Merge remote-tracking branch 'upstream/master' into password_expiration
This commit is contained in:
Lorenzo Milesi
@ -131,7 +131,7 @@ class AdminController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$user])->validate();
|
||||
|
||||
if ($user->load(Yii::$app->request->post())) {
|
||||
if ($user->load(Yii::$app->request->post()) && $user->validate()) {
|
||||
$this->trigger(UserEvent::EVENT_BEFORE_CREATE, $event);
|
||||
|
||||
$mailService = MailFactory::makeWelcomeMailerService($user);
|
||||
@ -140,9 +140,8 @@ class AdminController extends Controller
|
||||
Yii::$app->getSession()->setFlash('success', Yii::t('usuario', 'User has been created'));
|
||||
$this->trigger(UserEvent::EVENT_AFTER_CREATE, $event);
|
||||
return $this->redirect(['update', 'id' => $user->id]);
|
||||
} else {
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User account could not be created.'));
|
||||
}
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User account could not be created.'));
|
||||
}
|
||||
|
||||
return $this->render('create', ['user' => $user]);
|
||||
|
||||
@ -35,6 +35,8 @@ class PermissionController extends AbstractAuthItemController
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
protected function getItem($name)
|
||||
{
|
||||
|
||||
@ -24,6 +24,8 @@ use Da\User\Service\ResetPasswordService;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Da\User\Validator\AjaxRequestModelValidator;
|
||||
use Yii;
|
||||
use yii\base\InvalidConfigException;
|
||||
use yii\base\InvalidParamException;
|
||||
use yii\filters\AccessControl;
|
||||
use yii\web\Controller;
|
||||
use yii\web\NotFoundHttpException;
|
||||
@ -74,6 +76,8 @@ class RecoveryController extends Controller
|
||||
* Displays / handles user password recovery request.
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return string
|
||||
*
|
||||
*/
|
||||
@ -90,7 +94,7 @@ class RecoveryController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$form])->validate();
|
||||
|
||||
if ($form->load(Yii::$app->request->post())) {
|
||||
if ($form->load(Yii::$app->request->post()) && $form->validate()) {
|
||||
$this->trigger(FormEvent::EVENT_BEFORE_REQUEST, $event);
|
||||
|
||||
$mailService = MailFactory::makeRecoveryMailerService($form->email);
|
||||
@ -118,6 +122,8 @@ class RecoveryController extends Controller
|
||||
* @param $code
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return string
|
||||
*
|
||||
*/
|
||||
|
||||
@ -121,9 +121,8 @@ class RegistrationController extends Controller
|
||||
'module' => $this->module,
|
||||
]
|
||||
);
|
||||
} else {
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User could not be registered.'));
|
||||
}
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User could not be registered.'));
|
||||
}
|
||||
return $this->render('register', ['model' => $form, 'module' => $this->module]);
|
||||
}
|
||||
@ -146,7 +145,7 @@ class RegistrationController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$user])->validate();
|
||||
|
||||
if ($user->load(Yii::$app->request->post())) {
|
||||
if ($user->load(Yii::$app->request->post()) && $user->validate()) {
|
||||
$this->trigger(SocialNetworkConnectEvent::EVENT_BEFORE_CONNECT, $event);
|
||||
|
||||
$mailService = MailFactory::makeWelcomeMailerService($user);
|
||||
|
||||
@ -35,6 +35,8 @@ class RoleController extends AbstractAuthItemController
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
protected function getItem($name)
|
||||
{
|
||||
|
||||
@ -17,10 +17,12 @@ use Da\User\Service\AuthRuleEditionService;
|
||||
