Merge remote-tracking branch 'tango/MAGETWO-99493' into PR-05-29-2019

Author: Spandana Chittimala

app/code/Magento/Customer/Model/CustomerAuthUpdate.php

@@ -6,53 +6,74 @@
 
 namespace Magento\Customer\Model;
 
+use Magento\Customer\Model\ResourceModel\Customer as CustomerResourceModel;
+use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Exception\NoSuchEntityException;
+
 /**
  * Customer Authentication update model.
  */
 class CustomerAuthUpdate
 {
     /**
-     * @var \Magento\Customer\Model\CustomerRegistry
+     * @var CustomerRegistry
      */
     protected $customerRegistry;
 
     /**
-     * @var \Magento\Customer\Model\ResourceModel\Customer
+     * @var CustomerResourceModel
      */
     protected $customerResourceModel;
 
     /**
-     * @param \Magento\Customer\Model\CustomerRegistry $customerRegistry
-     * @param \Magento\Customer\Model\ResourceModel\Customer $customerResourceModel
+     * @var Customer
+     */
+    private $customerModel;
+
+    /**
+     * @param CustomerRegistry $customerRegistry
+     * @param CustomerResourceModel $customerResourceModel
+     * @param Customer|null $customerModel
      */
     public function __construct(
-        \Magento\Customer\Model\CustomerRegistry $customerRegistry,
-        \Magento\Customer\Model\ResourceModel\Customer $customerResourceModel
+        CustomerRegistry $customerRegistry,
+        CustomerResourceModel $customerResourceModel,
+        Customer $customerModel = null
     ) {
         $this->customerRegistry = $customerRegistry;
         $this->customerResourceModel = $customerResourceModel;
+        $this->customerModel = $customerModel ?: ObjectManager::getInstance()->get(Customer::class);
     }
 
     /**
      * Reset Authentication data for customer.
      *
      * @param int $customerId
      * @return $this
+     * @throws NoSuchEntityException
      */
     public function saveAuth($customerId)
     {
         $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
 
+        $this->customerResourceModel->load($this->customerModel, $customerId);
+        $currentLockExpiresVal = $this->customerModel->getData('lock_expires');
+        $newLockExpiresVal = $customerSecure->getData('lock_expires');
+
         $this->customerResourceModel->getConnection()->update(
             $this->customerResourceModel->getTable('customer_entity'),
             [
                 'failures_num' => $customerSecure->getData('failures_num'),
                 'first_failure' => $customerSecure->getData('first_failure'),
-                'lock_expires' => $customerSecure->getData('lock_expires'),
+                'lock_expires' => $newLockExpiresVal,
             ],
             $this->customerResourceModel->getConnection()->quoteInto('entity_id = ?', $customerId)
         );
 
+        if ($currentLockExpiresVal !== $newLockExpiresVal) {
+            $this->customerModel->reindex();
+        }
+
         return $this;
     }
 }

app/code/Magento/Customer/Test/Unit/Model/CustomerAuthUpdateTest.php

@@ -5,7 +5,14 @@
  */
 namespace Magento\Customer\Test\Unit\Model;
 
+use Magento\Customer\Model\Customer as CustomerModel;
 use Magento\Customer\Model\CustomerAuthUpdate;
+use Magento\Customer\Model\CustomerRegistry;
+use Magento\Customer\Model\Data\CustomerSecure;
+use Magento\Customer\Model\ResourceModel\Customer as CustomerResourceModel;
+use Magento\Framework\DB\Adapter\AdapterInterface;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
 
 /**
  * Class CustomerAuthUpdateTest
@@ -18,17 +25,22 @@ class CustomerAuthUpdateTest extends \PHPUnit\Framework\TestCase
     protected $model;
 
     /**
-     * @var \Magento\Customer\Model\CustomerRegistry|\PHPUnit_Framework_MockObject_MockObject
+     * @var CustomerRegistry|\PHPUnit_Framework_MockObject_MockObject
      */
     protected $customerRegistry;
 
     /**
-     * @var \Magento\Customer\Model\ResourceModel\Customer|\PHPUnit_Framework_MockObject_MockObject
+     * @var CustomerResourceModel|\PHPUnit_Framework_MockObject_MockObject
      */
     protected $customerResourceModel;
 
     /**
-     * @var \Magento\Framework\TestFramework\Unit\Helper\ObjectManager
+     * @var CustomerModel|\PHPUnit_Framework_MockObject_MockObject
+     */
+    protected $customerModel;
+
+    /**
+     * @var ObjectManager
      */
     protected $objectManager;
 
@@ -37,32 +49,36 @@ class CustomerAuthUpdateTest extends \PHPUnit\Framework\TestCase
      */
     protected function setUp()
     {
-        $this->objectManager = new \Magento\Framework\TestFramework\Unit\Helper\ObjectManager($this);
+        $this->objectManager = new ObjectManager($this);
 
