1
|
|
|
<?php |
2
|
|
|
namespace Redaxscript\Admin\Controller; |
3
|
|
|
|
4
|
|
|
use Redaxscript\Admin; |
5
|
|
|
use Redaxscript\Auth; |
6
|
|
|
use Redaxscript\Filter; |
7
|
|
|
use Redaxscript\Hash; |
8
|
|
|
use Redaxscript\Validator; |
9
|
|
|
use function json_encode; |
10
|
|
|
|
11
|
|
|
/** |
12
|
|
|
* children class to process the admin user request |
13
|
|
|
* |
14
|
|
|
* @since 4.0.0 |
15
|
|
|
* |
16
|
|
|
* @package Redaxscript |
17
|
|
|
* @category Controller |
18
|
|
|
* @author Henry Ruhs |
19
|
|
|
*/ |
20
|
|
|
|
21
|
|
|
class User extends ControllerAbstract |
22
|
|
|
{ |
23
|
|
|
/** |
24
|
|
|
* process the class |
25
|
|
|
* |
26
|
|
|
* @since 4.0.0 |
27
|
|
|
* |
28
|
|
|
* @param string $action action to process |
29
|
|
|
* |
30
|
|
|
* @return string |
31
|
|
|
*/ |
32
|
|
|
|
33
|
14 |
|
public function process(string $action = null) : string |
34
|
|
|
{ |
35
|
14 |
|
$postArray = $this->_normalizePost($this->_sanitizePost()); |
36
|
14 |
|
$validateArray = $this->_validatePost($postArray); |
|
|
|
|
37
|
14 |
|
$passwordHash = new Hash(); |
38
|
14 |
|
$myId = (int)$this->_registry->get('myId'); |
39
|
|
|
|
40
|
|
|
/* validate post */ |
41
|
|
|
|
42
|
14 |
|
if ($validateArray) |
|
|
|
|
43
|
|
|
{ |
44
|
10 |
|
return $this->_error( |
45
|
|
|
[ |
46
|
10 |
|
'route' => $this->_getErrorRoute($postArray), |
|
|
|
|
47
|
10 |
|
'message' => $validateArray |
48
|
|
|
]); |
49
|
|
|
} |
50
|
|
|
|
51
|
|
|
/* handle create */ |
52
|
|
|
|
53
|
4 |
|
if ($action === 'create') |
54
|
|
|
{ |
55
|
1 |
|
$passwordHash->init($postArray['password']); |
56
|
|
|
$createArray = |
57
|
|
|
[ |
58
|
1 |
|
'name' => $postArray['name'], |
59
|
1 |
|
'user' => $postArray['user'], |
60
|
1 |
|
'description' => $postArray['description'], |
61
|
1 |
|
'password' => $passwordHash->getHash(), |
62
|
1 |
|
'email' => $postArray['email'], |
63
|
1 |
|
'language' => $postArray['language'], |
64
|
1 |
|
'status' => $postArray['status'], |
65
|
1 |
|
'groups' => $postArray['groups'] |
66
|
|
|
]; |
67
|
1 |
|
if ($this->_create($createArray)) |
68
|
|
|
{ |
69
|
1 |
|
return $this->_success( |
70
|
|
|
[ |
71
|
1 |
|
'route' => $this->_getSuccessRoute($postArray), |
72
|
1 |
|
'timeout' => 2 |
73
|
|
|
]); |
74
|
|
|
} |
75
|
|
|
} |
76
|
|
|
|
77
|
|
|
/* handle update */ |
78
|
|
|
|
79
|
3 |
|
if ($action === 'update') |
80
|
|
|
{ |
81
|
|
|
$updateFullArray = |
82
|
|
|
[ |
83
|
2 |
|
'name' => $postArray['name'], |
84
|
2 |
|
'user' => $postArray['user'], |
85
|
2 |
|
'description' => $postArray['description'], |
86
|
2 |
|
'email' => $postArray['email'], |
87
|
2 |
|
'language' => $postArray['language'], |
88
|
2 |
|
'status' => $postArray['status'], |
89
|
2 |
|
'groups' => $postArray['groups'] |
90
|
