‪TYPO3CMS  ‪main
PasswordResetTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Backend\Tests\Functional\Authentication;
19 
20 use PHPUnit\Framework\Attributes\Test;
21 use Psr\Log\LoggerInterface;
22 use Psr\Log\LoggerTrait;
23 use ‪TYPO3\CMS\Backend\Authentication\PasswordReset;
24 use ‪TYPO3\CMS\Core\Context\Context;
25 use ‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder;
26 use ‪TYPO3\CMS\Core\Crypto\HashService;
27 use ‪TYPO3\CMS\Core\Http\ServerRequest;
28 use ‪TYPO3\CMS\Core\Http\Uri;
29 use ‪TYPO3\CMS\Core\Mail\MailerInterface;
30 use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
31 
32 final class ‪PasswordResetTest extends FunctionalTestCase
33 {
34  protected object ‪$logger;
35 
36  public function ‪setUp(): void
37  {
38  parent::setUp();
39  $this->logger = new class () implements LoggerInterface {
40  use LoggerTrait;
41  public array $records = [];
42  public function log($level, string|\Stringable $message, array $context = []): void
43  {
44  $this->records[] = [
45  'level' => $level,
46  'message' => $message,
47  'context' => $context,
48  ];
49  }
50  };
51  }
52 
53  #[Test]
54  public function ‪isNotEnabledWorks(): void
55  {
56  $mailerMock = $this->createStub(MailerInterface::class);
57  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
58  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = false;
59  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = false;
60  self::assertFalse($subject->isEnabled());
61  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
62  self::assertFalse($subject->isEnabled());
63  }
64 
65  #[Test]
66  public function ‪isNotEnabledWithNoUsers(): void
67  {
68  $mailerMock = $this->createStub(MailerInterface::class);
69  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
70  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
71  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = false;
72  self::assertFalse($subject->isEnabled());
73  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
74  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
75  self::assertFalse($subject->isEnabled());
76  }
77 
78  #[Test]
79  public function ‪isEnabledExcludesAdministrators(): void
80  {
81  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users_only_admins.csv');
82  $mailerMock = $this->createStub(MailerInterface::class);
83  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
84  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = false;
85  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = false;
86  self::assertFalse($subject->isEnabled());
87  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
88  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = false;
89  self::assertFalse($subject->isEnabled());
90  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
91  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
92  self::assertTrue($subject->isEnabled());
93  }
94 
95  #[Test]
96  public function ‪isEnabledForUserTest(): void
97  {
98  $mailerMock = $this->createStub(MailerInterface::class);
99  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
100  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = false;
101 
102  // False since no users exist
103  self::assertFalse($subject->isEnabledForUser(3));
104 
105  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users.csv');
106 
107  // False since reset for admins is not enabled
108  self::assertFalse($subject->isEnabledForUser(1));
109  // False since user has no email set
110  self::assertFalse($subject->isEnabledForUser(2));
111  // False since user has no password set
112  self::assertFalse($subject->isEnabledForUser(4));
113  // False since user is disabled
114  self::assertFalse($subject->isEnabledForUser(7));
115 
116  // Now true since user with email+password exist
117  self::assertTrue($subject->isEnabledForUser(3));
118 
119  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
120  // True since "passwordResetForAdmins" is now set
121  self::assertTrue($subject->isEnabledForUser(1));
122  }
123 
124  #[Test]
125  public function ‪noEmailIsFound(): void
126  {
127  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users.csv');
128  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
129  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
130  ‪$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport'] = 'null';
131  $emailAddress = 'does-not-exist@example.com';
132  $mailerMock = $this->createStub(MailerInterface::class);
133  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
134  $loggerMock = $this->createMock(LoggerInterface::class);
135  $loggerMock->expects(self::atLeastOnce())->method('warning')->with('Password reset requested for email but no valid users');
136  $subject->setLogger($loggerMock);
137  $context = new ‪Context();
138  $request = new ‪ServerRequest();
139  $subject->initiateReset($request, $context, $emailAddress);
140  }
141 
142  #[Test]
143  public function ‪ambiguousEmailIsTriggeredForMultipleValidUsers(): void
144  {
145  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users.csv');
146  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
147  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
