1 | <?php |
||
2 | |||
3 | namespace SilverStripe\LDAP\Forms; |
||
4 | |||
5 | use Exception; |
||
6 | use SilverStripe\LDAP\Authenticators\LDAPAuthenticator; |
||
7 | use SilverStripe\LDAP\Services\LDAPService; |
||
8 | use SilverStripe\Control\Director; |
||
9 | use SilverStripe\Control\HTTP; |
||
10 | use SilverStripe\Control\HTTPResponse; |
||
11 | use SilverStripe\Control\RequestHandler; |
||
12 | use SilverStripe\Core\Config\Config; |
||
13 | use SilverStripe\Core\Injector\Injector; |
||
14 | use SilverStripe\Forms\FieldList; |
||
15 | use SilverStripe\Forms\TextField; |
||
16 | use SilverStripe\ORM\ValidationResult; |
||
17 | use SilverStripe\Security\Member; |
||
18 | use SilverStripe\Security\MemberAuthenticator\ChangePasswordForm; |
||
19 | use SilverStripe\Security\Security; |
||
20 | |||
21 | class LDAPChangePasswordForm extends ChangePasswordForm |
||
22 | { |
||
23 | /** |
||
24 | * The sole purpose for overriding the constructor is surfacing the username to the user. |
||
25 | * @param RequestHandler $controller |
||
26 | * @param string $name |
||
27 | * @param FieldList $fields |
||
28 | * @param FieldList $actions |
||
29 | */ |
||
30 | public function __construct($controller, $name, $fields = null, $actions = null) |
||
31 | { |
||
32 | parent::__construct($controller, $name, $fields, $actions); |
||
33 | |||
34 | // Obtain the Member object. If the user got this far, they must have already been synced. |
||
35 | $member = Security::getCurrentUser(); |
||
36 | if (!$member) { |
||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
37 | if ($this->getSession()->get('AutoLoginHash')) { |
||
38 | $member = Member::member_from_autologinhash($this->getSession()->get('AutoLoginHash')); |
||
39 | } |
||
40 | |||
41 | // The user is not logged in and no valid auto login hash is available |
||
42 | if (!$member) { |
||
43 | $this->getSession()->clear('AutoLoginHash'); |
||
44 | return $this->controller->redirect($this->controller->Link('login')); |
||
45 | } |
||
46 | } |
||
47 | |||
48 | $data = Injector::inst() |
||
49 | ->get(LDAPService::class) |
||
50 | ->getUserByGUID($member->GUID, ['samaccountname']); |
||
51 | |||
52 | $emailField = null; |
||
53 | $usernameField = null; |
||
54 | if (Config::inst()->get( |
||
55 | LDAPAuthenticator::class, |
||
56 | 'allow_email_login' |
||
57 | ) === 'yes' |
||
58 | && !empty($member->Email) |
||
59 | ) { |
||
60 | $emailField = TextField::create( |
||
61 | 'Email', |
||
62 | _t(__CLASS__ . '.USERNAMEOREMAIL', 'Email'), |
||
63 | $member->Email, |
||
64 | null, |
||
65 | $this |
||
66 | ); |
||
67 | } |
||
68 | if (!empty($data['samaccountname'])) { |
||
69 | $usernameField = TextField::create( |
||
70 | 'Username', |
||
71 | _t(__CLASS__ . '.USERNAME', 'Username'), |
||
72 | $data['samaccountname'], |
||
73 | null, |
||
74 | $this |
||
75 | ); |
||
76 | } |
||
77 | |||
78 | if ($emailField) { |
||
0 ignored issues
–
show
|
|||
79 | $emailFieldReadonly = $emailField->performDisabledTransformation(); |
||
80 | $this->Fields()->unshift($emailFieldReadonly); |
||
81 | } |
||
82 | if ($usernameField) { |
||
0 ignored issues
–
show
|
|||
83 | $usernameFieldReadonly = $usernameField->performDisabledTransformation(); |
||
84 | $this->Fields()->unshift($usernameFieldReadonly); |
||
85 | } |
||
86 | } |
||
87 | } |
||
88 |