IBX-3972: Fixed password validation for reset and change password forms

alongosz · web-flow · commit ceda632fdabe · 2023-03-01T09:11:03.000+01:00
For more details see https://issues.ibexa.co/browse/IBX-3972 and #113 * Fixed password validation for reset and change password forms * [Tests] Aligned PasswordValidatorTest with the changes
diff --git a/src/bundle/Controller/PasswordChangeController.php b/src/bundle/Controller/PasswordChangeController.php
@@ -68,7 +68,7 @@ public function userPasswordChangeAction(Request $request)
     {
         /** @var \eZ\Publish\API\Repository\Values\User\User $user */
         $user = $this->tokenStorage->getToken()->getUser()->getAPIUser();
-        $form = $this->formFactory->changeUserPassword($user->getContentType());
+        $form = $this->formFactory->changeUserPassword($user->getContentType(), null, null, $user);
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
diff --git a/src/bundle/Controller/PasswordResetController.php b/src/bundle/Controller/PasswordResetController.php
@@ -168,7 +168,12 @@ public function userResetPasswordAction(Request $request, string $hashKey)
             return $view;
         }
         $userPasswordResetData = new UserPasswordResetData();
-        $form = $this->formFactory->resetUserPassword($userPasswordResetData, null, $user->getContentType());
+        $form = $this->formFactory->resetUserPassword(
+            $userPasswordResetData,
+            null,
+            $user->getContentType(),
+            $user
+        );
         $form->handleRequest($request);
 
         if ($form->isSubmitted() && $form->isValid()) {
diff --git a/src/lib/Form/Factory/FormFactory.php b/src/lib/Form/Factory/FormFactory.php
@@ -9,20 +9,21 @@
 namespace EzSystems\EzPlatformUser\Form\Factory;
 
 use eZ\Publish\API\Repository\Values\ContentType\ContentType;
-use EzSystems\EzPlatformUser\Form\Data\UserPasswordForgotData;
+use eZ\Publish\API\Repository\Values\User\User;
 use EzSystems\EzPlatformUser\Form\Data\UserPasswordChangeData;
+use EzSystems\EzPlatformUser\Form\Data\UserPasswordForgotData;
+use EzSystems\EzPlatformUser\Form\Data\UserPasswordForgotWithLoginData;
+use EzSystems\EzPlatformUser\Form\Data\UserPasswordResetData;
 use EzSystems\EzPlatformUser\Form\Data\UserSettingUpdateData;
 use EzSystems\EzPlatformUser\Form\Type\UserPasswordChangeType;
 use EzSystems\EzPlatformUser\Form\Type\UserPasswordForgotType;
-use EzSystems\EzPlatformUser\Form\Data\UserPasswordForgotWithLoginData;
 use EzSystems\EzPlatformUser\Form\Type\UserPasswordForgotWithLoginType;
-use EzSystems\EzPlatformUser\Form\Data\UserPasswordResetData;
 use EzSystems\EzPlatformUser\Form\Type\UserPasswordResetType;
 use EzSystems\EzPlatformUser\Form\Type\UserSettingUpdateType;
 use Symfony\Component\Form\FormFactoryInterface;
-use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Form\FormInterface;
 use Symfony\Component\Form\Util\StringUtil;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 
 class FormFactory
 {
@@ -45,15 +46,19 @@ public function __construct(FormFactoryInterface $formFactory, UrlGeneratorInter
     public function changeUserPassword(
         ContentType $contentType,
         UserPasswordChangeData $data = null,
-        ?string $name = null
+        ?string $name = null,
+        ?User $user = null
     ): FormInterface {
         $name = $name ?: StringUtil::fqcnToBlockPrefix(UserPasswordChangeType::class);
 
         return $this->formFactory->createNamed(
             $name,
             UserPasswordChangeType::class,
             $data,
-            ['content_type' => $contentType]
+            [
+                'content_type' => $contentType,
+                'user' => $user,
+            ]
         );
     }
 
