Fix the reset password issue when customer has address from not allowed country #18170

Author: dmytro-ch

app/code/Magento/Customer/Model/AccountManagement.php

@@ -17,6 +17,7 @@
 use Magento\Customer\Model\Customer as CustomerModel;
 use Magento\Customer\Model\Customer\CredentialsValidator;
 use Magento\Customer\Model\Metadata\Validator;
+use Magento\Customer\Model\ResourceModel\Visitor\CollectionFactory;
 use Magento\Eav\Model\Validator\Attribute\Backend;
 use Magento\Framework\Api\ExtensibleDataObjectConverter;
 use Magento\Framework\Api\SearchCriteriaBuilder;
@@ -44,14 +45,13 @@
 use Magento\Framework\Phrase;
 use Magento\Framework\Reflection\DataObjectProcessor;
 use Magento\Framework\Registry;
+use Magento\Framework\Session\SaveHandlerInterface;
+use Magento\Framework\Session\SessionManagerInterface;
 use Magento\Framework\Stdlib\DateTime;
 use Magento\Framework\Stdlib\StringUtils as StringHelper;
 use Magento\Store\Model\ScopeInterface;
 use Magento\Store\Model\StoreManagerInterface;
 use Psr\Log\LoggerInterface as PsrLogger;
-use Magento\Framework\Session\SessionManagerInterface;
-use Magento\Framework\Session\SaveHandlerInterface;
-use Magento\Customer\Model\ResourceModel\Visitor\CollectionFactory;
 
 /**
  * Handle various customer account actions
@@ -332,6 +332,11 @@ class AccountManagement implements AccountManagementInterface
      */
     private $searchCriteriaBuilder;
 
+    /**
+     * @var AddressRegistry
+     */
+    private $addressRegistry;
+
     /**
      * @param CustomerFactory $customerFactory
      * @param ManagerInterface $eventManager
@@ -359,12 +364,13 @@ class AccountManagement implements AccountManagementInterface
      * @param CredentialsValidator|null $credentialsValidator
      * @param DateTimeFactory|null $dateTimeFactory
      * @param AccountConfirmation|null $accountConfirmation
-     * @param DateTimeFactory $dateTimeFactory
      * @param SessionManagerInterface|null $sessionManager
      * @param SaveHandlerInterface|null $saveHandler
      * @param CollectionFactory|null $visitorCollectionFactory
      * @param SearchCriteriaBuilder|null $searchCriteriaBuilder
+     * @param AddressRegistry|null $addressRegistry
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
+     * @SuppressWarnings(PHPMD.NPathComplexity)
      */
     public function __construct(
         CustomerFactory $customerFactory,
@@ -396,7 +402,8 @@ public function __construct(
         SessionManagerInterface $sessionManager = null,
         SaveHandlerInterface $saveHandler = null,
         CollectionFactory $visitorCollectionFactory = null,
-        SearchCriteriaBuilder $searchCriteriaBuilder = null
+        SearchCriteriaBuilder $searchCriteriaBuilder = null,
+        AddressRegistry $addressRegistry = null
     ) {
         $this->customerFactory = $customerFactory;
         $this->eventManager = $eventManager;
@@ -434,6 +441,8 @@ public function __construct(
             ?: ObjectManager::getInstance()->get(CollectionFactory::class);
         $this->searchCriteriaBuilder = $searchCriteriaBuilder
             ?: ObjectManager::getInstance()->get(SearchCriteriaBuilder::class);
+        $this->addressRegistry = $addressRegistry
+            ?: ObjectManager::getInstance()->get(AddressRegistry::class);
     }
 
     /**
@@ -499,8 +508,11 @@ public function activateById($customerId, $confirmationKey)
      * @param \Magento\Customer\Api\Data\CustomerInterface $customer
      * @param string $confirmationKey
      * @return \Magento\Customer\Api\Data\CustomerInterface
-     * @throws \Magento\Framework\Exception\State\InvalidTransitionException
-     * @throws \Magento\Framework\Exception\State\InputMismatchException
+     * @throws InputException
+     * @throws InputMismatchException
+     * @throws InvalidTransitionException
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      */
     private function activateCustomer($customer, $confirmationKey)
     {
@@ -574,6 +586,9 @@ public function initiatePasswordReset($email, $template, $websiteId = null)
         // load customer by email
         $customer = $this->customerRepository->get($email, $websiteId);
 
+        // No need to validate customer address while saving customer reset password token
+        $this->disableAddressValidation($customer);
+
         $newPasswordToken = $this->mathRandom->getUniqueHash();
         $this->changeResetPasswordLinkToken($customer, $newPasswordToken);
 
