wCMF 4.0
UserController.php
1 <?php
2 /**
3  * wCMF - wemove Content Management Framework
4  * Copyright (C) 2005-2015 wemove digital solutions GmbH
5  *
6  * Licensed under the terms of the MIT License.
7  *
8  * See the LICENSE file distributed with this work for
9  * additional information.
10  */
11 namespace wcmf\application\controller;
12 
13 use wcmf\lib\core\IllegalArgumentException;
14 use wcmf\lib\persistence\PersistenceAction;
15 use wcmf\lib\presentation\ApplicationError;
16 use wcmf\lib\presentation\Controller;
17 use wcmf\lib\security\principal\User;
18 
19 /**
20  * UserController is used to change the current user's password.
21  *
22  * The controller supports the following actions:
23  *
24  * <div class="controller-action">
25  * <div> __Action__ _default_ </div>
26  * <div>
27  * Change the user's password.
28  * | Parameter | Description
29  * |------------------------|-------------------------
30  * | _in_ `oldpassword` | The old password
31  * | _in_ `newpassword1` | The new password
32  * | _in_ `newpassword2` | The new password
33  * | __Response Actions__ | |
34  * | `ok` | In all cases
35  * </div>
36  * </div>
37  *
38  * @author ingo herwig <ingo@wemove.com>
39  */
40 class UserController extends Controller {
41 
42  /**
43  * @see Controller::doExecute()
44  */
45  protected function doExecute() {
46  $session = $this->getSession();
47  $permissionManager = $this->getPermissionManager();
48  $persistenceFacade = $this->getPersistenceFacade();
49  $request = $this->getRequest();
50  $response = $this->getResponse();
51 
52  // change password
53 
54  // load model
55  $authUser = $session->getAuthUser();
56 
57  // add permissions for this operation
58  $oidStr = $authUser->getOID()->__toString();
59  $permissionManager->addTempPermission($oidStr, '', PersistenceAction::READ);
60  $permissionManager->addTempPermission($oidStr, '', PersistenceAction::UPDATE);
61 
62  // start the persistence transaction
63  $transaction = $persistenceFacade->getTransaction();
64  $transaction->begin();
65  try {
66  $this->changePassword($authUser, $request->getValue('oldpassword'),
67  $request->getValue('newpassword1'), $request->getValue('newpassword2'));
68  $transaction->commit();
69  }
70  catch(\Exception $ex) {
71  $response->addError(ApplicationError::fromException($ex));
72  $transaction->rollback();
73  }
74  // remove temporary permissions
75  $permissionManager->clearTempPermissions();
76 
77  // success
78  $response->setAction('ok');
79  }
80 
81  /**
82  * Change a users password.
83  * @param $user The User instance
84  * @param $oldPassword The old password of the user
85  * @param $newPassword The new password for the user
86  * @param $newPasswordRepeated The new password of the user again
87  */
88  public function changePassword(User $user, $oldPassword, $newPassword, $newPasswordRepeated) {
89  $message = $this->getMessage();
90  // check old password
91  if (!$user->verifyPassword($oldPassword, $user->getPassword())) {
92  throw new IllegalArgumentException($message->getText("The old password is incorrect"));
93  }
94  if (strlen($newPassword) == 0) {
95  throw new IllegalArgumentException($message->getText("The password can't be empty"));
96  }
97  if ($newPassword != $newPasswordRepeated) {
98  throw new IllegalArgumentException($message->getText("The given passwords don't match"));
99  }
100  // set password
101  $user->setPassword($newPassword);
102  }
103 }
104 ?>
wcmf\lib\presentation\Controller\getRequest
getRequest()
Get the Request instance.
Definition: Controller.php:190
wcmf\lib\presentation\Controller\getMessage
getMessage()
Get the Message instance.
Definition: Controller.php:254
wcmf\application\controller\UserController
UserController is used to change the current user's password.
Definition: UserController.php:40
wcmf\lib\security\principal\User
User is the interface for users.
Definition: User.php:18
wcmf\lib\presentation\Controller
Controller is the base class of all controllers.
Definition: Controller.php:48
wcmf\lib\core\IllegalArgumentException
IllegalArgumentException signals an exception in method arguments.
Definition: IllegalArgumentException.php:18
wcmf\lib\presentation\Controller\getPermissionManager
getPermissionManager()
Get the PermissionManager instance.
Definition: Controller.php:230
wcmf\application\controller\UserController\changePassword
changePassword(User $user, $oldPassword, $newPassword, $newPasswordRepeated)
Change a users password.
Definition: UserController.php:88
wcmf\lib\presentation\ApplicationError\fromException
static fromException(\Exception $ex)
Factory method for transforming an exception into an ApplicationError instance.
Definition: ApplicationError.php:144
wcmf\lib\security\principal\User\getPassword
getPassword()
Get the password of the user.
wcmf\application\controller
Application controllers.
Definition: namespaces.php:3
wcmf\lib\security\principal\User\verifyPassword
verifyPassword($password, $passwordHash)
Verify a password.
wcmf\lib\security\principal\User\setPassword
setPassword($password)
Set the password of the user.
wcmf\lib\presentation\Controller\getResponse
getResponse()
Get the Response instance.
Definition: Controller.php:198
wcmf\lib\presentation\Controller\getSession
getSession()
Get the Session instance.
Definition: Controller.php:214
wcmf\lib\presentation\Controller\getPersistenceFacade
getPersistenceFacade()
Get the PersistenceFacade instance.
Definition: Controller.php:222