@@ -102,13 +107,22 @@ public function forgotUserPasswordWithLogin(
     public function resetUserPassword(
         UserPasswordResetData $data = null,
         ?string $name = null,
-        ContentType $contentType = null
+        ?ContentType $contentType = null,
+        ?User $user = null
     ): FormInterface {
         $name = $name ?: StringUtil::fqcnToBlockPrefix(UserPasswordResetType::class);
 
         $userContentType = $contentType ?? $data->getContentType();
 
-        return $this->formFactory->createNamed($name, UserPasswordResetType::class, $data, ['content_type' => $userContentType]);
+        return $this->formFactory->createNamed(
+            $name,
+            UserPasswordResetType::class,
+            $data,
+            [
+                'content_type' => $userContentType,
+                'user' => $user,
+            ]
+        );
     }
 
     /**
diff --git a/src/lib/Form/Type/UserPasswordChangeType.php b/src/lib/Form/Type/UserPasswordChangeType.php
@@ -9,6 +9,7 @@
 namespace EzSystems\EzPlatformUser\Form\Type;
 
 use eZ\Publish\API\Repository\Values\ContentType\ContentType;
+use eZ\Publish\API\Repository\Values\User\User;
 use EzSystems\EzPlatformUser\Form\Data\UserPasswordChangeData;
 use EzSystems\EzPlatformUser\Validator\Constraints\Password;
 use Symfony\Component\Form\AbstractType;
@@ -36,6 +37,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'constraints' => [
                     new Password([
                         'contentType' => $options['content_type'],
+                        'user' => $options['user'] ?? null,
                     ]),
                 ],
             ])
@@ -46,10 +48,12 @@ public function buildForm(FormBuilderInterface $builder, array $options)
             );
     }
 
-    public function configureOptions(OptionsResolver $resolver)
+    public function configureOptions(OptionsResolver $resolver): void
     {
         $resolver->setRequired('content_type');
+        $resolver->setDefined('user');
         $resolver->setAllowedTypes('content_type', ContentType::class);
+        $resolver->setAllowedTypes('user', [User::class, 'null']);
         $resolver->setDefaults([
             'data_class' => UserPasswordChangeData::class,
             'translation_domain' => 'forms',
diff --git a/src/lib/Form/Type/UserPasswordResetType.php b/src/lib/Form/Type/UserPasswordResetType.php
@@ -9,6 +9,7 @@
 namespace EzSystems\EzPlatformUser\Form\Type;
 
 use eZ\Publish\API\Repository\Values\ContentType\ContentType;
+use eZ\Publish\API\Repository\Values\User\User;
 use EzSystems\EzPlatformUser\Form\Data\UserPasswordResetData;
 use EzSystems\EzPlatformUser\Validator\Constraints\Password;
 use Symfony\Component\Form\AbstractType;
@@ -30,7 +31,12 @@ public function buildForm(FormBuilderInterface $builder, array $options)
                 'first_options' => ['label' => /** @Desc("New password") */ 'ezplatform.reset_user_password.new_password'],
                 'second_options' => ['label' => /** @Desc("Confirm password") */ 'ezplatform.reset_user_password.confirm_new_password'],
                 'constraints' => [
-                    new Password(['contentType' => $options['content_type']]),
+                    new Password(
+                        [
+                            'contentType' => $options['content_type'],
+                            'user' => $options['user'] ?? null,
+                        ]
+                    ),
                 ],
             ])
             ->add(
@@ -40,10 +46,12 @@ public function buildForm(FormBuilderInterface $builder, array $options)
             );
     }
 
-    public function configureOptions(OptionsResolver $resolver)
+    public function configureOptions(OptionsResolver $resolver): void
     {
         $resolver->setRequired('content_type');
+        $resolver->setDefined('user');
         $resolver->setAllowedTypes('content_type', ContentType::class);
+        $resolver->setAllowedTypes('user', [User::class, 'null']);
         $resolver->setDefaults([
             'data_class' => UserPasswordResetData::class,
             'translation_domain' => 'forms',
diff --git a/src/lib/Validator/Constraints/Password.php b/src/lib/Validator/Constraints/Password.php
@@ -21,6 +21,9 @@ class Password extends Constraint
     /** @var \eZ\Publish\API\Repository\Values\ContentType\ContentType|null */
     public $contentType;
 