@@ -611,10 +626,10 @@ public function initiatePasswordReset($email, $template, $websiteId = null)
      * Match a customer by their RP token.
      *
      * @param string $rpToken
+     * @return CustomerInterface
      * @throws ExpiredException
+     * @throws LocalizedException
      * @throws NoSuchEntityException
-     *
-     * @return CustomerInterface
      */
     private function matchCustomerByRpToken(string $rpToken): CustomerInterface
     {
@@ -657,6 +672,10 @@ public function resetPassword($email, $resetToken, $newPassword)
         } else {
             $customer = $this->customerRepository->get($email);
         }
+
+        // No need to validate customer address while saving customer reset password token
+        $this->disableAddressValidation($customer);
+
         //Validate Token and new password strength
         $this->validateResetPasswordToken($customer->getId(), $resetToken);
         $this->credentialsValidator->checkPasswordDifferentFromEmail(
@@ -900,6 +919,8 @@ public function getDefaultShippingAddress($customerId)
      * @param CustomerInterface $customer
      * @param string $redirectUrl
      * @return void
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      */
     protected function sendEmailConfirmation(CustomerInterface $customer, $redirectUrl)
     {
@@ -954,7 +975,10 @@ public function changePasswordById($customerId, $currentPassword, $newPassword)
      * @param string $newPassword
      * @return bool true on success
      * @throws InputException
+     * @throws InputMismatchException
      * @throws InvalidEmailOrPasswordException
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      * @throws UserLockedException
      */
     private function changePasswordForCustomer($customer, $currentPassword, $newPassword)
@@ -1063,10 +1087,11 @@ public function isCustomerInStore($customerWebsiteId, $storeId)
      * @param int $customerId
      * @param string $resetPasswordLinkToken
      * @return bool
-     * @throws \Magento\Framework\Exception\State\InputMismatchException If token is mismatched
-     * @throws \Magento\Framework\Exception\State\ExpiredException If token is expired
-     * @throws \Magento\Framework\Exception\InputException If token or customer id is invalid
-     * @throws \Magento\Framework\Exception\NoSuchEntityException If customer doesn't exist
+     * @throws ExpiredException
+     * @throws InputException
+     * @throws InputMismatchException
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      */
     private function validateResetPasswordToken($customerId, $resetPasswordLinkToken)
     {
@@ -1156,6 +1181,8 @@ protected function sendNewAccountEmail(
      *
      * @param CustomerInterface $customer
      * @return $this
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      * @deprecated 100.1.0
      */
     protected function sendPasswordResetNotificationEmail($customer)
@@ -1169,6 +1196,7 @@ protected function sendPasswordResetNotificationEmail($customer)
      * @param CustomerInterface $customer
      * @param int|string|null $defaultStoreId
      * @return int
+     * @throws LocalizedException
      * @deprecated 100.1.0
      */
     protected function getWebsiteStoreId($customer, $defaultStoreId = null)
@@ -1182,6 +1210,8 @@ protected function getWebsiteStoreId($customer, $defaultStoreId = null)
     }
 
     /**
+     * Get email template types
+     *
      * @return array
      * @deprecated 100.1.0
      */
@@ -1215,6 +1245,7 @@ protected function getTemplateTypes()
      * @param int|null $storeId
      * @param string $email
      * @return $this
+     * @throws MailException
      * @deprecated 100.1.0
      */
     protected function sendEmailTemplate(
@@ -1321,6 +1352,9 @@ public function isResetPasswordLinkTokenExpired($rpToken, $rpTokenCreatedAt)
      * @param string $passwordLinkToken
      * @return bool
      * @throws InputException
+     * @throws InputMismatchException
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      */
     public function changeResetPasswordLinkToken($customer, $passwordLinkToken)
     {
@@ -1348,6 +1382,8 @@ public function changeResetPasswordLinkToken($customer, $passwordLinkToken)
      *
      * @param CustomerInterface $customer
      * @return $this
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      * @deprecated 100.1.0
      */
     public function sendPasswordReminderEmail($customer)
@@ -1375,6 +1411,8 @@ public function sendPasswordReminderEmail($customer)
      *
      * @param CustomerInterface $customer
      * @return $this
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
      * @deprecated 100.1.0
      */
     public function sendPasswordResetConfirmationEmail($customer)
@@ -1419,6 +1457,7 @@ protected function getAddressById(CustomerInterface $customer, $addressId)
      *
      * @param CustomerInterface $customer
      * @return Data\CustomerSecure
+     * @throws NoSuchEntityException
      * @deprecated 100.1.0
      */
     protected function getFullCustomerObject($customer)
@@ -1444,6 +1483,20 @@ public function getPasswordHash($password)
         return $this->encryptor->getHash($password);
     }
 
+    /**
+     * Disable Customer Address Validation
+     *
+     * @param CustomerInterface $customer
+     * @throws NoSuchEntityException
+     */
+    private function disableAddressValidation($customer)
+    {
+        foreach ($customer->getAddresses() as $address) {
+            $addressModel = $this->addressRegistry->retrieve($address->getId());
+            $addressModel->setShouldIgnoreValidation(true);
+        }
+    }
+
     /**
      * Get email notification
      *