CC-26461 Backporting tests

Florian Kraemer · Florian Kraemer · commit 48c703c90e06 · 2023-11-30T15:00:37.000+01:00
diff --git a/tests/SprykerTest/Zed/UserPasswordReset/Business/UserPasswordResetFacadeTest.php b/tests/SprykerTest/Zed/UserPasswordReset/Business/UserPasswordResetFacadeTest.php
@@ -50,6 +50,27 @@ class UserPasswordResetFacadeTest extends Unit
      */
     protected const USER_STATUS_ACTIVE = 'active';
 
+    /**
+     * @uses \Orm\Zed\UserPasswordReset\Persistence\Map\SpyResetPasswordTableMap::COL_STATUS_EXPIRED
+     *
+     * @var string
+     */
+    protected const PASSWORD_RESET_STATUS_EXPIRED = 'expired';
+
+    /**
+     * @uses \Orm\Zed\UserPasswordReset\Persistence\Map\SpyResetPasswordTableMap::COL_STATUS_ACTIVE
+     *
+     * @var string
+     */
+    protected const PASSWORD_RESET_STATUS_ACTIVE = 'active';
+
+    /**
+     * @uses \Orm\Zed\UserPasswordReset\Persistence\Map\SpyResetPasswordTableMap::COL_STATUS_USED
+     *
+     * @var string
+     */
+    protected const PASSWORD_RESET_STATUS_USED = 'used';
+
     /**
      * @var \SprykerTest\Zed\UserPasswordReset\UserPasswordResetBusinessTester
      */
@@ -129,7 +150,7 @@ public function testResetPasswordResetsPasswordAndResetPasswordCode(): void
     /**
      * @return void
      */
-    public function testIsValidPasswordResetTokenReturnsTrueFotValidToken(): void
+    public function testIsValidPasswordResetTokenReturnsTrueForValidToken(): void
     {
         // Arrange
         $userTransfer = $this->tester->haveUser([
@@ -151,7 +172,7 @@ public function testIsValidPasswordResetTokenReturnsTrueFotValidToken(): void
     /**
      * @return void
      */
-    public function testIsValidPasswordResetTokenReturnsFalseFotInvalidToken(): void
+    public function testIsValidPasswordResetTokenReturnsFalseForInvalidToken(): void
     {
         // Arrange
         $userTransfer = $this->tester->haveUser([
@@ -199,4 +220,105 @@ public function testRequestPasswordResetReturnsFalseForNonActiveUser(): void
         // Assert
         $this->assertFalse($isPasswordResetSuccessfully, 'It is not possible to request restore password for non active user');
     }
+
+    /**
+     * @return void
+     */
+    public function testRequestPasswordResetReturnsFalseForUsedToken(): void
+    {
+        // Arrange
+        $userTransfer = $this->tester->haveUser([
+            UserTransfer::USERNAME => static::TEST_MAIL,
+        ]);
+
+        $this->tester->getUserPasswordReset()->requestPasswordReset(
+            (new UserPasswordResetRequestTransfer())
+                ->setEmail($userTransfer->getUsername()),
+        );
+
+        $resetPasswordTransfer = $this->tester->findResetPasswordTransferByIdUser($userTransfer->getIdUser())
+            ->setCreatedAt((new DateTime('-1 minute'))->format('Y-m-d H:i:s'))
+            ->setStatus(static::PASSWORD_RESET_STATUS_USED);
+
+        $this->tester->updateResetPasswordByIdAuthResetPassword(
+            $resetPasswordTransfer->getIdResetPassword(),
+            $resetPasswordTransfer,
+        );
+
+        // Act
+        $isValidUsedPasswordResetToken = $this->tester->getUserPasswordReset()->isValidPasswordResetToken($resetPasswordTransfer->getCode());
+
+        // Assert
+        $this->assertFalse($isValidUsedPasswordResetToken);
+    }
+
+    /**
+     * @return void
+     */
+    public function testRequestPasswordResetReturnsFalseForExpiredToken(): void
+    {
+        // Arrange
+        $userTransfer = $this->tester->haveUser([
+            UserTransfer::USERNAME => static::TEST_MAIL,
+        ]);
+
+        $this->tester->getUserPasswordReset()->requestPasswordReset(
+            (new UserPasswordResetRequestTransfer())