+    /** @var \eZ\Publish\API\Repository\Values\User\User|null */
+    public $user;
+
     /**
      * {@inheritdoc}
      */
diff --git a/src/lib/Validator/Constraints/PasswordValidator.php b/src/lib/Validator/Constraints/PasswordValidator.php
@@ -32,9 +32,13 @@ public function validate($value, Constraint $constraint): void
 
         $passwordValidationContext = new PasswordValidationContext([
             'contentType' => $constraint->contentType,
+            'user' => $constraint->user,
         ]);
 
-        $validationErrors = $this->userService->validatePassword($value, $passwordValidationContext);
+        $validationErrors = $this->userService->validatePassword(
+            $value,
+            $passwordValidationContext
+        );
         if (!empty($validationErrors)) {
             $validationErrorsProcessor = $this->createValidationErrorsProcessor();
             $validationErrorsProcessor->processValidationErrors($validationErrors);
diff --git a/tests/lib/Validator/Constraint/PasswordValidatorTest.php b/tests/lib/Validator/Constraint/PasswordValidatorTest.php
@@ -11,6 +11,7 @@
 use eZ\Publish\API\Repository\UserService;
 use eZ\Publish\API\Repository\Values\ContentType\ContentType;
 use eZ\Publish\API\Repository\Values\User\PasswordValidationContext;
+use eZ\Publish\API\Repository\Values\User\User;
 use eZ\Publish\Core\FieldType\ValidationError;
 use EzSystems\EzPlatformUser\Validator\Constraints\Password;
 use EzSystems\EzPlatformUser\Validator\Constraints\PasswordValidator;
@@ -57,28 +58,37 @@ public function testValid(): void
     {
         $password = 'pass';
         $contentType = $this->createMock(ContentType::class);
+        $user = $this->createMock(User::class);
 
         $this->userService
-            ->expects($this->once())
+            ->expects(self::once())
             ->method('validatePassword')
-            ->willReturnCallback(function (string $actualPassword, PasswordValidationContext $actualContext) use (
-                $password,
-                $contentType
-            ): array {
-                $this->assertEquals($password, $actualPassword);
-                $this->assertInstanceOf(PasswordValidationContext::class, $actualContext);
-                $this->assertSame($contentType, $actualContext->contentType);
-
-                return [];
-            });
+            ->willReturnCallback(
+                function (string $actualPassword, PasswordValidationContext $actualContext) use (
+                    $password,
+                    $contentType,
+                    $user
+                ): array {
+                    self::assertEquals($password, $actualPassword);
+                    self::assertInstanceOf(PasswordValidationContext::class, $actualContext);
+                    self::assertSame($contentType, $actualContext->contentType);
+                    self::assertSame($user, $actualContext->user);
+
+                    return [];
+                }
+            );
 
         $this->executionContext
             ->expects($this->never())
             ->method('buildViolation');
 
-        $this->validator->validate($password, new Password([
-            'contentType' => $contentType,
-        ]));
+        $this->validator->validate(
+            $password,
+            new Password([
+                'contentType' => $contentType,
+                'user' => $user,
+            ])
+        );
     }
 
     public function testInvalid(): void

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ public function userPasswordChangeAction(Request $request)`
`68`	`68`	`{`
`69`	`69`	`/** @var \eZ\Publish\API\Repository\Values\User\User $user */`
`70`	`70`	`$user = $this->tokenStorage->getToken()->getUser()->getAPIUser();`
`71`		`- $form = $this->formFactory->changeUserPassword($user->getContentType());`
	`71`	`+ $form = $this->formFactory->changeUserPassword($user->getContentType(), null, null, $user);`
`72`	`72`	`$form->handleRequest($request);`
`73`	`73`
`74`	`74`	`if ($form->isSubmitted() && $form->isValid()) {`