opensource-workshop · akagane99 · Apr 9, 2025 · Apr 8, 2025 · Apr 8, 2025 · Apr 8, 2025
diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php
@@ -13,6 +13,7 @@
 use App\Models\Core\UsersColumns;
 use App\Models\Core\UsersInputCols;
 use App\Plugins\Manage\UserManage\UsersTool;
+use App\Rules\CustomValiLoginIdAndPasswordDoNotMatch;
 //use App\Providers\RouteServiceProvider;
 use App\Rules\CustomValiUserEmailUnique;
 use App\User;
@@ -74,7 +75,13 @@ protected function validator(array $data)
                 'name'           => 'required|string|max:255',
                 'userid'         => 'required|max:255|unique:users',
                 'email'          => ['nullable', 'email', 'max:255', new CustomValiUserEmailUnique($columns_set_id, null)],
-                'password'       => 'required|string|min:6|confirmed',
+                'password'       => [
+                    'required',
+                    'string',
+                    'min:6',
+                    'confirmed',
+                    new CustomValiLoginIdAndPasswordDoNotMatch($data['userid'], UsersColumns::getLabelLoginId($users_columns)),
+                ],
                 'status'         => 'required',
                 'columns_set_id' => ['required'],
             ],

diff --git a/app/Plugins/Manage/UserManage/UserManage.php b/app/Plugins/Manage/UserManage/UserManage.php
@@ -25,6 +25,7 @@
 use App\Rules\CustomValiUserEmailUnique;
 use App\Rules\CustomValiEmails;
 use App\Rules\CustomValiCsvExistsName;
+use App\Rules\CustomValiLoginIdAndPasswordDoNotMatch;
 use App\Traits\ConnectMailTrait;
 use App\User;
 use App\Utilities\Csv\CsvUtils;
@@ -845,8 +846,14 @@ public function update($request, $id = null)
                 // ログインID
                 'userid'         => ['required', 'max:255', Rule::unique('users', 'userid')->ignore($id)],
                 'email'          => ['nullable', 'email', 'max:255', new CustomValiUserEmailUnique($request->columns_set_id, $id)],
-                'password'       => 'nullable|string|min:6|confirmed',
-                'status'         => 'required',
+                'password'       => [
+                    'nullable',
+                    'string',
+                    'min:6',
+                    'confirmed',
+                    new CustomValiLoginIdAndPasswordDoNotMatch($request->userid, UsersColumns::getLabelLoginId($users_columns)),
+                ],
+                'status'         => ['required'],
                 'columns_set_id' => ['required'],
             ],
             'message' => [

diff --git a/app/Plugins/Mypage/ProfileMypage/ProfileMypage.php b/app/Plugins/Mypage/ProfileMypage/ProfileMypage.php
@@ -2,23 +2,21 @@
 
 namespace app\Plugins\Mypage\ProfileMypage;
 
-use Illuminate\Support\Facades\Auth;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Validator;
-use Illuminate\Validation\Rule;
-
-use App\User;
+use App\Enums\EditType;
+use App\Enums\UserColumnType;
 use App\Models\Core\Section;
 use App\Models\Core\UsersColumns;
 use App\Models\Core\UsersInputCols;
 use App\Models\Core\UserSection;
-
-use App\Plugins\Mypage\MypagePluginBase;
-
-use App\Enums\EditType;
-use App\Enums\UserColumnType;
 use App\Plugins\Manage\UserManage\UsersTool;
+use App\Plugins\Mypage\MypagePluginBase;
+use App\Rules\CustomValiLoginIdAndPasswordDoNotMatch;
 use App\Rules\CustomValiUserEmailUnique;
+use App\User;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
 
 /**
  * プロフィールマイページクラス
@@ -82,8 +80,8 @@ public function update($request, $id)
         $user = User::where('id', $id)->first();
 
         // ユーザーのカラム
-        $users_columns = UsersTool::getUsersColumns($user->columns_set_id);
-        $users_columns = $users_columns->where('is_edit_my_page', EditType::ok);
+        $users_columns_all = UsersTool::getUsersColumns($user->columns_set_id);
+        $users_columns = $users_columns_all->where('is_edit_my_page', EditType::ok);
 
