1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
<?php
namespace Kanboard\Controller;
/**
* Class UserCredentialController
*
* @package Kanboard\Controller
* @author Frederic Guillot
*/
class UserCredentialController extends BaseController
{
/**
* Password modification form
*
* @access public
* @param array $values
* @param array $errors
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function changePassword(array $values = array(), array $errors = array())
{
$user = $this->getUser();
return $this->response->html($this->helper->layout->user('user_credential/password', array(
'values' => $values + array('id' => $user['id']),
'errors' => $errors,
'user' => $user,
)));
}
/**
* Save new password
*
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function savePassword()
{
$user = $this->getUser();
$values = $this->request->getValues();
list($valid, $errors) = $this->userValidator->validatePasswordModification($values);
if ($valid) {
if ($this->userModel->update($values)) {
$this->flash->success(t('Password modified successfully.'));
$this->userLockingModel->resetFailedLogin($user['username']);
$this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])), true);
return;
} else {
$this->flash->failure(t('Unable to change the password.'));
}
}
$this->changePassword($values, $errors);
}
/**
* Display a form to edit authentication
*
* @access public
* @param array $values
* @param array $errors
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function changeAuthentication(array $values = array(), array $errors = array())
{
$user = $this->getUser();
if (empty($values)) {
$values = $user;
unset($values['password']);
}
return $this->response->html($this->helper->layout->user('user_credential/authentication', array(
'values' => $values,
'errors' => $errors,
'user' => $user,
)));
}
/**
* Save authentication
*
* @throws \Kanboard\Core\Controller\AccessForbiddenException
* @throws \Kanboard\Core\Controller\PageNotFoundException
*/
public function saveAuthentication()
{
$user = $this->getUser();
$values = $this->request->getValues() + array('disable_login_form' => 0, 'is_ldap_user' => 0);
list($valid, $errors) = $this->userValidator->validateModification($values);
if ($valid) {
if ($this->userModel->update($values)) {
$this->flash->success(t('User updated successfully.'));
$this->response->redirect($this->helper->url->to('UserCredentialController', 'changeAuthentication', array('user_id' => $user['id'])), true);
return;
} else {
$this->flash->failure(t('Unable to update this user.'));
}
}
$this->changeAuthentication($values, $errors);
}
/**
* Unlock user
*/
public function unlock()
{
$user = $this->getUser();
$this->checkCSRFParam();
if ($this->userLockingModel->resetFailedLogin($user['username'])) {
$this->flash->success(t('User unlocked successfully.'));
} else {
$this->flash->failure(t('Unable to unlock the user.'));
}
$this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
}
|
