Conditions | 13 |
Paths | 54 |
Total Lines | 119 |
Code Lines | 70 |
Lines | 25 |
Ratio | 21.01 % |
Changes | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
45 | public function doChangePassword(array $data, $form) |
||
46 | { |
||
47 | /** |
||
48 | * @var LDAPService $service |
||
49 | */ |
||
50 | $service = Injector::inst()->get(LDAPService::class); |
||
51 | $member = Security::getCurrentUser(); |
||
52 | if ($member) { |
||
53 | try { |
||
54 | $userData = $service->getUserByGUID($member->GUID); |
||
55 | } catch (Exception $e) { |
||
56 | Injector::inst()->get(LoggerInterface::class)->error($e->getMessage()); |
||
57 | |||
58 | $form->clearMessage(); |
||
59 | $form->sessionMessage( |
||
60 | _t( |
||
61 | __CLASS__ . '.NOUSER', |
||
62 | 'Your account hasn\'t been setup properly, please contact an administrator.' |
||
63 | ), |
||
64 | 'bad' |
||
65 | ); |
||
66 | return $form->getController()->redirect($form->getController()->Link('changepassword')); |
||
67 | } |
||
68 | $loginResult = $service->authenticate($userData['samaccountname'], $data['OldPassword']); |
||
69 | View Code Duplication | if (!$loginResult['success']) { |
|
70 | $form->clearMessage(); |
||
71 | $form->sessionMessage( |
||
72 | _t( |
||
73 | 'SilverStripe\\Security\\Member.ERRORPASSWORDNOTMATCH', |
||
74 | 'Your current password does not match, please try again' |
||
75 | ), |
||
76 | 'bad' |
||
77 | ); |
||
78 | // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. |
||
79 | return $form->getController()->redirect($form->getController()->Link('changepassword')); |
||
80 | } |
||
81 | } |
||
82 | |||
83 | if (!$member) { |
||
84 | if ($this->getRequest()->getSession()->get('AutoLoginHash')) { |
||
85 | $member = Member::member_from_autologinhash($this->getRequest()->getSession()->get('AutoLoginHash')); |
||
86 | } |
||
87 | |||
88 | // The user is not logged in and no valid auto login hash is available |
||
89 | if (!$member) { |
||
90 | $this->getRequest()->getSession()->clear('AutoLoginHash'); |
||
91 | return $form->getController()->redirect($form->getController()->Link('login')); |
||
92 | } |
||
93 | } |
||
94 | |||
95 | // Check the new password |
||
96 | if (empty($data['NewPassword1'])) { |
||
97 | $form->clearMessage(); |
||
98 | $form->sessionMessage( |
||
99 | _t( |
||
100 | 'SilverStripe\\Security\\Member.EMPTYNEWPASSWORD', |
||
101 | "The new password can't be empty, please try again" |
||
102 | ), |
||
103 | 'bad' |
||
104 | ); |
||
105 | |||
106 | // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. |
||
107 | return $form->getController()->redirect($form->getController()->Link('changepassword')); |
||
108 | } elseif ($data['NewPassword1'] == $data['NewPassword2']) { |
||
109 | // Providing OldPassword to perform password _change_ operation. This will respect the |
||
110 | // password history policy. Unfortunately we cannot support password history policy on password _reset_ |
||
111 | // at the moment, which means it will not be enforced on SilverStripe-driven email password reset. |
||
112 | $oldPassword = !empty($data['OldPassword']) ? $data['OldPassword']: null; |
||
113 | |||
114 | /** @var ValidationResult $validationResult */ |
||
115 | $validationResult = $service->setPassword($member, $data['NewPassword1'], $oldPassword); |
||
116 | |||
117 | // try to catch connection and other errors that the ldap service can through |
||
118 | if ($validationResult->isValid()) { |
||
119 | Security::setCurrentUser($member); |
||
120 | |||
121 | $this->getRequest()->getSession()->clear('AutoLoginHash'); |
||
122 | |||
123 | // Clear locked out status |
||
124 | $member->LockedOutUntil = null; |
||
125 | $member->FailedLoginCount = null; |
||
126 | $member->write(); |
||
127 | |||
128 | if (!empty($this->getRequest()->requestVar('BackURL')) |
||
129 | // absolute redirection URLs may cause spoofing |
||
130 | && Director::is_site_url($this->getRequest()->requestVar('BackURL')) |
||
131 | ) { |
||
132 | $url = Director::absoluteURL($this->getRequest()->requestVar('BackURL')); |
||
133 | return $form->getController()->redirect($url); |
||
134 | } else { |
||
135 | // Redirect to default location - the login form saying "You are logged in as..." |
||
136 | $redirectURL = HTTP::setGetVar( |
||
137 | 'BackURL', |
||
138 | Director::absoluteBaseURL(), |
||
139 | $form->getController()->Link('login') |
||
140 | ); |
||
141 | return $form->getController()->redirect($redirectURL); |
||
142 | } |
||
143 | } else { |
||
144 | $form->clearMessage(); |
||
145 | $messages = implode('. ', array_column($validationResult->getMessages(), 'message')); |
||
146 | $form->sessionMessage($messages, 'bad'); |
||
147 | // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. |
||
148 | return $form->getController()->redirect($form->getController()->Link('changepassword')); |
||
149 | } |
||
150 | View Code Duplication | } else { |
|
151 | $form->clearMessage(); |
||
152 | $form->sessionMessage( |
||
153 | _t( |
||
154 | 'SilverStripe\\Security\\Member.ERRORNEWPASSWORD', |
||
155 | 'You have entered your new password differently, try again' |
||
156 | ), |
||
157 | 'bad' |
||
158 | ); |
||
159 | |||
160 | // redirect back to the form, instead of using redirectBack() which could send the user elsewhere. |
||
161 | return $form->getController()->redirect($form->getController()->Link('changepassword')); |
||
162 | } |
||
163 | } |
||
164 | } |
||
165 |