148  ‪$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport'] = 'null';
149  $emailAddress = 'duplicate@example.com';
150  $mailerMock = $this->createStub(MailerInterface::class);
151  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
152  $subject->setLogger($this->logger);
153  $context = new ‪Context();
154  $request = new ‪ServerRequest();
155  $subject->initiateReset($request, $context, $emailAddress);
156  self::assertEquals('warning', $this->logger->records[0]['level']);
157  self::assertEquals($emailAddress, $this->logger->records[0]['context']['email']);
158  }
159 
160  #[Test]
161  public function ‪passwordResetEmailIsTriggeredForValidUser(): void
162  {
163  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users.csv');
164  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
165  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
166  ‪$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport'] = 'null';
167  $emailAddress = 'editor-with-email@example.com';
168  $username = 'editor-with-email';
169  $mailerMock = $this->createStub(MailerInterface::class);
170  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
171  $subject->setLogger($this->logger);
172  $context = new ‪Context();
173  $uri = new ‪Uri('https://localhost/typo3/');
174  $request = new ‪ServerRequest($uri);
175  $request = $request->withAttribute('applicationType', ‪SystemEnvironmentBuilder::REQUESTTYPE_BE);
176  ‪$GLOBALS['TYPO3_REQUEST'] = $request;
177  $subject->initiateReset($request, $context, $emailAddress);
178  self::assertEquals('info', $this->logger->records[0]['level']);
179  self::assertEquals($emailAddress, $this->logger->records[0]['context']['email']);
180  self::assertEquals($username, $this->logger->records[0]['context']['username']);
181  }
182 
183  #[Test]
184  public function ‪invalidTokenCannotResetPassword(): void
185  {
186  $this->importCSVDataSet(__DIR__ . '/Fixtures/be_users.csv');
187  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordReset'] = true;
188  ‪$GLOBALS['TYPO3_CONF_VARS']['BE']['passwordResetForAdmins'] = true;
189  ‪$GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport'] = 'null';
190  $mailerMock = $this->createStub(MailerInterface::class);
191  $subject = new ‪PasswordReset($mailerMock, new ‪HashService());
192  $loggerMock = $this->createMock(LoggerInterface::class);
193  $loggerMock->expects(self::exactly(2))->method('warning')->with('Password reset not possible. Valid user for token not found.');
194  $subject->setLogger($loggerMock);
195 
196  $context = new ‪Context();
197  $request = new ‪ServerRequest();
198  $request = $request->withQueryParams(['t' => 'token', 'i' => 'identity', 'e' => 13465444]);
199  $subject->resetPassword($request, $context);
200 
201  // Now with a password
202  $request = $request->withParsedBody(['password' => 'str0NGpassw0RD!', 'passwordrepeat' => 'str0NGpassw0RD!']);
203  $subject->resetPassword($request, $context);
204  }
205 }
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\isEnabledForUserTest
‪isEnabledForUserTest()
Definition: PasswordResetTest.php:96
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest
Definition: PasswordResetTest.php:33
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\isNotEnabledWorks
‪isNotEnabledWorks()
Definition: PasswordResetTest.php:54
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\invalidTokenCannotResetPassword
‪invalidTokenCannotResetPassword()
Definition: PasswordResetTest.php:184
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder
Definition: SystemEnvironmentBuilder.php:41
‪TYPO3\CMS\Backend\Authentication\PasswordReset
Definition: PasswordReset.php:65
‪TYPO3\CMS\Core\Mail\MailerInterface
Definition: MailerInterface.php:28
‪TYPO3\CMS\Core\Core\SystemEnvironmentBuilder\REQUESTTYPE_BE
‪const REQUESTTYPE_BE
Definition: SystemEnvironmentBuilder.php:45
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\$logger
‪object $logger
Definition: PasswordResetTest.php:34
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:54
‪TYPO3\CMS\Core\Http\Uri
Definition: Uri.php:30
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\ambiguousEmailIsTriggeredForMultipleValidUsers
‪ambiguousEmailIsTriggeredForMultipleValidUsers()
Definition: PasswordResetTest.php:143
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\setUp
‪setUp()
Definition: PasswordResetTest.php:36
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\passwordResetEmailIsTriggeredForValidUser
‪passwordResetEmailIsTriggeredForValidUser()
Definition: PasswordResetTest.php:161
‪TYPO3\CMS\Backend\Tests\Functional\Authentication
Definition: PasswordResetTest.php:18
‪TYPO3\CMS\Core\Http\ServerRequest
Definition: ServerRequest.php:39
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\noEmailIsFound
‪noEmailIsFound()
Definition: PasswordResetTest.php:125
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\isEnabledExcludesAdministrators
‪isEnabledExcludesAdministrators()
Definition: PasswordResetTest.php:79
‪TYPO3\CMS\Backend\Tests\Functional\Authentication\PasswordResetTest\isNotEnabledWithNoUsers
‪isNotEnabledWithNoUsers()
Definition: PasswordResetTest.php:66
‪TYPO3\CMS\Core\Crypto\HashService
Definition: HashService.php:27