user->isAdmin()) { throw new Forbidden(); } $id = $request->getParsedBody()->id ?? null; if (!$id) { throw new BadRequest(); } $this->service->generateAndSendNewPasswordForUser($id); return ResponseComposer::json(true); } }