getName(), $values["old_password"]);
if ($oldPassword == $user->getPassword()) {
$oldPasswordCheck = true;
}
}
if ($oldPasswordCheck && $values["new_password"] == $values["retype_password"]) {
$values["password"] = Pimcore_Tool_Authentication::getPasswordHash($user->getName(), $values["new_password"]);
} else {
$this->_helper->json(array("success" => false, "message" => "password_cannot_be_changed"));
}
}
$user->setValues($values);
$user->save();
$this->_helper->json(array("success" => true));
} else {
Logger::warn("prevented save current user, because ids do not match. ");
$this->_helper->json(false);
}
} else {
$this->_helper->json(false);
}
}
