/**
* Change a user password.
* This is a method that you request via AJAX.
*
*/
public function update_password($url=null) {
// First, get the record
$record = User::find('first', array('conditions' => array('url' => $url)));
if(!$record) {
return array('error' => true, 'response' => 'User record not found.');
}
$user = Auth::check('minerva_user');
if(!$user) {
//$this->redirect('/');
return array('error' => true, 'response' => 'You must be logged in to change your password.');
//exit();
}
$record_data = $record->data();
if($user['_id'] != $record_data['_id']) {
//$this->redirect('/');
return array('error' => true, 'response' => 'You can only change your own password.');
//exit();
}
// Update the record
if ($this->request->data) {
// Make sure the password matches the confirmation
if($this->request->data['password'] != $this->request->data['password_confirm']) {
return array('error' => true, 'response' => 'You must confirm your password change by typing it again in the confirm box.');
}
// Call save from the main app's User model
if($record->save($this->request->data)) {
//$this->redirect(array('controller' => 'users', 'action' => 'manage', $url));
return array('error' => false, 'response' => 'Password has been updated successfully.');
} else {
return array('error' => true, 'response' => 'Failed to update password, try again.');
}
} else {
return array('error' => true, 'response' => 'You must pass the proper data to change your password and you can\'t call this URL directly.');
}
}
public static function __init() {
$class = __CLASS__;
/**
* ROLES
* Note: You don't need to use Minerva's role based access system.
* It's a very lightweight system designed to provide basic coverage.
* Your needs may fall within the scope of it and you can feel free to
* create new roles and access rules using the Access class. However, you
* may not find it meeting your needs. You can create your own access
* system and simply ignore the "role" field on the User model and/or
* always set it to "administrator" and use a different field.
* If you don't want to use Minerva's basic role system, you'll need to
* adjust the access rules for each controller (which can be done in
* your library's Page/User/Block model).
*/
// Replace user roles
$class::_object()->_user_roles = static::_object()->_user_roles;
// Fill form with role options
$class::_object()->_schema['role']['form']['options'] = User::user_roles();
/*
* Some special validation rules
*/
Validator::add('uniqueEmail', function($value) {
$user = User::find('first', array('fields' => array('_id'), 'conditions' => array('email' => $value)));
if(!empty($user)) {
return false;
}
return true;
});
Validator::add('notEmptyHash', function($value) {
if($value == 'da39a3ee5e6b4b0d3255bfef95601890afd80709') {
return false;
}
return true;
});
Validator::add('moreThanFive', function($value) {
if(strlen($value) < 5) {
return false;
}
return true;
});
parent::__init();
}
