Fix merge with upstream
This commit is contained in:
E.Alamo
@ -18,6 +18,8 @@ use Da\User\Model\Profile;
|
||||
use Da\User\Model\User;
|
||||
use Da\User\Query\UserQuery;
|
||||
use Da\User\Search\UserSearch;
|
||||
use Da\User\Service\PasswordExpireService;
|
||||
use Da\User\Service\PasswordRecoveryService;
|
||||
use Da\User\Service\SwitchIdentityService;
|
||||
use Da\User\Service\UserBlockService;
|
||||
use Da\User\Service\UserConfirmationService;
|
||||
@ -81,7 +83,8 @@ class AdminController extends Controller
|
||||
'delete' => ['post'],
|
||||
'confirm' => ['post'],
|
||||
'block' => ['post'],
|
||||
'switch-identity' => ['post']
|
||||
'switch-identity' => ['post'],
|
||||
'password-reset' => ['post']
|
||||
],
|
||||
],
|
||||
'access' => [
|
||||
@ -128,7 +131,7 @@ class AdminController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$user])->validate();
|
||||
|
||||
if ($user->load(Yii::$app->request->post())) {
|
||||
if ($user->load(Yii::$app->request->post()) && $user->validate()) {
|
||||
$this->trigger(UserEvent::EVENT_BEFORE_CREATE, $event);
|
||||
|
||||
$mailService = MailFactory::makeWelcomeMailerService($user);
|
||||
@ -136,9 +139,9 @@ class AdminController extends Controller
|
||||
if ($this->make(UserCreateService::class, [$user, $mailService])->run()) {
|
||||
Yii::$app->getSession()->setFlash('success', Yii::t('usuario', 'User has been created'));
|
||||
$this->trigger(UserEvent::EVENT_AFTER_CREATE, $event);
|
||||
|
||||
return $this->redirect(['update', 'id' => $user->id]);
|
||||
}
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User account could not be created.'));
|
||||
}
|
||||
|
||||
return $this->render('create', ['user' => $user]);
|
||||
@ -309,4 +312,37 @@ class AdminController extends Controller
|
||||
|
||||
return $this->goHome();
|
||||
}
|
||||
|
||||
public function actionPasswordReset($id)
|
||||
{
|
||||
/** @var User $user */
|
||||
$user = $this->userQuery->where(['id' => $id])->one();
|
||||
$mailService = MailFactory::makeRecoveryMailerService($user->email);
|
||||
if ($this->make(PasswordRecoveryService::class, [$user->email, $mailService])->run()) {
|
||||
Yii::$app->getSession()->setFlash('success', Yii::t('usuario', 'Recovery message sent'));
|
||||
} else {
|
||||
Yii::$app->getSession()->setFlash(
|
||||
'danger',
|
||||
Yii::t('usuario', 'Unable to send recovery message to the user')
|
||||
);
|
||||
}
|
||||
|
||||
return $this->redirect(['index']);
|
||||
}
|
||||
|
||||
/**
|
||||
* Forces the user to change password at next login
|
||||
* @param integer $id
|
||||
*/
|
||||
public function actionForcePasswordChange($id)
|
||||
{
|
||||
/** @var User $user */
|
||||
$user = $this->userQuery->where(['id' => $id])->one();
|
||||
if ($this->make(PasswordExpireService::class, [$user])->run()) {
|
||||
Yii::$app->session->setFlash("success", Yii::t('usuario', 'User will be required to change password at next login'));
|
||||
} else {
|
||||
Yii::$app->session->setFlash("danger", Yii::t('usuario', 'There was an error in saving user'));
|
||||
}
|
||||
$this->redirect(['index']);
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,6 +35,8 @@ class PermissionController extends AbstractAuthItemController
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
protected function getItem($name)
|
||||
{
|
||||
|
||||
@ -24,6 +24,8 @@ use Da\User\Service\ResetPasswordService;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Da\User\Validator\AjaxRequestModelValidator;
|
||||
use Yii;
|
||||
use yii\base\InvalidConfigException;
|
||||
use yii\base\InvalidParamException;
|
||||
use yii\filters\AccessControl;
|
||||
use yii\web\Controller;
|
||||
use yii\web\NotFoundHttpException;
|
||||
@ -74,6 +76,8 @@ class RecoveryController extends Controller
|
||||
* Displays / handles user password recovery request.
