refactoring user menu.

mdmsoft · Nov 12, 2018 · 59e6554 · 59e6554
1 parent 9d1b93b
commit 59e6554
Show file tree

Hide file tree

Showing 11 changed files with 101 additions and 51 deletions.
diff --git a/components/UserStatus.php b/components/UserStatus.php
@@ -0,0 +1,15 @@
+<?php
+
+namespace mdm\admin\components;
+
+/**
+ * Description of UserStatus
+ *
+ * @author Misbahul D Munir <misbahuldmunir@gmail.com>
+ * @since 2.9
+ */
+class UserStatus
+{
+    const INACTIVE = 0;
+    const ACTIVE = 10;
+}
diff --git a/controllers/UserController.php b/controllers/UserController.php
@@ -2,21 +2,22 @@
 
 namespace mdm\admin\controllers;
 
-use Yii;
+use mdm\admin\components\UserStatus;
+use mdm\admin\models\form\ChangePassword;
 use mdm\admin\models\form\Login;
 use mdm\admin\models\form\PasswordResetRequest;
 use mdm\admin\models\form\ResetPassword;
 use mdm\admin\models\form\Signup;
-use mdm\admin\models\form\ChangePassword;
-use mdm\admin\models\User;
 use mdm\admin\models\searchs\User as UserSearch;
+use mdm\admin\models\User;
+use Yii;
 use yii\base\InvalidParamException;
+use yii\base\UserException;
+use yii\filters\VerbFilter;
+use yii\mail\BaseMailer;
 use yii\web\BadRequestHttpException;
 use yii\web\Controller;
-use yii\filters\VerbFilter;
 use yii\web\NotFoundHttpException;
-use yii\base\UserException;
-use yii\mail\BaseMailer;
 
 /**
  * User controller
@@ -230,8 +231,8 @@ public function actionActivate($id)
     {
         /* @var $user User */
         $user = $this->findModel($id);
-        if ($user->status == User::STATUS_INACTIVE) {
-            $user->status = User::STATUS_ACTIVE;
+        if ($user->status == UserStatus::INACTIVE) {
+            $user->status = UserStatus::ACTIVE;
             if ($user->save()) {
                 return $this->goHome();
             } else {

diff --git a/models/User.php b/models/User.php
@@ -2,12 +2,13 @@
 
 namespace mdm\admin\models;
 
+use mdm\admin\components\Configs;
+use mdm\admin\components\UserStatus;
 use Yii;
 use yii\base\NotSupportedException;
 use yii\behaviors\TimestampBehavior;
 use yii\db\ActiveRecord;
 use yii\web\IdentityInterface;
-use mdm\admin\components\Configs;
 
 /**
  * User model
@@ -54,8 +55,7 @@ public function behaviors()
     public function rules()
     {
         return [
-            ['status', 'default', 'value' => self::STATUS_ACTIVE],
-            ['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_INACTIVE]],
+            ['status', 'in', 'range' => [UserStatus::ACTIVE, UserStatus::INACTIVE]],
         ];
     }
 
@@ -64,7 +64,7 @@ public function rules()
      */
     public static function findIdentity($id)
     {
-        return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
+        return static::findOne(['id' => $id, 'status' => UserStatus::ACTIVE]);
     }
 
     /**
@@ -83,7 +83,7 @@ public static function findIdentityByAccessToken($token, $type = null)
      */
     public static function findByUsername($username)
     {
-        return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
+        return static::findOne(['username' => $username, 'status' => UserStatus::ACTIVE]);
     }
 
     /**
@@ -100,7 +100,7 @@ public static function findByPasswordResetToken($token)
 
         return static::findOne([
                 'password_reset_token' => $token,
-                'status' => self::STATUS_ACTIVE,
+                'status' => UserStatus::ACTIVE,
         ]);
     }
 

diff --git a/models/form/Login.php b/models/form/Login.php
@@ -71,7 +71,8 @@ public function login()
     public function getUser()
     {
         if ($this->_user === false) {
-            $this->_user = User::findByUsername($this->username);
+            $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
+            $this->_user = $class::findByUsername($this->username);
         }
 
         return $this->_user;

diff --git a/models/form/PasswordResetRequest.php b/models/form/PasswordResetRequest.php
@@ -1,8 +1,9 @@
 <?php
 namespace mdm\admin\models\form;
 
