Merge branch '9.next'

Author: steinkel

.github/codecov.yml

@@ -0,0 +1,7 @@
+codecov:
+  require_ci_to_pass: yes
+
+coverage:
+  range: "90...100"
+
+comment: false

.github/workflows/ci.yml

@@ -0,0 +1,120 @@
+name: CI
+
+on:
+  push:
+
+  pull_request:
+    branches:
+      - '*'
+
+jobs:
+  testsuite:
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        php-version: ['7.3', '7.4', '8.0']
+        db-type: [sqlite, mysql, pgsql]
+        prefer-lowest: ['']
+
+    steps:
+    - name: Setup MySQL latest
+      if: matrix.db-type == 'mysql'
+      run: docker run --rm --name=mysqld -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE=cakephp -p 3306:3306 -d mysql --default-authentication-plugin=mysql_native_password --disable-log-bin
+
+    - name: Setup PostgreSQL latest
+      if: matrix.db-type == 'pgsql'
+      run: docker run --rm --name=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_DB=cakephp -p 5432:5432 -d postgres
+
+    - uses: actions/checkout@v2
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php-version }}
+        extensions: mbstring, intl, apcu, sqlite, pdo_sqlite, pdo_${{ matrix.db-type }}, ${{ matrix.db-type }}
+        ini-values: apc.enable_cli = 1
+        coverage: pcov
+
+    - name: Get composer cache directory
+      id: composer-cache
+      run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+    - name: Get date part for cache key
+      id: key-date
+      run: echo "::set-output name=date::$(date +'%Y-%m')"
+
+    - name: Cache composer dependencies
+      uses: actions/cache@v1
+      with:
+        path: ${{ steps.composer-cache.outputs.dir }}
+        key: ${{ runner.os }}-composer-${{ steps.key-date.outputs.date }}-${{ hashFiles('composer.json') }}-${{ matrix.prefer-lowest }}
+
+    - name: composer install
+      run: |
+        if ${{ matrix.prefer-lowest == 'prefer-lowest' }}; then
+          composer update --prefer-lowest --prefer-stable
+        else
+          composer update
+        fi
+
+    - name: Setup problem matchers for PHPUnit
+      if: matrix.php-version == '7.4' && matrix.db-type == 'mysql'
+      run: echo "::add-matcher::${{ runner.tool_cache }}/phpunit.json"
+
+    - name: Run PHPUnit
+      run: |
+        if [[ ${{ matrix.db-type }} == 'sqlite' ]]; then export DB_URL='sqlite:///:memory:'; fi
+        if [[ ${{ matrix.db-type }} == 'mysql' ]]; then export DB_URL='mysql://root:root@127.0.0.1/cakephp?encoding=utf8'; fi
+        if [[ ${{ matrix.db-type }} == 'pgsql' ]]; then export DB_URL='postgres://postgres:postgres@127.0.0.1/postgres'; fi
+        if [[ ${{ matrix.php-version }} == '7.4' ]]; then
+          export CODECOVERAGE=1 && vendor/bin/phpunit --verbose --coverage-clover=coverage.xml
+        else
+          vendor/bin/phpunit
+        fi
+
+    - name: Submit code coverage
+      if: matrix.php-version == '7.4'
+      uses: codecov/codecov-action@v1
+
+  cs-stan:
+    name: Coding Standard & Static Analysis
+    runs-on: ubuntu-20.04
+
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: '7.3'
+        extensions: mbstring, intl, apcu
+        coverage: none
+
+    - name: Get composer cache directory
+      id: composer-cache
+      run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+    - name: Get date part for cache key
+      id: key-date
+      run: echo "::set-output name=date::$(date +'%Y-%m')"
+
+    - name: Cache composer dependencies
+      uses: actions/cache@v1
+      with:
+        path: ${{ steps.composer-cache.outputs.dir }}
+        key: ${{ runner.os }}-composer-${{ steps.key-date.outputs.date }}-${{ hashFiles('composer.json') }}-${{ matrix.prefer-lowest }}
+
+    - name: composer install
+      run: composer stan-setup
+
+    - name: Run PHP CodeSniffer
+      run: composer cs-check
+
+#    - name: Run psalm
+#      if: success() || failure()
+#      run: vendor/bin/psalm.phar --output-format=github
+
+    - name: Run phpstan
+      if: success() || failure()
+      run: composer stan

