/** * @EXT\Route( * "/password/edit/{user}", * name="claro_user_password_edit" * ) * @EXT\ParamConverter("loggedUser", options={"authenticatedUser" = true}) * @EXT\Template() */ public function editPasswordAction(User $user, User $loggedUser) { $isAdmin = $this->get('security.authorization_checker')->isGranted('ROLE_ADMIN'); $isGrantedUserAdmin = $this->get('security.authorization_checker')->isGranted('OPEN', $this->toolManager->getAdminToolByName('user_management')); $selfEdit = $user->getId() === $loggedUser->getId() ? true : false; if (!$selfEdit && !$isAdmin && !$isGrantedUserAdmin) { throw new AccessDeniedException(); } $form = $this->createForm(new ResetPasswordType($selfEdit)); $oldPassword = $user->getPassword(); $form->handleRequest($this->request); if ($form->isValid()) { /** @var \Symfony\Component\HttpFoundation\Session\Flash\FlashBagInterface $sessionFlashBag */ $sessionFlashBag = $this->get('session')->getFlashBag(); /** @var \Symfony\Component\Translation\TranslatorInterface $translator */ $translator = $this->get('translator'); $continue = !$selfEdit; if ($selfEdit) { $user->setPlainPassword($form['password']->getData()); } if ($selfEdit && $this->encodePassword($user) === $oldPassword) { $continue = true; } if ($continue) { $user->setPlainPassword($form['plainPassword']->getData()); $user->setPassword($this->encodePassword($user)); $entityManager = $this->get('doctrine.orm.entity_manager'); $entityManager->persist($user); $entityManager->flush(); $sessionFlashBag->add('success', $translator->trans('edit_password_success', array(), 'platform')); } else { $sessionFlashBag->add('error', $translator->trans('edit_password_error_current', array(), 'platform')); } if ($selfEdit) { return $this->redirect($this->generateUrl('claro_profile_view')); } else { return $this->redirect($this->generateUrl('claro_admin_users_index')); } } return array('form' => $form->createView(), 'user' => $user); }