-use Yii;
+use mdm\admin\components\UserStatus;
 use mdm\admin\models\User;
+use Yii;
 use yii\base\Model;
 
 /**
@@ -17,13 +18,14 @@ class PasswordResetRequest extends Model
      */
     public function rules()
     {
+        $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
         return [
             ['email', 'filter', 'filter' => 'trim'],
             ['email', 'required'],
             ['email', 'email'],
             ['email', 'exist',
-                'targetClass' => 'mdm\admin\models\User',
-                'filter' => ['status' => User::STATUS_ACTIVE],
+                'targetClass' => $class,
+                'filter' => ['status' => UserStatus::ACTIVE],
                 'message' => 'There is no user with such email.'
             ],
         ];
@@ -37,14 +39,15 @@ public function rules()
     public function sendEmail()
     {
         /* @var $user User */
-        $user = User::findOne([
-            'status' => User::STATUS_ACTIVE,
+        $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
+        $user = $class::findOne([
+            'status' => UserStatus::ACTIVE,
             'email' => $this->email,
         ]);
 
         if ($user) {
-            if (!User::isPasswordResetTokenValid($user->password_reset_token)) {
-                $user->generatePasswordResetToken();
+            if (!ResetPassword::isPasswordResetTokenValid($user->password_reset_token)) {
+                $user->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
             }
 
             if ($user->save()) {

diff --git a/models/form/ResetPassword.php b/models/form/ResetPassword.php
@@ -2,17 +2,20 @@
 
 namespace mdm\admin\models\form;
 
-use Yii;
+use mdm\admin\components\UserStatus;
 use mdm\admin\models\User;
+use Yii;
 use yii\base\InvalidParamException;
 use yii\base\Model;
+use yii\helpers\ArrayHelper;
 
 /**
  * Password reset form
  */
 class ResetPassword extends Model
 {
     public $password;
+    public $retypePassword;
     /**
      * @var User
      */
@@ -23,14 +26,21 @@ class ResetPassword extends Model
      *
      * @param  string $token
      * @param  array $config name-value pairs that will be used to initialize the object properties
-     * @throws \yii\base\InvalidParamException if token is empty or not valid
+     * @throws InvalidParamException if token is empty or not valid
      */
     public function __construct($token, $config = [])
     {
         if (empty($token) || !is_string($token)) {
             throw new InvalidParamException('Password reset token cannot be blank.');
         }
-        $this->_user = User::findByPasswordResetToken($token);
+        // check token
+        $class = Yii::$app->getUser()->identityClass ?: 'mdm\admin\models\User';
+        if (static::isPasswordResetTokenValid($token)) {
+            $this->_user = $class::findOne([
+                    'password_reset_token' => $token,
+                    'status' => UserStatus::ACTIVE
+            ]);
+        }
         if (!$this->_user) {
             throw new InvalidParamException('Wrong password reset token.');
         }
@@ -43,8 +53,9 @@ public function __construct($token, $config = [])
     public function rules()
     {
         return [
-            ['password', 'required'],
+            [['password', 'retypePassword'], 'required'],
             ['password', 'string', 'min' => 6],
+            ['retypePassword', 'compare', 'compareAttribute' => 'password']
         ];
     }
 
@@ -61,4 +72,21 @@ public function resetPassword()
 
         return $user->save(false);
     }
+
+    /**
+     * Finds out if password reset token is valid
+     *
+     * @param string $token password reset token
+     * @return boolean
+     */
+    public static function isPasswordResetTokenValid($token)
+    {
+        if (empty($token)) {
+            return false;
+        }
+        $expire = ArrayHelper::getValue(Yii::$app->params, 'user.passwordResetTokenExpire', 24 * 3600);
+        $parts = explode('_', $token);
+        $timestamp = (int) end($parts);
+        return $timestamp + $expire >= time();
+    }
 }
diff --git a/models/form/Signup.php b/models/form/Signup.php
@@ -1,9 +1,11 @@
 <?php
 namespace mdm\admin\models\form;
 
-use Yii;
+use mdm\admin\components\UserStatus;
 use mdm\admin\models\User;
+use Yii;
 use yii\base\Model;
+use yii\helpers\ArrayHelper;
 
 /**
  * Signup form
@@ -13,25 +15,30 @@ class Signup extends Model
     public $username;
     public $email;
     public $password;
+    public $retypePassword;
 