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return string
|
||||
*
|
||||
*/
|
||||
@ -90,7 +94,7 @@ class RecoveryController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$form])->validate();
|
||||
|
||||
if ($form->load(Yii::$app->request->post())) {
|
||||
if ($form->load(Yii::$app->request->post()) && $form->validate()) {
|
||||
$this->trigger(FormEvent::EVENT_BEFORE_REQUEST, $event);
|
||||
|
||||
$mailService = MailFactory::makeRecoveryMailerService($form->email);
|
||||
@ -118,12 +122,14 @@ class RecoveryController extends Controller
|
||||
* @param $code
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return string
|
||||
*
|
||||
*/
|
||||
public function actionReset($id, $code)
|
||||
{
|
||||
if (!$this->module->allowPasswordRecovery) {
|
||||
if (!$this->module->allowPasswordRecovery && !$this->module->allowAdminPasswordRecovery) {
|
||||
throw new NotFoundHttpException();
|
||||
}
|
||||
/** @var Token $token */
|
||||
|
||||
@ -106,15 +106,18 @@ class RegistrationController extends Controller
|
||||
$mailService = MailFactory::makeWelcomeMailerService($user);
|
||||
|
||||
if ($this->make(UserRegisterService::class, [$user, $mailService])->run()) {
|
||||
Yii::$app->session->setFlash(
|
||||
'info',
|
||||
Yii::t(
|
||||
'usuario',
|
||||
'Your account has been created and a message with further instructions has been sent to your email'
|
||||
)
|
||||
);
|
||||
if ($this->module->enableEmailConfirmation) {
|
||||
Yii::$app->session->setFlash(
|
||||
'info',
|
||||
Yii::t(
|
||||
'usuario',
|
||||
'Your account has been created and a message with further instructions has been sent to your email'
|
||||
)
|
||||
);
|
||||
} else {
|
||||
Yii::$app->session->setFlash('info', Yii::t('usuario', 'Your account has been created'));
|
||||
}
|
||||
$this->trigger(FormEvent::EVENT_AFTER_REGISTER, $event);
|
||||
|
||||
return $this->render(
|
||||
'/shared/message',
|
||||
[
|
||||
@ -123,15 +126,9 @@ class RegistrationController extends Controller
|
||||
]
|
||||
);
|
||||
}
|
||||
Yii::$app->session->setFlash('danger', Yii::t('usuario', 'User could not be registered.'));
|
||||
}
|
||||
|
||||
return $this->render(
|
||||
'register',
|
||||
[
|
||||
'model' => $form,
|
||||
'module' => $this->module,
|
||||
]
|
||||
);
|
||||
return $this->render('register', ['model' => $form, 'module' => $this->module]);
|
||||
}
|
||||
|
||||
public function actionConnect($code)
|
||||
@ -152,7 +149,7 @@ class RegistrationController extends Controller
|
||||
|
||||
$this->make(AjaxRequestModelValidator::class, [$user])->validate();
|
||||
|
||||
if ($user->load(Yii::$app->request->post())) {
|
||||
if ($user->load(Yii::$app->request->post()) && $user->validate()) {
|
||||
$this->trigger(SocialNetworkConnectEvent::EVENT_BEFORE_CONNECT, $event);
|
||||
|
||||
$mailService = MailFactory::makeWelcomeMailerService($user);
|
||||
|
||||
@ -35,6 +35,8 @@ class RoleController extends AbstractAuthItemController
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*
|
||||
* @throws NotFoundHttpException
|
||||
*/
|
||||
protected function getItem($name)
|
||||
{
|
||||
|
||||
@ -17,10 +17,12 @@ use Da\User\Service\AuthRuleEditionService;
|
||||
use Da\User\Traits\AuthManagerAwareTrait;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Da\User\Validator\AjaxRequestModelValidator;
|
||||
use Da\User\Filter\AccessRuleFilter;
|
||||
use Yii;
|
||||
use yii\filters\VerbFilter;
|
||||
use yii\web\Controller;
|
||||
use yii\web\NotFoundHttpException;
|
||||
use yii\filters\AccessControl;
|
||||
|
||||
class RuleController extends Controller
|
||||
{
|
||||
@ -33,12 +35,24 @@ class RuleController extends Controller
|
||||
public function behaviors()
|
||||
{
|
||||
return [
|
||||
[
|
||||
'verbs' => [
|
||||
'class' => VerbFilter::className(),
|
||||
'actions' => [
|
||||
'delete' => ['POST'],
|
||||
],
|
||||
]
|
||||
],
|
||||
'access' => [
|
||||
'class' => AccessControl::className(),
|
||||
'ruleConfig' => [
|
||||
'class' => AccessRuleFilter::className(),
|
||||
],
|
||||
'rules' => [
|
||||
[
|
||||
'allow' => true,
|
||||
'roles' => ['admin'],
|
||||
],
|
||||
],
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@ -21,6 +21,8 @@ use Da\User\Service\SocialNetworkAuthenticateService;
|
||||
use Da\User\Traits\ContainerAwareTrait;
|
||||
use Yii;
|
||||
use yii\authclient\AuthAction;
|
||||
use yii\base\InvalidConfigException;
|
||||
use yii\base\InvalidParamException;
|
||||
use yii\base\Module;
|
||||
use yii\filters\AccessControl;
|
||||
use yii\filters\VerbFilter;
|
||||
@ -102,6 +104,8 @@ class SecurityController extends Controller
|
||||
/**
|
||||
* Controller action responsible for handling login page and actions.
