/**
* Method to save the User object to the database
*
* @param boolean $updateOnly Save the object only if not a new user
* Currently only used in the user reset password method.
*
* @return boolean True on success
*
* @since 1.7.0
* @throws \RuntimeException
*/
public function save($updateOnly = false)
{
// Create the user table object
$table = $this->getTable();
$this->params = (string) $this->_params;
$table->bind($this->getProperties());
// Allow an exception to be thrown.
try {
// Check and store the object.
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
// If user is made a Super Admin group and user is NOT a Super Admin
// @todo ACL - this needs to be acl checked
$my = Factory::getUser();
// Are we creating a new user
$isNew = empty($this->id);
// If we aren't allowed to create new users return
if ($isNew && $updateOnly) {
return true;
}
// Get the old user
$oldUser = new User($this->id);
// Access Checks
// The only mandatory check is that only Super Admins can operate on other Super Admin accounts.
// To add additional business rules, use a user plugin and throw an Exception with onUserBeforeSave.
// Check if I am a Super Admin
$iAmSuperAdmin = $my->authorise('core.admin');
$iAmRehashingSuperadmin = false;
if ($my->id == 0 && !$isNew && $this->id == $oldUser->id && $oldUser->authorise('core.admin') && $oldUser->password != $this->password) {
$iAmRehashingSuperadmin = true;
}
// Check if we are using a CLI application
$isCli = false;
if (Factory::getApplication()->isCli()) {
$isCli = true;
}
// We are only worried about edits to this account if I am not a Super Admin.
if ($iAmSuperAdmin != true && $iAmRehashingSuperadmin != true && $isCli != true) {
// I am not a Super Admin, and this one is, so fail.
if (!$isNew && Access::check($this->id, 'core.admin')) {
throw new \RuntimeException('User not Super Administrator');
}
if ($this->groups != null) {
// I am not a Super Admin and I'm trying to make one.
foreach ($this->groups as $groupId) {
if (Access::checkGroup($groupId, 'core.admin')) {
throw new \RuntimeException('User not Super Administrator');
}
}
}
}
// Fire the onUserBeforeSave event.
PluginHelper::importPlugin('user');
$result = Factory::getApplication()->triggerEvent('onUserBeforeSave', array($oldUser->getProperties(), $isNew, $this->getProperties()));
if (\in_array(false, $result, true)) {
// Plugin will have to raise its own error or throw an exception.
return false;
}
// Store the user data in the database
$result = $table->store();
// Set the id for the User object in case we created a new user.
if (empty($this->id)) {
$this->id = $table->get('id');
}
if ($my->id == $table->id) {
$registry = new Registry($table->params);
$my->setParameters($registry);
}
// Fire the onUserAfterSave event
Factory::getApplication()->triggerEvent('onUserAfterSave', array($this->getProperties(), $isNew, $result, $this->getError()));
} catch (\Exception $e) {
$this->setError($e->getMessage());
return false;
}
return $result;
}