public function modify($action, $id)
{
if (!$this->isCsrfTokenValid()) {
$this->flashes()->error(Trans::__('general.phrase.something-went-wrong'));
return $this->redirectToRoute('users');
}
if (!($user = $this->getUser($id))) {
$this->flashes()->error('No such user.');
return $this->redirectToRoute('users');
}
// Prevent the current user from enabling, disabling or deleting themselves
$currentuser = $this->getUser();
if ($currentuser->getId() == $user->getId()) {
$this->flashes()->error(Trans::__('general.phrase.access-denied-self-action', ['%s', $action]));
return $this->redirectToRoute('users');
}
// Verify the current user has access to edit this user
if (!$this->app['permissions']->isAllowedToManipulate($user->toArray(), $currentuser->toArray())) {
$this->flashes()->error(Trans::__('general.phrase.access-denied-privilege-edit-user'));
return $this->redirectToRoute('users');
}
switch ($action) {
case 'disable':
if ($this->users()->setEnabled($id, false)) {
$this->app['logger.system']->info("Disabled user '{$user->getDisplayname()}'.", ['event' => 'security']);
$this->flashes()->info(Trans::__('general.phrase.user-disabled', ['%s' => $user->getDisplayname()]));
} else {
$this->flashes()->info(Trans::__('general.phrase.user-failed-disabled', ['%s' => $user->getDisplayname()]));
}
break;
case 'enable':
if ($this->users()->setEnabled($id, true)) {
$this->app['logger.system']->info("Enabled user '{$user->getDisplayname()}'.", ['event' => 'security']);
$this->flashes()->info(Trans::__('general.phrase.user-enabled', ['%s' => $user->getDisplayname()]));
} else {
$this->flashes()->info(Trans::__('general.phrase.user-failed-enable', ['%s' => $user->getDisplayname()]));
}
break;
case 'delete':
if ($this->isCsrfTokenValid() && $this->users()->deleteUser($id)) {
$this->app['logger.system']->info("Deleted user '{$user->getDisplayname()}'.", ['event' => 'security']);
$this->flashes()->info(Trans::__('general.phrase.user-deleted', ['%s' => $user->getDisplayname()]));
} else {
$this->flashes()->info(Trans::__('general.phrase.user-failed-delete', ['%s' => $user->getDisplayname()]));
}
break;
default:
$this->flashes()->error(Trans::__('general.phrase.no-such-action-for-user', ['%s' => $user->getDisplayname()]));
}
return $this->redirectToRoute('users');
}