Commit 368f9027 authored by Patrick Barroca's avatar Patrick Barroca 😁
Browse files

reset-password action finished

parent 83d6bcca
......@@ -335,6 +335,20 @@ class AuthController extends ZendAfi_Controller_Action {
if ($lostpass->tokenHasExpiredFrom($created))
return $this->view->message = $this->_('Jeton de réinitialisation expiré');
$this->view->form = $form = new ZendAfi_Form_ResetPassword();
$form->setAction($this->view->url());
if (!$this->_request->isPost()
|| !$form->isValid($this->_request->getPost()))
return;
$user->setPassword($form->getValue('new_pass'))
->save();
$this->_helper->notify($this->_('Votre mot de passe a été réinitialisé, vous pouvez vous connecter.'));
$this->_redirect('/auth/login');
}
......
......@@ -4,4 +4,7 @@ $this->openBoite($this->title);
if ($this->message)
echo $this->tag('div', $this->message);
if ($this->form)
echo $this->renderForm($this->form);
$this->closeBoite();
......@@ -71,7 +71,6 @@ abstract class Class_User_LostPassSender {
public function sendTo($user) {
echo $this->_contentFor($user);exit;
$error = (new Class_Mail())
->sendMail(Class_Profil::getCurrentProfil()->getTitreSite(),
$this->_contentFor($user),
......
<?php
/**
* Copyright (c) 2012-2017, Agence Française Informatique (AFI). All rights reserved.
*
* BOKEH is free software; you can redistribute it and/or modify
* it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE as published by
* the Free Software Foundation.
*
* There are special exceptions to the terms and conditions of the AGPL as it
* is applied to this software (see README file).
*
* BOKEH is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU AFFERO GENERAL PUBLIC LICENSE
* along with BOKEH; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
class ZendAfi_Form_ResetPassword extends ZendAfi_Form {
public function init() {
parent::init();
$this
->addElement('password', 'new_pass',
['label' => $this->_('Nouveau mot de passe'),
'required' => true,
'allowEmpty' => false])
->addElement('password', 'confirm_pass',
['label' => $this->_('Confirmez le nouveau mot de passe'),
'required' => true,
'allowEmpty' => false,
'validators' => [new ZendAfi_Validate_PasswordEquals('new_pass')]])
->addUniqDisplayGroup('reset-password')
;
}
}
......@@ -21,22 +21,20 @@
abstract class AuthControllerResetPasswordTestCase extends AbstractControllerTestCase {
protected $_storm_default_to_volatile=true;
protected function urlFor($id, $token, $created) {
return sprintf('/opac/auth/reset-password/id/%s/token/%s/created/%s',
$id, $token, $created);
}
}
class AuthControllerResetPasswordActionTest
extends AuthControllerResetPasswordTestCase {
protected
$_storm_default_to_volatile=true,
$_user;
public function setUp() {
parent::setUp();
Class_User_LostPass::setTimeSource((new TimeSourceForTest('2017-11-30'))
->atCoffeeTime());
$this->_user = $this->fixture('Class_Users',
['id' => 45,
'login' => 'sysnoadm',
'password' => 'supersecret']);
}
......@@ -45,9 +43,21 @@ class AuthControllerResetPasswordActionTest
parent::tearDown();
}
protected function urlFor($id, $token, $created) {
return sprintf('/opac/auth/reset-password/id/%s/token/%s/created/%s',
$id, $token, $created);
}
}
class AuthControllerResetPasswordActionTest
extends AuthControllerResetPasswordTestCase {
/** @test */
public function unknownUserShouldHaveError() {
$this->dispatch($this->urlFor(45, sha1('test'), '20231207040545'), true);
$this->dispatch($this->urlFor(99999999, sha1('test'), '20231207040545'), true);
$this->assertXPathContentContains('//div', 'Utilisateur inconnu',
$this->_response->getBody());
}
......@@ -55,12 +65,7 @@ class AuthControllerResetPasswordActionTest
/** @test */
public function badTokenShouldHaveError() {
$this->fixture('Class_Users',
['id' => 45,
'login' => 'sysnoadm',
'password' => 'supersecret']);
$this->dispatch($this->urlFor(45, sha1('test'), '20231207040545'), true);
$this->dispatch($this->urlFor($this->_user->getId(), sha1('test'),'20231207040545'), true);
$this->assertXPathContentContains('//div', 'Jeton de réinitialisation invalide',
$this->_response->getBody());
}
......@@ -68,13 +73,9 @@ class AuthControllerResetPasswordActionTest
/** @test */
public function outdatedTokenShouldHaveError() {
$user = $this->fixture('Class_Users',
['id' => 45,
'login' => 'sysnoadm',
'password' => 'supersecret']);
$token = (new Class_User_LostPass($user))->tokenAt('20071207040545');
$token = (new Class_User_LostPass($this->_user))->tokenAt('20071207040545');
$this->dispatch($this->urlFor(45, $token, '20071207040545'), true);
$this->dispatch($this->urlFor($this->_user->getId(), $token, '20071207040545'), true);
$this->assertXPathContentContains('//div', 'Jeton de réinitialisation expiré',
$this->_response->getBody());
}
......@@ -82,15 +83,51 @@ class AuthControllerResetPasswordActionTest
/** @test */
public function validTokenShouldDisplayForm() {
$user = $this->fixture('Class_Users',
['id' => 45,
'login' => 'sysnoadm',
'password' => 'supersecret']);
$token = (new Class_User_LostPass($this->_user))->tokenAt('20171130154500');
$token = (new Class_User_LostPass($user))->tokenAt('20171130154500');
$this->dispatch($this->urlFor(45, $token, '20171130154500'), true);
$this->dispatch($this->urlFor($this->_user->getId(), $token, '20171130154500'), true);
$this->assertXPath('//form[contains(@action, "auth/reset-password")]',
$this->_response->getBody());
}
}
class AuthControllerResetPasswordActionPostTest
extends AuthControllerResetPasswordTestCase {
protected $_url;
public function setUp() {
parent::setUp();
$token = (new Class_User_LostPass($this->_user))->tokenAt('20171130154500');
$this->_url = $this->urlFor($this->_user->getId(), $token, '20171130154500');
}
/** @test */
public function withoutPasswordsShouldHaveError() {
$this->postDispatch($this->_url, ['new_pass' => '', 'confirm_pass' => '']);
$this->assertXPathContentContains('//div', 'Une valeur est requise');
}
/** @test */
public function withDifferentPasswordsShouldHaveError() {
$this->postDispatch($this->_url, ['new_pass' => 'secret',
'confirm_pass' => 'terces']);
$this->assertXPathContentContains('//div', 'Les champs \'Mot de passe\' sont différents');
}
/** @test */
public function withSamePasswordShouldUpdateUserAndRedirectToLogin() {
$this->postDispatch($this->_url, ['new_pass' => 'secret',
'confirm_pass' => 'secret']);
$this->assertTrue($this->_user->verifyPassword('secret'));
$this->assertRedirectTo('/auth/login');
$this->assertFlashMessengerContentContains('Votre mot de passe a été réinitialisé, vous pouvez vous connecter.');
}
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment