public function updateCurrentUserAction()
{
$this->protectCSRF();
$user = $this->getUser();
if ($user != null) {
if ($user->getId() == $this->getParam("id")) {
$values = \Zend_Json::decode($this->getParam("data"));
unset($values["name"]);
unset($values["id"]);
unset($values["admin"]);
unset($values["permissions"]);
unset($values["roles"]);
unset($values["active"]);
if (!empty($values["new_password"])) {
$oldPasswordCheck = false;
if (empty($values["old_password"])) {
// if the user want to reset the password, the old password isn't required
$oldPasswordCheck = Tool\Session::useSession(function ($adminSession) use($oldPasswordCheck) {
if ($adminSession->password_reset) {
return true;
}
return false;
});
} else {
// the password has to match
$checkUser = Tool\Authentication::authenticatePlaintext($user->getName(), $values["old_password"]);
if ($checkUser) {
$oldPasswordCheck = true;
}
}
if ($oldPasswordCheck && $values["new_password"] == $values["retype_password"]) {
$values["password"] = Tool\Authentication::getPasswordHash($user->getName(), $values["new_password"]);
} else {
$this->_helper->json(["success" => false, "message" => "password_cannot_be_changed"]);
}
}
$user->setValues($values);
$user->save();
$this->_helper->json(["success" => true]);
} else {
\Logger::warn("prevented save current user, because ids do not match. ");
$this->_helper->json(false);
}
} else {
$this->_helper->json(false);
}
}