+                ->setEmail($userTransfer->getUsername()),
+        );
+
+        $resetPasswordTransfer = $this->tester->findResetPasswordTransferByIdUser($userTransfer->getIdUser())
+            ->setCreatedAt((new DateTime('-1 minute'))->format('Y-m-d H:i:s'))
+            ->setStatus(static::PASSWORD_RESET_STATUS_EXPIRED);
+
+        $this->tester->updateResetPasswordByIdAuthResetPassword(
+            $resetPasswordTransfer->getIdResetPassword(),
+            $resetPasswordTransfer,
+        );
+
+        // Act
+        $isValidUsedPasswordResetToken = $this->tester->getUserPasswordReset()->isValidPasswordResetToken($resetPasswordTransfer->getCode());
+
+        // Assert
+        $this->assertFalse($isValidUsedPasswordResetToken);
+    }
+
+    /**
+     * @return void
+     */
+    public function testRequestPasswordResetWillInvalidatePreviousResetsWhenANewResetIsRequested(): void
+    {
+        // Arrange
+        $userTransfer = $this->tester->haveUser([
+            UserTransfer::USERNAME => static::TEST_MAIL,
+        ]);
+
+        $this->tester->getUserPasswordReset()->requestPasswordReset(
+            (new UserPasswordResetRequestTransfer())
+                ->setEmail($userTransfer->getUsername()),
+        );
+
+        $resetPasswordTransfer = $this->tester->findResetPasswordTransferByIdUser($userTransfer->getIdUser())
+            ->setCreatedAt((new DateTime('-2 minutes'))->format('Y-m-d H:i:s'))
+            ->setStatus(static::PASSWORD_RESET_STATUS_ACTIVE);
+
+        $this->tester->updateResetPasswordByIdAuthResetPassword(
+            $resetPasswordTransfer->getIdResetPassword(),
+            $resetPasswordTransfer,
+        );
+
+        // Act
+        $isPasswordResetRequestSuccessfully = $this->tester->getUserPasswordReset()->requestPasswordReset(
+            (new UserPasswordResetRequestTransfer())
+                ->setEmail($userTransfer->getUsername()),
+        );
+
+        $invalidatedResetPasswordTransfer = $this->tester->findResetPasswordTransferByIdAuthResetPassword(
+            $resetPasswordTransfer->getIdResetPassword(),
+        );
+
+        // Assert
+        $this->assertTrue($isPasswordResetRequestSuccessfully, 'It is not possible to request restore password for non active user');
+        $this->assertEquals(static::PASSWORD_RESET_STATUS_EXPIRED, $invalidatedResetPasswordTransfer->getStatus());
+    }
 }
diff --git a/tests/SprykerTest/Zed/UserPasswordReset/_support/UserPasswordResetBusinessTester.php b/tests/SprykerTest/Zed/UserPasswordReset/_support/UserPasswordResetBusinessTester.php
@@ -26,7 +26,7 @@
  * @method void comment($description)
  * @method void pause()
  *
- * @SuppressWarnings(PHPMD)
+ * @SuppressWarnings(\PHPMD)
  */
 class UserPasswordResetBusinessTester extends Actor
 {
@@ -40,6 +40,26 @@ public function getUserPasswordReset(): UserPasswordResetFacadeInterface
         return $this->getLocator()->userPasswordReset()->facade();
     }
 
+    /**
+     * @param int $idAuthResetPassword
+     *
+     * @return \Generated\Shared\Transfer\ResetPasswordTransfer|null
+     */
+    public function findResetPasswordTransferByIdAuthResetPassword(int $idAuthResetPassword): ?ResetPasswordTransfer
+    {
+        $resetPasswordEntity = $this->createResetPasswordPropelQuery()
+            ->filterByIdAuthResetPassword($idAuthResetPassword)
+            ->findOne();
+
+        if (!$resetPasswordEntity) {
+            return null;
+        }
+
+        return (new ResetPasswordTransfer())->fromArray($resetPasswordEntity->toArray(), true)
+            ->setIdResetPassword($resetPasswordEntity->getIdAuthResetPassword())
+            ->setFkUserId($resetPasswordEntity->getFkUser());
+    }
+
     /**
      * @param int $idUser
      *