|
|
]; |
91
|
|
|
$updateLiteArray = |
92
|
|
|
[ |
93
|
2 |
|
'name' => $postArray['name'], |
94
|
2 |
|
'user' => $postArray['user'], |
95
|
2 |
|
'description' => $postArray['description'], |
96
|
2 |
|
'email' => $postArray['email'], |
97
|
2 |
|
'language' => $postArray['language'] |
98
|
|
|
]; |
99
|
2 |
|
if ($postArray['password']) |
100
|
|
|
{ |
101
|
2 |
|
$passwordHash->init($postArray['password']); |
102
|
2 |
|
$updateFullArray['password'] = $updateLiteArray['password'] = $passwordHash->getHash(); |
103
|
|
|
} |
104
|
2 |
|
if ($this->_update($postArray['id'], $postArray['id'] > 1 ? $updateFullArray : $updateLiteArray)) |
105
|
|
|
{ |
106
|
2 |
|
if ($postArray['id'] === $myId) |
107
|
|
|
{ |
108
|
2 |
|
$this->_refresh($postArray); |
109
|
|
|
} |
110
|
2 |
|
return $this->_success( |
111
|
|
|
[ |
112
|
2 |
|
'route' => $this->_getSuccessRoute($postArray), |
113
|
2 |
|
'timeout' => 2 |
114
|
|
|
]); |
115
|
|
|
} |
116
|
|
|
} |
117
|
|
|
|
118
|
|
|
/* handle error */ |
119
|
|
|
|
120
|
1 |
|
return $this->_error( |
121
|
|
|
[ |
122
|
1 |
|
'route' => $this->_getErrorRoute($postArray) |
|
|
|
|
123
|
|
|
]); |
124
|
|
|
} |
125
|
|
|
|
126
|
|
|
/** |
127
|
|
|
* sanitize the post |
128
|
|
|
* |
129
|
|
|
* @since 4.0.0 |
130
|
|
|
* |
131
|
|
|
* @return array |
132
|
|
|
*/ |
133
|
|
|
|
134
|
14 |
|
protected function _sanitizePost() : array |
135
|
|
|
{ |
136
|
14 |
|
$emailFilter = new Filter\Email(); |
137
|
14 |
|
$numberFilter = new Filter\Number(); |
138
|
14 |
|
$passwordFilter = new Filter\Password(); |
139
|
14 |
|
$specialFilter = new Filter\Special(); |
140
|
14 |
|
$textFilter = new Filter\Text(); |
141
|
14 |
|
$toggleFilter = new Filter\Toggle(); |
142
|
14 |
|
$userFilter = new Filter\User(); |
143
|
|
|
|
144
|
|
|
/* sanitize post */ |
145
|
|
|
|
146
|
|
|
return |
147
|
|
|
[ |
148
|
14 |
|
'id' => $numberFilter->sanitize($this->_request->getPost('id')), |
|
|
|
|
149
|
14 |
|
'name' => $textFilter->sanitize($this->_request->getPost('name')), |
|
|
|
|
150
|
14 |
|
'user' => $userFilter->sanitize($this->_request->getPost('user')), |
|
|
|
|
151
|
14 |
|
'description' => $textFilter->sanitize($this->_request->getPost('description')), |
|
|
|
|
152
|
14 |
|
'password' => $passwordFilter->sanitize($this->_request->getPost('password')), |
|
|
|
|
153
|
14 |
|
'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
|
|
|
|
154
|
14 |
|
'language' => $specialFilter->sanitize($this->_request->getPost('language')), |
|
|
|
|
155
|
14 |
|
'status' => $toggleFilter->sanitize($this->_request->getPost('status')), |
|
|
|
|
156
|
14 |
|
'groups' => json_encode($this->_request->getPost('groups')) |
157
|
|
|
]; |
158
|
|
|
} |
159
|
|
|
|
160
|
|
|
/** |
161
|
|
|
* validate the post |
162
|
|
