/**
* Gets the user that will be edited.
* @param Website $website The website.
* @param Request $request The request.
* @return User The user to edit.
* @throws NotFoundException If the id in the request is invalid or if the user can only edit him/herself.
*/
private function getEditingUser(Website $website, Request $request)
{
// Will always have a value - minimum rank of this page is user rank
$loggedInUser = $website->getAuth()->getCurrentUser();
// Check if editing another user
if (!$request->hasParameter(0)) {
return $loggedInUser;
}
$userId = $request->getParamInt(0);
if ($userId === 0 || $userId === $loggedInUser->getId()) {
return $loggedInUser;
}
if ($this->can_user_edit_someone_else($website)) {
$userRepo = $website->getAuth()->getUserRepository();
return $userRepo->getById($userId);
} else {
$website->addError($website->t("users.account") . " " . $website->t("errors.not_editable"));
throw new NotFoundException();
}
}
