Merge remote-tracking branch 'engcom/ENGCOM-5207-magento-graphql-ce-705' into graphql-develop-prs-fast

naydav · naydav · commit 4289d5b4c14e · 2019-06-18T17:46:38.000-05:00
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/ChangeCustomerPasswordTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/ChangeCustomerPasswordTest.php
@@ -8,8 +8,12 @@
 namespace Magento\GraphQl\Customer;
 
 use Magento\Customer\Api\AccountManagementInterface;
+use Magento\Customer\Api\CustomerRepositoryInterface;
+use Magento\Customer\Model\CustomerAuthUpdate;
 use Magento\Customer\Model\CustomerRegistry;
+use Magento\Framework\Exception\AuthenticationException;
 use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Exception\NoSuchEntityException;
 use Magento\Integration\Api\CustomerTokenServiceInterface;
 use Magento\TestFramework\Helper\Bootstrap;
 use Magento\TestFramework\TestCase\GraphQlAbstract;
@@ -34,11 +38,23 @@ class ChangeCustomerPasswordTest extends GraphQlAbstract
      */
     private $customerRegistry;
 
+    /**
+     * @var CustomerAuthUpdate
+     */
+    private $customerAuthUpdate;
+
+    /**
+     * @var CustomerRepositoryInterface
+     */
+    private $customerRepository;
+
     protected function setUp()
     {
         $this->customerTokenService = Bootstrap::getObjectManager()->get(CustomerTokenServiceInterface::class);
         $this->accountManagement = Bootstrap::getObjectManager()->get(AccountManagementInterface::class);
         $this->customerRegistry = Bootstrap::getObjectManager()->get(CustomerRegistry::class);
+        $this->customerAuthUpdate = Bootstrap::getObjectManager()->get(CustomerAuthUpdate::class);
+        $this->customerRepository = Bootstrap::getObjectManager()->get(CustomerRepositoryInterface::class);
     }
 
     /**
@@ -47,19 +63,19 @@ protected function setUp()
     public function testChangePassword()
     {
         $customerEmail = 'customer@example.com';
-        $oldCustomerPassword = 'password';
-        $newCustomerPassword = 'anotherPassword1';
+        $currentPassword = 'password';
+        $newPassword = 'anotherPassword1';
 
-        $query = $this->getChangePassQuery($oldCustomerPassword, $newCustomerPassword);
-        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $oldCustomerPassword);
+        $query = $this->getQuery($currentPassword, $newPassword);
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
 
         $response = $this->graphQlMutation($query, [], '', $headerMap);
         $this->assertEquals($customerEmail, $response['changeCustomerPassword']['email']);
 
         try {
             // registry contains the old password hash so needs to be reset
             $this->customerRegistry->removeByEmail($customerEmail);
-            $this->accountManagement->authenticate($customerEmail, $newCustomerPassword);
+            $this->accountManagement->authenticate($customerEmail, $newPassword);
         } catch (LocalizedException $e) {
             $this->fail('Password was not changed: ' . $e->getMessage());
         }
@@ -71,7 +87,7 @@ public function testChangePassword()
      */
     public function testChangePasswordIfUserIsNotAuthorizedTest()
     {
-        $query = $this->getChangePassQuery('currentpassword', 'newpassword');
+        $query = $this->getQuery('currentpassword', 'newpassword');
         $this->graphQlMutation($query);
     }
 
@@ -81,11 +97,11 @@ public function testChangePasswordIfUserIsNotAuthorizedTest()
     public function testChangeWeakPassword()
     {
         $customerEmail = 'customer@example.com';
-        $oldCustomerPassword = 'password';
-        $newCustomerPassword = 'weakpass';
+        $currentPassword = 'password';
+        $newPassword = 'weakpass';
 
-        $query = $this->getChangePassQuery($oldCustomerPassword, $newCustomerPassword);
-        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $oldCustomerPassword);
+        $query = $this->getQuery($currentPassword, $newPassword);
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
 
         $this->expectException(\Exception::class);
         $this->expectExceptionMessageRegExp('/Minimum of different classes of characters in password is.*/');
@@ -101,17 +117,123 @@ public function testChangeWeakPassword()
     public function testChangePasswordIfPasswordIsInvalid()
     {
         $customerEmail = 'customer@example.com';
-        $oldCustomerPassword = 'password';
-        $newCustomerPassword = 'anotherPassword1';
-        $incorrectPassword = 'password-incorrect';
+        $currentPassword = 'password';
+        $newPassword = 'anotherPassword1';
+        $incorrectCurrentPassword = 'password-incorrect';
+
+        $query = $this->getQuery($incorrectCurrentPassword, $newPassword);
+
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
+        $this->graphQlMutation($query, [], '', $headerMap);
+    }
+
+    /**
+     * @magentoApiDataFixture Magento/Customer/_files/customer.php
+     * @expectedException \Exception
+     * @expectedExceptionMessage Specify the "currentPassword" value.
+     */
+    public function testChangePasswordIfCurrentPasswordIsEmpty()
+    {
+        $customerEmail = 'customer@example.com';
+        $currentPassword = 'password';
+        $newPassword = 'anotherPassword1';
+        $incorrectCurrentPassword = '';
+
+        $query = $this->getQuery($incorrectCurrentPassword, $newPassword);
+
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
+        $this->graphQlMutation($query, [], '', $headerMap);
+    }
+
+    /**
+     * @magentoApiDataFixture Magento/Customer/_files/customer.php
+     * @expectedException \Exception
+     * @expectedExceptionMessage Specify the "newPassword" value.
+     */
+    public function testChangePasswordIfNewPasswordIsEmpty()
+    {
+        $customerEmail = 'customer@example.com';
+        $currentPassword = 'password';
+        $incorrectNewPassword = '';
 