|
* |
163
|
|
|
* @since 4.0.0 |
164
|
|
|
* |
165
|
|
|
* @param array $postArray array of the post |
166
|
|
|
* |
167
|
|
|
* @return array |
168
|
|
|
*/ |
169
|
|
|
|
170
|
14 |
|
protected function _validatePost(array $postArray = []) : array |
171
|
|
|
{ |
172
|
14 |
|
$nameValidator = new Validator\Name(); |
173
|
14 |
|
$userValidator = new Validator\User(); |
174
|
14 |
|
$passwordValidator = new Validator\Password(); |
175
|
14 |
|
$emailValidator = new Validator\Email(); |
176
|
14 |
|
$userModel = new Admin\Model\User(); |
177
|
14 |
|
$validateArray = []; |
178
|
|
|
|
179
|
|
|
/* validate post */ |
180
|
|
|
|
181
|
14 |
|
if (!$postArray['name']) |
182
|
|
|
{ |
183
|
9 |
|
$validateArray[] = $this->_language->get('name_empty'); |
184
|
|
|
} |
185
|
5 |
|
else if (!$nameValidator->validate($postArray['name'])) |
186
|
|
|
{ |
187
|
1 |
|
$validateArray[] = $this->_language->get('name_incorrect'); |
188
|
|
|
} |
189
|
14 |
|
if (!$postArray['user']) |
190
|
|
|
{ |
191
|
8 |
|
$validateArray[] = $this->_language->get('user_empty'); |
192
|
|
|
} |
193
|
6 |
|
else if (!$userValidator->validate($postArray['user'])) |
194
|
|
|
{ |
195
|
1 |
|
$validateArray[] = $this->_language->get('user_incorrect'); |
196
|
|
|
} |
197
|
5 |
|
else if (!$userModel->isUniqueByIdAndUser($postArray['id'], $postArray['user'])) |
198
|
|
|
{ |
199
|
1 |
|
$validateArray[] = $this->_language->get('user_exists'); |
200
|
|
|
} |
201
|
14 |
|
if (!$postArray['id']) |
202
|
|
|
{ |
203
|
9 |
|
if (!$postArray['password']) |
204
|
|
|
{ |
205
|
5 |
|
$validateArray[] = $this->_language->get('password_empty'); |
206
|
|
|
} |
207
|
4 |
|
else if (!$passwordValidator->validate($postArray['password'])) |
208
|
|
|
{ |
209
|
9 |
|
$validateArray[] = $this->_language->get('password_incorrect'); |
210
|
|
|
} |
211
|
|
|
} |
212
|
5 |
|
else if ($postArray['password'] && !$passwordValidator->validate($postArray['password'])) |
213
|
|
|
{ |
214
|
1 |
|
$validateArray[] = $this->_language->get('password_incorrect'); |
215
|
|
|
} |
216
|
14 |
|
if (!$emailValidator->validate($postArray['email'])) |
217
|
|
|
{ |
218
|
10 |
|
$validateArray[] = $this->_language->get('email_incorrect'); |
219
|
|
|
} |
220
|
14 |
|
return $validateArray; |
221
|
|
|
} |
222
|
|
|
|
223
|
|
|
/** |
224
|
|
|
* create the user |
225
|
|
|
* |
226
|
|
|
* @since 4.0.0 |
227
|
|
|
* |
228
|
|
|
* @param array $createArray array of the create |
229
|
|
|
* |
230
|
|
|
* @return bool |
231
|
|
|
*/ |
232
|
|
|
|
233
|
1 |
|
protected function _create(array $createArray = []) : bool |
234
|
|
|
{ |
235
|
1 |
|
$userModel = new Admin\Model\User(); |
236
|
1 |
|
return $userModel->createByArray($createArray); |
237
|
|
|
} |
238
|
|
|
|
239
|
|
|
/** |
240
|
|
|
