API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 27th, 2016
76
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.16 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. namespace Coke\Security\Rewrite\Magento\User\Controller\Adminhtml\User;
  4.  
  5. use Magento\Framework\Exception\AuthenticationException;
  6. use Magento\Framework\Exception\State\UserLockedException;
  7. use Magento\Security\Model\SecurityCookie;
  8.  
  9. class Save extends \Magento\User\Controller\Adminhtml\User\Save
  10. {
  11. /**
  12. * @var SecurityCookie
  13. */
  14. private $securityCookie;
  15.  
  16. /**
  17. * @var \Magento\Framework\Encryption\EncryptorInterface
  18. */
  19. protected $_encryptor;
  20.  
  21. public function __construct(
  22. \Magento\Framework\Encryption\EncryptorInterface $encryptorInterface,
  23. \Magento\Backend\App\Action\Context $context,
  24. \Magento\Framework\Registry $coreRegistry,
  25. \Magento\User\Model\UserFactory $userFactory
  26. )
  27. {
  28. $this->_encryptor = $encryptorInterface;
  29. parent::__construct($context, $coreRegistry, $userFactory);
  30. }
  31.  
  32. /**
  33. * Get security cookie
  34. *
  35. * @return SecurityCookie
  36. * @deprecated
  37. */
  38. private function getSecurityCookie()
  39. {
  40. if (!($this->securityCookie instanceof SecurityCookie)) {
  41. return \Magento\Framework\App\ObjectManager::getInstance()->get(SecurityCookie::class);
  42. } else {
  43. return $this->securityCookie;
  44. }
  45. }
  46.  
  47. /**
  48. * @return void
  49. * @SuppressWarnings(PHPMD.CyclomaticComplexity)
  50. * @SuppressWarnings(PHPMD.NPathComplexity)
  51. */
  52. public function execute()
  53. {
  54. $userId = (int)$this->getRequest()->getParam('user_id');
  55. $data = $this->getRequest()->getPostValue();
  56. $temporalPassword = $this->encryptor->getHash($this->getRequest()->getParam('password'));
  57. if (!$data) {
  58. $this->_redirect('adminhtml/*/');
  59. return;
  60. }
  61. /** @var $model \Magento\User\Model\User */
  62. $model = $this->_userFactory->create()->load($userId);
  63. if ($userId && $model->isObjectNew()) {
  64. $this->messageManager->addError(__('This user no longer exists.'));
  65. $this->_redirect('adminhtml/*/');
  66. return;
  67. }
  68. $model->setData($this->_getAdminUserData($data));
  69. $uRoles = $this->getRequest()->getParam('roles', []);
  70. if (count($uRoles)) {
  71. $model->setRoleId($uRoles[0]);
  72. }
  73.  
  74. /** @var $currentUser \Magento\User\Model\User */
  75. $currentUser = $this->_objectManager->get('Magento\Backend\Model\Auth\Session')->getUser();
  76. if ($userId == $currentUser->getId() && $this->_objectManager->get(
  77. 'Magento\Framework\Validator\Locale'
  78. )->isValid(
  79. $data['interface_locale']
  80. )
  81. ) {
  82. $this->_objectManager->get(
  83. 'Magento\Backend\Model\Locale\Manager'
  84. )->switchBackendInterfaceLocale(
  85. $data['interface_locale']
  86. );
  87. }
  88.  
  89. /** Before updating admin user data, ensure that password of current admin user is entered and is correct */
  90. $currentUserPasswordField = \Magento\User\Block\User\Edit\Tab\Main::CURRENT_USER_PASSWORD_FIELD;
  91. $isCurrentUserPasswordValid = isset($data[$currentUserPasswordField])
  92. && !empty($data[$currentUserPasswordField]) && is_string($data[$currentUserPasswordField]);
  93. try {
  94. if (!($isCurrentUserPasswordValid)) {
  95. throw new AuthenticationException(__('You have entered an invalid password for current user.'));
  96. }
  97. $currentUser->performIdentityCheck($data[$currentUserPasswordField]);
  98. $model->save();
  99.  
  100. $model->sendNotificationEmailsIfRequired();
  101.  
  102. $this->messageManager->addSuccess(__('You saved the user.'));
  103. $this->_getSession()->setUserData(false);
  104. $this->_redirect('adminhtml/*/');
  105. } catch (UserLockedException $e) {
  106. $this->_auth->logout();
  107. $this->getSecurityCookie()->setLogoutReasonCookie(
  108. \Magento\Security\Model\AdminSessionsManager::LOGOUT_REASON_USER_LOCKED
  109. );
  110. $this->_redirect('adminhtml/*/');
  111. } catch (\Magento\Framework\Exception\AuthenticationException $e) {
  112. $this->messageManager->addError(__('You have entered an invalid password for current user.'));
  113. $this->redirectToEdit($model, $data);
  114. } catch (\Magento\Framework\Validator\Exception $e) {
  115. $messages = $e->getMessages();
  116. $this->messageManager->addMessages($messages);
  117. $this->redirectToEdit($model, $data);
  118. } catch (\Magento\Framework\Exception\LocalizedException $e) {
  119. if ($e->getMessage()) {
  120. $this->messageManager->addError($e->getMessage());
  121. }
  122. $this->redirectToEdit($model, $data);
  123. }
  124. }
  125.  
  126. /**
  127. * @param \Magento\User\Model\User $model
  128. * @param array $data
  129. * @return void
  130. */
  131. protected function redirectToEdit(\Magento\User\Model\User $model, array $data)
  132. {
  133. $this->_getSession()->setUserData($data);
  134. $arguments = $model->getId() ? ['user_id' => $model->getId()] : [];
  135. $arguments = array_merge($arguments, ['_current' => true, 'active_tab' => '']);
  136. $this->_redirect('adminhtml/*/edit', $arguments);
  137. }
  138. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!