use Da\User\Traits\AuthManagerAwareTrait;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Da\User\Validator\AjaxRequestModelValidator;
|
||||
use Da\User\Filter\AccessRuleFilter;
|
||||
use Yii;
|
||||
use yii\filters\VerbFilter;
|
||||
use yii\web\Controller;
|
||||
use yii\web\NotFoundHttpException;
|
||||
use yii\filters\AccessControl;
|
||||
|
||||
class RuleController extends Controller
|
||||
{
|
||||
@ -33,12 +35,24 @@ class RuleController extends Controller
|
||||
public function behaviors()
|
||||
{
|
||||
return [
|
||||
[
|
||||
'verbs' => [
|
||||
'class' => VerbFilter::className(),
|
||||
'actions' => [
|
||||
'delete' => ['POST'],
|
||||
],
|
||||
]
|
||||
],
|
||||
'access' => [
|
||||
'class' => AccessControl::className(),
|
||||
'ruleConfig' => [
|
||||
'class' => AccessRuleFilter::className(),
|
||||
],
|
||||
'rules' => [
|
||||
[
|
||||
'allow' => true,
|
||||
'roles' => ['admin'],
|
||||
],
|
||||
],
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -21,6 +21,8 @@ use Da\User\Service\SocialNetworkAuthenticateService;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Yii;
|
||||
use yii\authclient\AuthAction;
|
||||
use yii\base\InvalidConfigException;
|
||||
use yii\base\InvalidParamException;
|
||||
use yii\base\Module;
|
||||
use yii\filters\AccessControl;
|
||||
use yii\filters\VerbFilter;
|
||||
@ -102,6 +104,8 @@ class SecurityController extends Controller
|
||||
/**
|
||||
* Controller action responsible for handling login page and actions.
|
||||
*
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return array|string|Response
|
||||
*/
|
||||
public function actionLogin()
|
||||
|
||||
@ -179,7 +179,7 @@ class SettingsController extends Controller
|
||||
{
|
||||
$user = $this->userQuery->whereId($id)->one();
|
||||
|
||||
if ($user === null || $this->module->emailChangeStrategy == MailChangeStrategyInterface::TYPE_INSECURE) {
|
||||
if ($user === null || MailChangeStrategyInterface::TYPE_INSECURE === $this->module->emailChangeStrategy) {
|
||||
throw new NotFoundHttpException();
|
||||
}
|
||||
$event = $this->make(UserEvent::class, [$user]);
|
||||
@ -210,7 +210,7 @@ class SettingsController extends Controller
|
||||
if ($account === null) {
|
||||
throw new NotFoundHttpException();
|
||||
}
|
||||
if ($account->user_id != Yii::$app->user->id) {
|
||||
if ($account->user_id !== Yii::$app->user->id) {
|
||||
throw new ForbiddenHttpException();
|
||||
}
|
||||
$event = $this->make(SocialNetworkConnectEvent::class, [Yii::$app->user->identity, $account]);
|
||||
@ -280,7 +280,7 @@ class SettingsController extends Controller
|
||||
return [
|
||||
'success' => $success,
|
||||
'message' => $success
|
||||
? Yii::t('usuario', 'Two factor successfully enabled.')
|
||||
? Yii::t('usuario', 'Two factor authentication successfully enabled.')
|
||||
: Yii::t('usuario', 'Verification failed. Please, enter new code.')
|
||||
];
|
||||
}
|
||||
@ -297,11 +297,11 @@ class SettingsController extends Controller
|
||||
if ($user->updateAttributes(['auth_tf_enabled' => '0'])) {
|
||||
Yii::$app
|
||||
->getSession()
|
||||
->setFlash('success', Yii::t('usuario', 'Two-factor authorization has been disabled.'));
|
||||
->setFlash('success', Yii::t('usuario', 'Two factor authentication has been disabled.'));
|
||||
} else {
|
||||
Yii::$app
|
||||
->getSession()
|
||||
->setFlash('danger', Yii::t('usuario', 'Unable to disable two-factor authorization.'));
|
||||
->setFlash('danger', Yii::t('usuario', 'Unable to disable Two factor authentication.'));
|
||||
}
|
||||
|
||||
$this->redirect(['account']);
|
||||
|
||||
Reference in New Issue
Block a user