|
||||
*
|
||||
* @throws InvalidConfigException
|
||||
* @throws InvalidParamException
|
||||
* @return array|string|Response
|
||||
*/
|
||||
public function actionLogin()
|
||||
@ -133,7 +137,10 @@ class SecurityController extends Controller
|
||||
|
||||
$this->trigger(FormEvent::EVENT_BEFORE_LOGIN, $event);
|
||||
if ($form->login()) {
|
||||
$form->getUser()->updateAttributes(['last_login_at' => time()]);
|
||||
$form->getUser()->updateAttributes([
|
||||
'last_login_at' => time(),
|
||||
'last_login_ip' => Yii::$app->request->getUserIP(),
|
||||
]);
|
||||
|
||||
$this->trigger(FormEvent::EVENT_AFTER_LOGIN, $event);
|
||||
|
||||
|
||||
@ -235,7 +235,7 @@ class SettingsController extends Controller
|
||||
if ($account === null) {
|
||||
throw new NotFoundHttpException();
|
||||
}
|
||||
if ($account->user_id != Yii::$app->user->id) {
|
||||
if ($account->user_id !== Yii::$app->user->id) {
|
||||
throw new ForbiddenHttpException();
|
||||
}
|
||||
$event = $this->make(SocialNetworkConnectEvent::class, [Yii::$app->user->identity, $account]);
|
||||
@ -321,7 +321,7 @@ class SettingsController extends Controller
|
||||
{
|
||||
$user = $this->userQuery->whereId($id)->one();
|
||||
|
||||
if ($user === null || $this->module->emailChangeStrategy == MailChangeStrategyInterface::TYPE_INSECURE) {
|
||||
if ($user === null || MailChangeStrategyInterface::TYPE_INSECURE === $this->module->emailChangeStrategy) {
|
||||
throw new NotFoundHttpException();
|
||||
}
|
||||
$event = $this->make(UserEvent::class, [$user]);
|
||||
@ -347,7 +347,6 @@ class SettingsController extends Controller
|
||||
public function actionDisconnect($id)
|
||||
{
|
||||
$this->disconnectSocialNetwork($id);
|
||||
|
||||
return $this->redirect(['networks']);
|
||||
}
|
||||
|
||||
@ -409,7 +408,7 @@ class SettingsController extends Controller
|
||||
return [
|
||||
'success' => $success,
|
||||
'message' => $success
|
||||
? Yii::t('usuario', 'Two factor successfully enabled.')
|
||||
? Yii::t('usuario', 'Two factor authentication successfully enabled.')
|
||||
: Yii::t('usuario', 'Verification failed. Please, enter new code.')
|
||||
];
|
||||
}
|
||||
@ -426,11 +425,11 @@ class SettingsController extends Controller
|
||||
if ($user->updateAttributes(['auth_tf_enabled' => '0'])) {
|
||||
Yii::$app
|
||||
->getSession()
|
||||
->setFlash('success', Yii::t('usuario', 'Two-factor authorization has been disabled.'));
|
||||
->setFlash('success', Yii::t('usuario', 'Two factor authentication has been disabled.'));
|
||||
} else {
|
||||
Yii::$app
|
||||
->getSession()
|
||||
->setFlash('danger', Yii::t('usuario', 'Unable to disable two-factor authorization.'));
|
||||
->setFlash('danger', Yii::t('usuario', 'Unable to disable Two factor authentication.'));
|
||||
}
|
||||
|
||||
$this->redirect(['account']);
|
||||
|
||||
Reference in New Issue
Block a user