From c4b118c1050cd2d3064d87a68844584b82e129cc Mon Sep 17 00:00:00 2001 From: Andrey Gulitskiy <wyorma@gmail.com> Date: Sun, 16 Feb 2014 01:25:45 +0700 Subject: [PATCH 1/2] Fix for validation bug on password change --- src/Zizaco/Confide/ConfideUser.php | 8 ++++- tests/ConfideUserTest.php | 52 ++++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 1 deletion(-) diff --git a/src/Zizaco/Confide/ConfideUser.php b/src/Zizaco/Confide/ConfideUser.php index c259244..2ddcef6 100644 --- a/src/Zizaco/Confide/ConfideUser.php +++ b/src/Zizaco/Confide/ConfideUser.php @@ -133,7 +133,13 @@ public function resetPassword( $params ) $password = array_get($params, 'password', ''); $passwordConfirmation = array_get($params, 'password_confirmation', ''); - if ( $password == $passwordConfirmation ) + $passwordValidators = array( + 'password' => static::$rules['password'], + 'password_confirmation' => static::$rules['password_confirmation'], + ); + $validationResult = static::$app['confide.repository']->validate($passwordValidators); + + if ( $validationResult ) { return static::$app['confide.repository'] ->changePassword( $this, static::$app['hash']->make($password) ); diff --git a/tests/ConfideUserTest.php b/tests/ConfideUserTest.php index 193f89c..8ad34aa 100644 --- a/tests/ConfideUserTest.php +++ b/tests/ConfideUserTest.php @@ -105,6 +105,10 @@ public function testShouldChangePassword() ->andReturn( true ) ->once(); + ConfideUser::$app['confide.repository']->shouldReceive('validate') + ->andReturn( true ) + ->once(); + $this->populateUser(); $old_password = $this->confide_user->password; @@ -112,6 +116,54 @@ public function testShouldChangePassword() $this->assertTrue( $this->confide_user->resetPassword( $credentials ) ); } + public function testShouldNotChangePassword() + { + // Password should not be changed because it is empty + $credentials = array( + 'email'=>'mail@sample.com', + 'password'=>'', + 'password_confirmation'=>'' + ); + + // Should call changePassword of the repository + ConfideUser::$app['confide.repository'] = m::mock( 'ConfideRepository' ); + ConfideUser::$app['confide.repository']->shouldReceive( 'changePassword' ) + ->never(); + + ConfideUser::$app['confide.repository']->shouldReceive('validate') + ->andReturn( false ) + ->times(4); + + $this->populateUser(); + + $this->assertFalse( $this->confide_user->resetPassword( $credentials ) ); + + // Additional asserts + // Password should not be changed because it is too short + $credentials = array( + 'email'=>'mail@sample.com', + 'password'=>'39a', + 'password_confirmation'=>'39a' + ); + $this->assertFalse( $this->confide_user->resetPassword( $credentials ) ); + + // Password should not be changed because it is too long + $credentials = array( + 'email'=>'mail@sample.com', + 'password'=>'1a2f34g5uj887n', + 'password_confirmation'=>'1a2f34g5uj887n' + ); + $this->assertFalse( $this->confide_user->resetPassword( $credentials ) ); + + // Password should not be changed because it is not confirmed + $credentials = array( + 'email'=>'mail@sample.com', + 'password'=>'987987', + 'password_confirmation'=>'562906' + ); + $this->assertFalse( $this->confide_user->resetPassword( $credentials ) ); + } + public function testShouldNotSaveDuplicated() { // Make sure that userExists return 1 to simulates a duplicated user From 0d04321afdd6250c266ffab394147feb026a9b09 Mon Sep 17 00:00:00 2001 From: Andrey Gulitskiy <wyorma@gmail.com> Date: Sun, 16 Feb 2014 03:03:20 +0700 Subject: [PATCH 2/2] Tiny changes --- src/Zizaco/Confide/ConfideUser.php | 1 - tests/ConfideUserTest.php | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Zizaco/Confide/ConfideUser.php b/src/Zizaco/Confide/ConfideUser.php index 2ddcef6..22b90f3 100644 --- a/src/Zizaco/Confide/ConfideUser.php +++ b/src/Zizaco/Confide/ConfideUser.php @@ -131,7 +131,6 @@ public function forgotPassword() public function resetPassword( $params ) { $password = array_get($params, 'password', ''); - $passwordConfirmation = array_get($params, 'password_confirmation', ''); $passwordValidators = array( 'password' => static::$rules['password'], diff --git a/tests/ConfideUserTest.php b/tests/ConfideUserTest.php index 8ad34aa..342abeb 100644 --- a/tests/ConfideUserTest.php +++ b/tests/ConfideUserTest.php @@ -105,6 +105,7 @@ public function testShouldChangePassword() ->andReturn( true ) ->once(); + // Should call validate method ConfideUser::$app['confide.repository']->shouldReceive('validate') ->andReturn( true ) ->once(); @@ -125,11 +126,12 @@ public function testShouldNotChangePassword() 'password_confirmation'=>'' ); - // Should call changePassword of the repository + // Should not call changePassword of the repository ConfideUser::$app['confide.repository'] = m::mock( 'ConfideRepository' ); ConfideUser::$app['confide.repository']->shouldReceive( 'changePassword' ) ->never(); + // Should call validate method ConfideUser::$app['confide.repository']->shouldReceive('validate') ->andReturn( false ) ->times(4);