.travis.yml

@@ -34,3 +34,17 @@ own business, for example
         $this->register();
         $this->render('register');
     }
+
+
+How to make an autologin using `EVENT_AFTER_EMAIL_TOKEN_VALIDATION` event
+
+```php
+EventManager::instance()->on(
+    \CakeDC\Users\Plugin::EVENT_AFTER_EMAIL_TOKEN_VALIDATION,
+    function($event){
+        $users = $this->getTableLocator()->get('Users');
+        $user = $users->get($event->getData('user')->id);
+        $this->Authentication->setIdentity($user);
+    }
+);
+```

Docs/Documentation/Events.md

@@ -1,7 +1,7 @@
 CakeDC Users Plugin
 ===================
 
-[![Build Status](https://secure.travis-ci.org/CakeDC/users.png?branch=master)](http://travis-ci.org/CakeDC/users)
+[![Build Status](https://img.shields.io/github/workflow/status/CakeDC/users/CI/master?style=flat-square)](https://github.com/CakeDC/users/actions?query=workflow%3ACI+branch%3Amaster)
 [![Coverage Status](https://img.shields.io/codecov/c/gh/CakeDC/users.svg?style=flat-square)](https://codecov.io/gh/CakeDC/users)
 [![Downloads](https://poser.pugx.org/CakeDC/users/d/total.png)](https://packagist.org/packages/CakeDC/users)
 [![Latest Version](https://poser.pugx.org/CakeDC/users/v/stable.png)](https://packagist.org/packages/CakeDC/users)

README.md

@@ -42,6 +42,10 @@ public function validate($type = null, $token = null)
                     try {
                         $result = $this->getUsersTable()->validate($token, 'activateUser');
                         if ($result) {
+                            $event = $this->dispatchEvent(Plugin::EVENT_AFTER_EMAIL_TOKEN_VALIDATION, ['user' => $result]);
+                            if (!empty($event) && is_array($event->getResult())) {
+                                return $this->redirect($event->getResult());
+                            }
                             $this->Flash->success(__d('cake_d_c/users', 'User account validated successfully'));
                         } else {
                             $this->Flash->error(__d('cake_d_c/users', 'User account could not be validated'));

src/Controller/Traits/UserValidationTrait.php

@@ -114,7 +114,9 @@ protected function populateSocialAccount($socialAccount, $data)
         $accountData['reference'] = $data['id'] ?? null;
         $accountData['avatar'] = $data['avatar'] ?? null;
         $accountData['link'] = $data['link'] ?? null;
-        $accountData['avatar'] = str_replace('normal', 'square', $accountData['avatar']);
+        if ($accountData['avatar'] ?? null) {
+            $accountData['avatar'] = str_replace('normal', 'square', $accountData['avatar']);
+        }
         $accountData['description'] = $data['bio'] ?? null;
         $accountData['token'] = $data['credentials']['token'] ?? null;
         $accountData['token_secret'] = $data['credentials']['secret'] ?? null;

src/Model/Behavior/LinkSocialBehavior.php

@@ -286,7 +286,9 @@ protected function extractAccountData(array $data)
         $accountData['avatar'] = $data['avatar'] ?? null;
         $accountData['link'] = $data['link'] ?? null;
 
-        $accountData['avatar'] = str_replace('normal', 'square', $accountData['avatar']);
+        if ($accountData['avatar'] ?? null) {
+            $accountData['avatar'] = str_replace('normal', 'square', $accountData['avatar']);
+        }
         $accountData['description'] = $data['bio'] ?? null;
         $accountData['token'] = $data['credentials']['token'] ?? null;
         $accountData['token_secret'] = $data['credentials']['secret'] ?? null;

src/Model/Behavior/SocialBehavior.php

@@ -27,6 +27,7 @@
  * @property bool $is_superuser
  * @property \Cake\I18n\Time $token_expires
  * @property string $token
+ * @property string $api_token
  * @property array $additional_data
  * @property \CakeDC\Users\Model\Entity\SocialAccount[] $social_accounts
  */

src/Model/Entity/User.php

@@ -42,6 +42,7 @@ class Plugin extends BasePlugin implements AuthenticationServiceProviderInterfac
     public const EVENT_SOCIAL_LOGIN_EXISTING_ACCOUNT = 'Users.Global.socialLoginExistingAccount';
     public const EVENT_ON_EXPIRED_TOKEN = 'Users.Global.onExpiredToken';
     public const EVENT_AFTER_RESEND_TOKEN_VALIDATION = 'Users.Global.afterResendTokenValidation';
+    public const EVENT_AFTER_EMAIL_TOKEN_VALIDATION = 'Users.Global.afterEmailTokenValidation';
 