* update the user |
241
|
|
|
* |
242
|
|
|
* @since 4.0.0 |
243
|
|
|
* |
244
|
|
|
* @param int $userId identifier of the user |
245
|
|
|
* @param array $updateArray array of the update |
246
|
|
|
* |
247
|
|
|
* @return bool |
248
|
|
|
*/ |
249
|
|
|
|
250
|
2 |
|
protected function _update(int $userId = null, array $updateArray = []) : bool |
251
|
|
|
{ |
252
|
2 |
|
$userModel = new Admin\Model\User(); |
253
|
2 |
|
return $userModel->updateByIdAndArray($userId, $updateArray); |
254
|
|
|
} |
255
|
|
|
|
256
|
|
|
/** |
257
|
|
|
* refresh the auth |
258
|
|
|
* |
259
|
|
|
* @since 4.0.0 |
260
|
|
|
* |
261
|
|
|
* @param array $refreshArray array of the update |
262
|
|
|
*/ |
263
|
|
|
|
264
|
2 |
|
protected function _refresh(array $refreshArray = []) : void |
265
|
|
|
{ |
266
|
2 |
|
$auth = new Auth($this->_request); |
267
|
2 |
|
$auth->init(); |
268
|
2 |
|
$auth->setUser('name', $refreshArray['name']); |
269
|
2 |
|
$auth->setUser('email', $refreshArray['email']); |
270
|
2 |
|
$auth->setUser('language', $refreshArray['language']); |
271
|
2 |
|
$auth->save(); |
272
|
2 |
|
} |
273
|
|
|
|
274
|
|
|
/** |
275
|
|
|
* get success route |
276
|
|
|
* |
277
|
|
|
* @since 4.0.0 |
278
|
|
|
* |
279
|
|
|
* @param array $postArray array of the post |
280
|
|
|
* |
281
|
|
|
* @return string |
282
|
|
|
*/ |
283
|
|
|
|
284
|
3 |
|
protected function _getSuccessRoute(array $postArray = []) : string |
285
|
|
|
{ |
286
|
3 |
|
if ($this->_registry->get('usersEdit') && $postArray['id']) |
287
|
|
|
{ |
288
|
1 |
|
return 'admin/view/users#row-' . $postArray['id']; |
289
|
|
|
} |
290
|
2 |
|
if ($this->_registry->get('usersEdit') && $postArray['user']) |
291
|
|
|
{ |
292
|
1 |
|
$userModel = new Admin\Model\User(); |
293
|
1 |
|
$userId = $userModel->getByUser($postArray['user'])->id; |
294
|
1 |
|
if ($userId) |
295
|
|
|
{ |
296
|
1 |
|
return 'admin/view/users#row-' . $userId; |
297
|
|
|
} |
298
|
|
|
return 'admin/view/users'; |
299
|
|
|
} |
300
|
1 |
|
return 'admin'; |
301
|
|
|
} |
302
|
|
|
|
303
|
|
|
/** |
304
|
|
|
* get error route |
305
|
|
|
* |
306
|
|
|
* @since 4.0.0 |
307
|
|
|
* |
308
|
|
|
* @param array $postArray array of the post |
309
|
|
|
* |
310
|
|
|
* @return string |
311
|
|
|
*/ |
312
|
|
|
|
313
|
11 |
|
protected function _getErrorRoute(array $postArray = []) : string |
314
|
|
|
{ |
315
|
11 |
|
if ($this->_registry->get('usersEdit') && $postArray['id']) |
316
|
|
|
{ |
317
|
1 |
|
return 'admin/edit/users/' . $postArray['id']; |
318
|
|
|
} |
319
|
10 |
|
if ($this->_registry->get('usersNew')) |
320
|
|
|
{ |
321
|
7 |
|
return 'admin/new/users'; |
322
|
|
|
} |
323
|
3 |
|
return 'admin'; |
324
|
|
|
} |
325
|
|
|
} |
326
|
|
|
|
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.