-        $query = $this->getChangePassQuery($incorrectPassword, $newCustomerPassword);
+        $query = $this->getQuery($currentPassword, $incorrectNewPassword);
 
-        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $oldCustomerPassword);
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
         $this->graphQlMutation($query, [], '', $headerMap);
     }
 
-    private function getChangePassQuery($currentPassword, $newPassword)
+    /**
+     * @magentoApiDataFixture Magento/GraphQl/Customer/_files/enable_customer_account_confirmation.php
+     * @magentoApiDataFixture Magento/Customer/_files/customer.php
+     * @expectedException \Exception
+     * @expectedExceptionMessage This account isn't confirmed. Verify and try again.
+     */
+    public function testChangePasswordIfAccountIsNotConfirmed()
+    {
+        $customerEmail = 'customer@example.com';
+        $currentPassword = 'password';
+        $newPassword = 'anotherPassword1';
+
+        /* get header map before setting the customer unconfirmed */
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
+
+        $this->setCustomerConfirmation(1);
+        $query = $this->getQuery($currentPassword, $newPassword);
+
+        $this->graphQlMutation($query, [], '', $headerMap);
+    }
+
+    /**
+     * @magentoApiDataFixture Magento/Customer/_files/customer.php
+     * @expectedException \Exception
+     * @expectedExceptionMessage The account is locked.
+     */
+    public function testChangePasswordIfCustomerIsLocked()
+    {
+        $customerEmail = 'customer@example.com';
+        $currentPassword = 'password';
+        $newPassword = 'anotherPassword1';
+
+        $this->lockCustomer(1);
+        $query = $this->getQuery($currentPassword, $newPassword);
+
+        $headerMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
+        $this->graphQlMutation($query, [], '', $headerMap);
+    }
+
+    /**
+     * @param int $customerId
+     *
+     * @return void
+     * @throws NoSuchEntityException
+     */
+    private function lockCustomer(int $customerId): void
+    {
+        $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
+        $customerSecure->setLockExpires('2030-12-31 00:00:00');
+        $this->customerAuthUpdate->saveAuth($customerId);
+    }
+
+    /**
+     * @param int $customerId
+     *
+     * @return void
+     * @throws LocalizedException
+     */
+    private function setCustomerConfirmation(int $customerId): void
+    {
+        $customer = $this->customerRepository->getById($customerId);
+        $customer->setConfirmation('d5a21f15bd4cc21bd1b21ef6d9989a38');
+        $this->customerRepository->save($customer);
+    }
+
+    /**
+     * @param $currentPassword
+     * @param $newPassword
+     *
+     * @return string
+     */
+    private function getQuery($currentPassword, $newPassword)
     {
         $query = <<<QUERY
 mutation {
@@ -133,7 +255,9 @@ private function getChangePassQuery($currentPassword, $newPassword)
     /**
      * @param string $email
      * @param string $password
+     *
      * @return array
+     * @throws AuthenticationException
      */
     private function getCustomerAuthHeaders(string $email, string $password): array
     {
diff --git a/dev/tests/integration/testsuite/Magento/GraphQl/Customer/_files/enable_customer_account_confirmation.php b/dev/tests/integration/testsuite/Magento/GraphQl/Customer/_files/enable_customer_account_confirmation.php
@@ -0,0 +1,22 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+// TODO: Should be removed in scope of https://github.com/magento/graphql-ce/issues/167
+declare(strict_types=1);
+
+use Magento\Customer\Model\AccountConfirmation;
+use Magento\Framework\App\Config\Storage\Writer;
+use Magento\Framework\App\Config\Storage\WriterInterface;
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\Framework\App\Config\ScopeConfigInterface;
+
+$objectManager = Bootstrap::getObjectManager();
+/** @var Writer $configWriter */
+$configWriter = $objectManager->get(WriterInterface::class);
+
+$configWriter->save(AccountConfirmation::XML_PATH_IS_CONFIRM, 1);
+
+$scopeConfig = $objectManager->get(ScopeConfigInterface::class);
+$scopeConfig->clean();
diff --git a/dev/tests/integration/testsuite/Magento/GraphQl/Customer/_files/enable_customer_account_confirmation_rollback.php b/dev/tests/integration/testsuite/Magento/GraphQl/Customer/_files/enable_customer_account_confirmation_rollback.php
@@ -0,0 +1,17 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+// TODO: Should be removed in scope of https://github.com/magento/graphql-ce/issues/167
+declare(strict_types=1);
+
+use Magento\Framework\App\Config\Storage\Writer;
+use Magento\Framework\App\Config\Storage\WriterInterface;
+use Magento\TestFramework\Helper\Bootstrap;
+
+$objectManager = Bootstrap::getObjectManager();
+/** @var Writer  $configWriter */
+$configWriter = $objectManager->create(WriterInterface::class);
+
+$configWriter->delete('customer/create_account/confirm');