     /**
      * Returns an authentication service instance.

src/Plugin.php

@@ -220,6 +220,12 @@ public function changeApiToken()
             'api_token' => $token,
         ];
         $savedUser = $this->_updateUser($username, $data);
+        if (!$savedUser) {
+            $this->err(__d('cake_d_c/users', 'User was not saved, check validation errors'));
+        }
+        /**
+         * @var \CakeDC\Users\Model\Entity\User $savedUser
+         */
         $this->out(__d('cake_d_c/users', 'Api token changed for user: {0}', $username));
         $this->out(__d('cake_d_c/users', 'New token: {0}', $savedUser->api_token));
     }

src/Shell/UsersShell.php

@@ -56,7 +56,7 @@ public function testRedirectToLogin()
     {
         $this->enableRetainFlashMessages();
         $this->get('/pages/home');
-        $this->assertRedirect('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome');
+        $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fpages%2Fhome');
         $this->assertFlashMessage('You are not authorized to access that location.');
     }
 
@@ -197,7 +197,7 @@ public function testLoginPostRequestRightPasswordIsEnabledOTP()
             'username' => 'user-2',
             'password' => '12345',
         ]);
-        $this->assertRedirect('/verify');
+        $this->assertRedirectContains('/verify');
     }
 
     /**
@@ -215,7 +215,7 @@ public function testLoginPostRequestRightPasswordIsEnabledU2f()
             'username' => 'user-2',
             'password' => '12345',
         ]);
-        $this->assertRedirect('/users/u2f');
+        $this->assertRedirectContains('/users/u2f');
     }
 
     /**

tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php

@@ -45,7 +45,7 @@ public function testRequestResetPassword()
     }
 
     /**
-     * Test login action with post request
+     * Test reset password workflow
      *
      * @return void
      */
@@ -70,7 +70,6 @@ public function testRequestResetPasswordPostValidEmail()
         $this->assertRedirect('/users/change-password');
 
         $fieldName = Configure::read('Users.Key.Session.resetPasswordUserId');
-        $this->assertSession($userAfter->id, $fieldName);
         $this->session([
             $fieldName => $userAfter->id,
         ]);

tests/TestCase/Controller/Traits/Integration/PasswordManagementTraitIntegrationTest.php

@@ -56,6 +56,26 @@ public function testValidateHappyEmail()
         $this->assertTrue($user->active);
     }
 
+    /**
+     * test
+     *
+     * @return void
+     */
+    public function testValidateHappyEmailWithAfterEmailTokenValidationEvent()
+    {
+        $event = new Event('event');
+        $event->setResult([
+            'action' => 'newAction',
+        ]);
+        $this->Trait->expects($this->once())
+            ->method('dispatchEvent')
+            ->will($this->returnValue($event));
+        $this->Trait->expects($this->once())
+            ->method('redirect')
+            ->with(['action' => 'newAction']);
+        $this->Trait->validate('email', 'token-3');
+    }
+
     /**
      * test
      *

tests/TestCase/Controller/Traits/UserValidationTraitTest.php

@@ -51,7 +51,7 @@ public function testUnauthorizedRedirectCustomCallable()
             ],
         ]);
         $this->get('/users/index');
-        $this->assertRedirect('/my/custom/url/');
+        $this->assertRedirectContains('/my/custom/url/');
     }
 
     /**
@@ -67,7 +67,7 @@ public function testUnauthorizedRedirectNotLogged()
             ],
         ]);
         $this->get('/users/index');
-        $this->assertRedirect('/login?redirect=http%3A%2F%2Flocalhost%2Fusers%2Findex');
+        $this->assertRedirectContains('/login?redirect=http%3A%2F%2Flocalhost%2Fusers%2Findex');
     }
 
     /**
@@ -89,6 +89,6 @@ public function testUnauthorizedRedirectLogged()
             ],
         ]);
         $this->get('/users/index');
-        $this->assertRedirect('/profile');
+        $this->assertRedirectContains('/profile');
     }
 }