Location: PHPKode > projects > DIY Blog > diy-blog/classes/diy-blog/model/AdminUserResource.php
<?php

require_once 'diy-blog/model/BackEndResource.php';

require_once 'diy-blog/model/om/BaseBackEndResource.php';

/**
 * Backend Resource for editing a single User.
 * Originally generated by Propel.
 *
 * @package	diy-blog.model
 * @author	Martynas Jusevicius <hide@address.com>
 * @link	http://www.xml.lt
 */

class AdminUserResource extends BackEndResource
{

	/**
	 * Constructs a new AdminUserResource class, setting the Type column to BackEndResourcePeer::CLASSKEY_ADMINUSERRESOURCE.
	 */
	public function __construct()
	{

		$this->setType(BackEndResourcePeer::CLASSKEY_ADMINUSERRESOURCE);
	}

	public function doGet(Request $request, Response $response)
	{
		$view = null;
		$parent = parent::doGet($request, $response);

		if ($parent != null) $view = $parent;
		else
		try
		{
			if (!$this->hasPermission($request->getSession()->getAttribute("user"))) throw new NoPermissionException();

			$view = new EditUserView($this);
		}
		catch (NoPermissionException $e)
		{
			$view = new ForbiddenView($this);
		}

		return $view;
	}

	public function doPost(Request $request, Response $response)
	{
		$view = null;
		$parent = parent::doPost($request, $response);

		if ($parent != null) $view = $parent;
		else
		try
		{
			if (!$this->hasPermission($request->getSession()->getAttribute("user"))) throw new NoPermissionException();

			$view = new EditUserView($this);

			if ($request->getParameter("action") == "update")
			{
				$errors = array();
				$form = new EditUserForm($request);
				$errors = $form->validate();

				try
				{
					if (count($errors) != 0) throw new InvalidFormException();

					$this->updateUser($form->getPassword(), $form->getNewPassword(), $form->getType());
					$request->setAttribute("user-result", "success");

					$response->sendRedirect(BackEndMapping::getHost().AdminUserListResource::getInstance()->getURI());
				}
				catch (InvalidFormException $e)
				{
					$view = new EditUserView($this);
					$request->setAttribute("user-result", "failure");
				}
				catch (WrongPasswordException $e)
				{
					$errors[] = new Error("wrongPassword");
					$view = new EditUserView($this);
					$request->setAttribute("user-result", "failure");
				}

				$request->setAttribute("user-form", $form);
				$request->setAttribute("user-errors", $errors);
			}

			if ($request->getParameter("action") == "delete")
			{
				$this->initUser();
				$this->user->delete();
				$this->delete();

				$response->sendRedirect(BackEndMapping::getHost().AdminUserListResource::getInstance()->getURI());
			}
		
		}
		catch (NoPermissionException $e)
		{
			$view = new ForbiddenView($this);
		}

		return $view;

	}

	private function initUser()
	{
		$users = $this->getUsers();
		$this->user = $users[0];
	}

	private function hasPermission(User $user)
	{
		$this->initUser();

		$has = false;
		if ($user instanceof AdminUser) $has = true;
		else if ($user->getPrimaryKey() == $this->user->getPrimaryKey()) $has = true;
		return $has;
	}

	private function updateUser($password, $newPassword, $type)
	{
		$this->initUser();

		if ($this->user->getPassword() == md5($password)) $this->user->setPassword(md5($newPassword));
		else throw new WrongPasswordException();
		
		//if ($type == "admin") $user = new AdminUser();
		//else $user = new LimitedUser();

		if ($type == "admin") $this->user->setType(UserPeer::CLASSKEY_ADMINUSER);
		else $this->user->setType(UserPeer::CLASSKEY_LIMITEDUSER);

		$this->user->save();
	}

} // AdminUserResource
Return current item: DIY Blog