     /**
      * @inheritdoc
      */
     public function rules()
     {
+        $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
         return [
             ['username', 'filter', 'filter' => 'trim'],
             ['username', 'required'],
-            ['username', 'unique', 'targetClass' => 'mdm\admin\models\User', 'message' => 'This username has already been taken.'],
+            ['username', 'unique', 'targetClass' => $class, 'message' => 'This username has already been taken.'],
             ['username', 'string', 'min' => 2, 'max' => 255],
 
             ['email', 'filter', 'filter' => 'trim'],
             ['email', 'required'],
             ['email', 'email'],
-            ['email', 'unique', 'targetClass' => 'mdm\admin\models\User', 'message' => 'This email address has already been taken.'],
+            ['email', 'unique', 'targetClass' => $class, 'message' => 'This email address has already been taken.'],
 
             ['password', 'required'],
             ['password', 'string', 'min' => 6],
+
+            ['retypePassword', 'required'],
+            ['retypePassword', 'compare', 'compareAttribute' => 'password'],
         ];
     }
 
@@ -43,9 +50,11 @@ public function rules()
     public function signup()
     {
         if ($this->validate()) {
-            $user = new User();
+            $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
+            $user = new $class();
             $user->username = $this->username;
             $user->email = $this->email;
+            $user->status = ArrayHelper::getValue(Yii::$app->params, 'user.defaultStatus', UserStatus::ACTIVE);
             $user->setPassword($this->password);
             $user->generateAuthKey();
             if ($user->save()) {

diff --git a/models/searchs/User.php b/models/searchs/User.php
@@ -5,33 +5,28 @@
 use Yii;
 use yii\base\Model;
 use yii\data\ActiveDataProvider;
-use mdm\admin\models\User as UserModel;
 
 /**
  * User represents the model behind the search form about `mdm\admin\models\User`.
  */
-class User extends UserModel
+class User extends Model
 {
+    public $id;
+    public $username;
+    public $email;
+    public $status;
+
     /**
      * @inheritdoc
      */
     public function rules()
     {
         return [
-            [['id', 'status', 'created_at', 'updated_at'], 'integer'],
-            [['username', 'auth_key', 'password_hash', 'password_reset_token', 'email'], 'safe'],
+            [['id', 'status',], 'integer'],
+            [['username', 'email'], 'safe'],
         ];
     }
 
-    /**
-     * @inheritdoc
-     */
-    public function scenarios()
-    {
-        // bypass scenarios() implementation in the parent class
-        return Model::scenarios();
-    }
-
     /**
      * Creates data provider instance with search query applied
      *
@@ -41,7 +36,9 @@ public function scenarios()
      */
     public function search($params)
     {
-        $query = UserModel::find();
+        /* @var $query \yii\db\ActiveQuery */
+        $class = Yii::$app->getUser()->identityClass ? : 'mdm\admin\models\User';
+        $query = $class::find();
 
         $dataProvider = new ActiveDataProvider([
             'query' => $query,
@@ -56,14 +53,9 @@ public function search($params)
         $query->andFilterWhere([
             'id' => $this->id,
             'status' => $this->status,
-            'created_at' => $this->created_at,
-            'updated_at' => $this->updated_at,
         ]);
 
         $query->andFilterWhere(['like', 'username', $this->username])
-            ->andFilterWhere(['like', 'auth_key', $this->auth_key])
-            ->andFilterWhere(['like', 'password_hash', $this->password_hash])
-            ->andFilterWhere(['like', 'password_reset_token', $this->password_reset_token])
             ->andFilterWhere(['like', 'email', $this->email]);
 
         return $dataProvider;

diff --git a/views/user/index.php b/views/user/index.php
@@ -23,7 +23,6 @@
             ['class' => 'yii\grid\SerialColumn'],
             'username',
             'email:email',
-            'created_at:date',
             [
                 'attribute' => 'status',
                 'value' => function($model) {

diff --git a/views/user/resetPassword.php b/views/user/resetPassword.php
@@ -18,6 +18,7 @@
         <div class="col-lg-5">
             <?php $form = ActiveForm::begin(['id' => 'reset-password-form']); ?>
                 <?= $form->field($model, 'password')->passwordInput() ?>
+                <?= $form->field($model, 'retypePassword')->passwordInput() ?>
                 <div class="form-group">
                     <?= Html::submitButton(Yii::t('rbac-admin', 'Save'), ['class' => 'btn btn-primary']) ?>
                 </div>