         $this->customerRegistry =
-            $this->createMock(\Magento\Customer\Model\CustomerRegistry::class);
+            $this->createMock(CustomerRegistry::class);
         $this->customerResourceModel =
-            $this->createMock(\Magento\Customer\Model\ResourceModel\Customer::class);
+            $this->createMock(CustomerResourceModel::class);
+        $this->customerModel =
+            $this->createMock(CustomerModel::class);
 
         $this->model = $this->objectManager->getObject(
-            \Magento\Customer\Model\CustomerAuthUpdate::class,
+            CustomerAuthUpdate::class,
             [
                 'customerRegistry' => $this->customerRegistry,
                 'customerResourceModel' => $this->customerResourceModel,
+                'customerModel' => $this->customerModel
             ]
         );
     }
 
     /**
      * test SaveAuth
+     * @throws NoSuchEntityException
      */
     public function testSaveAuth()
     {
         $customerId = 1;
 
-        $customerSecureMock = $this->createMock(\Magento\Customer\Model\Data\CustomerSecure::class);
+        $customerSecureMock = $this->createMock(CustomerSecure::class);
 
-        $dbAdapter = $this->createMock(\Magento\Framework\DB\Adapter\AdapterInterface::class);
+        $dbAdapter = $this->createMock(AdapterInterface::class);
 
         $this->customerRegistry->expects($this->once())
             ->method('retrieveSecureData')
@@ -98,6 +114,9 @@ public function testSaveAuth()
                 $customerId
             );
 
+        $this->customerModel->expects($this->once())
+            ->method('reindex');
+
         $this->model->saveAuth($customerId);
     }
 }

dev/tests/integration/testsuite/Magento/Customer/Model/ResourceModel/Grid/CollectionReindexOnAccountLockTest.php

@@ -0,0 +1,89 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Customer\Model\ResourceModel\Grid;
+
+use Magento\Customer\Api\AccountManagementInterface;
+use Magento\Customer\Model\CustomerRegistry;
+use Magento\Framework\Exception\InvalidEmailOrPasswordException;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\TestFramework\Indexer\TestCase;
+use Magento\Tests\NamingConvention\true\mixed;
+
+/**
+ * Test if customer account lock on too many failed authentication attempts triggers customer grid reindex
+ *
+ * @SuppressWarnings(PHPMD)
+ */
+class CollectionReindexOnAccountLockTest extends TestCase
+{
+    /**
+     * Trigger customer account lock by making 10 failed authentication attempts
+     */
+    private function lockCustomerAccountWithInvalidAuthentications()
+    {
+        /** @var AccountManagementInterface */
+        $accountManagement = Bootstrap::getObjectManager()->create(AccountManagementInterface::class);
+
+        for ($i = 0; $i < 10; $i++) {
+            try {
+                $accountManagement->authenticate('[email protected]', 'wrongPassword');
+                // phpcs:ignore Magento2.CodeAnalysis.EmptyBlock
+            } catch (InvalidEmailOrPasswordException $e) {
+            }
+        }
+    }
+
+    /**
+     * @return mixed
+     * @throws NoSuchEntityException
+     */
+    private function getCustomerLockExpire(): ?string
+    {
+        /** @var CustomerRegistry $customerRegistry */
+        $customerRegistry = Bootstrap::getObjectManager()->create(CustomerRegistry::class);
+        $customerModel = $customerRegistry->retrieve(1);
+        $this->assertNotEmpty($customerModel);
+
+        return $customerModel->getData('lock_expires');
+    }
+
+    /**
+     * @return mixed
+     */
+    private function getCustomerGridLockExpire(): ?string
+    {
+        /** @var Collection */
+        $gridCustomerCollection = Bootstrap::getObjectManager()->create(Collection::class);
+        $gridCustomerItem = $gridCustomerCollection->getItemById(1);
+        $this->assertNotEmpty($gridCustomerItem);
+
+        return $gridCustomerItem->getData('lock_expires');
+    }
+
+    /**
+     * Test if customer account lock on too many failed authentication attempts triggers customer grid reindex
+     *
+     * @magentoDataFixture Magento/Customer/_files/customer.php
+     * @magentoAppIsolation enabled
+     * @magentoDbIsolation disabled
+     */
+    public function testCustomerAccountReindexOnLock()
+    {
+        $this->assertSame(
+            $this->getCustomerGridLockExpire(),
+            $this->getCustomerLockExpire()
+        );
+
+        $this->lockCustomerAccountWithInvalidAuthentications();
+
+        $this->assertSame(
+            $this->getCustomerGridLockExpire(),
+            $this->getCustomerLockExpire()
+        );
+    }
+}