         // 項目のエラーチェック
         $validator_array = [
@@ -92,9 +90,8 @@ public function update($request, $id)
                 'name'         => UsersColumns::getLabelUserName($users_columns),
                 'userid'       => UsersColumns::getLabelLoginId($users_columns),
                 'email'        => UsersColumns::getLabelUserEmail($users_columns),
-                'password'     => UsersColumns::getLabelUserPassword($users_columns),
-                'now_password' => '現在のパスワード',
-                'new_password' => '新しいパスワード',
+                'now_password' => '現在の' . UsersColumns::getLabelUserPassword($users_columns),
+                'new_password' => '新しい' . UsersColumns::getLabelUserPassword($users_columns),
             ]
         ];
 
@@ -124,7 +121,17 @@ function ($attribute, $value, $fail) {
                         }
                     },
                 ];
-                $validator_array['column']['new_password'] = 'nullable|string|min:6|confirmed';
+
+                // ログインID
+                $userid = $request->userid ?? $user->userid;
+
+                $validator_array['column']['new_password'] = [
+                    'nullable',
+                    'string',
+                    'min:6',
+                    'confirmed',
+                    new CustomValiLoginIdAndPasswordDoNotMatch($userid, UsersColumns::getLabelLoginId($users_columns_all)),
+                ];
             } elseif ($users_column->column_type == UserColumnType::created_at) {
                 // チェックしない
             } elseif ($users_column->column_type == UserColumnType::updated_at) {

diff --git a/app/Rules/CustomValiLoginIdAndPasswordDoNotMatch.php b/app/Rules/CustomValiLoginIdAndPasswordDoNotMatch.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace App\Rules;
+
+use Illuminate\Contracts\Validation\Rule;
+
+/**
+ * ログインIDとパスワードの不一致チェック
+ *
+ * @author 牟田口 満 <mutaguchi@opensource-workshop.jp>
+ * @copyright OpenSource-WorkShop Co.,Ltd. All Rights Reserved
+ * @category ユーザ登録
+ * @package Rule
+ */
+class CustomValiLoginIdAndPasswordDoNotMatch implements Rule
+{
+    /** ログインID */
+    protected $login_id;
+    /** ログインIDのカラム名 */
+    protected $login_id_column_name;
+
+    /**
+     * Create a new rule instance.
+     *
+     * @return void
+     */
+    public function __construct(?string $login_id, string $login_id_column_name)
+    {
+        $this->login_id = $login_id;
+        $this->login_id_column_name = $login_id_column_name;
+    }
+
+    /**
+     * Determine if the validation rule passes.
+     *
+     * @param  string  $attribute 項目名
+     * @param  mixed  $value
+     * @return bool
+     */
+    public function passes($attribute, $value)
+    {
+        if ($value == $this->login_id) {
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Get the validation error message.
+     *
+     * @return string
+     */
+    public function message()
+    {
+        return ":attributeには{$this->login_id_column_name}と同じ文字列は指定できません。";
+    }
+}
diff --git a/tests/Browser/Manage/UserManageTest.php b/tests/Browser/Manage/UserManageTest.php
@@ -2,21 +2,24 @@
 
 namespace Tests\Browser\Manage;
 
-use Illuminate\Foundation\Testing\DatabaseMigrations;
-use Illuminate\Support\Facades\Artisan;
-use Laravel\Dusk\Browser;
-use Tests\DuskTestCase;
-
 use App\Models\Core\Configs;
-use App\User;
 use App\Models\Core\UsersColumns;
 use App\Models\Core\UsersColumnsSelects;
 use App\Models\Core\UsersInputCols;
 use App\Models\Core\UsersLoginHistories;
 use App\Models\Core\UsersRoles;
+use App\User;
+use Illuminate\Support\Facades\Artisan;
+use Laravel\Dusk\Browser;
+use Tests\DuskTestCase;
 
 /**
+ * ユーザ管理テスト
+ *
  * > tests\bin\connect-cms-test.bat
+ *
+ * @see https://github.com/opensource-workshop/connect-cms/wiki/Dusk#テスト実行 [How to test]
+ * @see \Tests\Browser\Manage\GroupManageTest 実行後に実行すること（グループが作成される）
  */
 class UserManageTest extends DuskTestCase
 {
@@ -207,8 +210,8 @@ private function regist()
                     ->type('name', 'テストユーザ')
                     ->type('userid', 'test-user')
                     ->type('email', 'test@osws.jp')
-                    ->type('password', 'test-user')
-                    ->type('password_confirmation', 'test-user')
+                    ->type('password', 'test-user2')
+                    ->type('password_confirmation', 'test-user2')
                     ->screenshot('manage/user/regist/images/regist1')
                     ->scrollIntoView('footer')
                     ->click('#label_role_reporter')