diff --git a/login/tests/lib_test.php b/login/tests/lib_test.php index 5b55f40fb7f..fccb928e751 100644 --- a/login/tests/lib_test.php +++ b/login/tests/lib_test.php @@ -222,4 +222,132 @@ class core_login_lib_testcase extends advanced_testcase { list($status, $notice, $url) = core_login_process_password_reset(null, 'fakeemail@nofd.zdy'); $this->assertEquals('emailpasswordconfirmnotsent', $status); } + + /** + * Data provider for \core_login_lib_testcase::test_core_login_validate_forgot_password_data(). + */ + public function forgot_password_data_provider() { + return [ + 'Both username and password supplied' => [ + [ + 'username' => 's1', + 'email' => 's1@example.com' + ], + [ + 'username' => get_string('usernameoremail'), + 'email' => get_string('usernameoremail'), + ] + ], + 'Valid username' => [ + ['username' => 's1'] + ], + 'Valid username, different case' => [ + ['username' => 'S1'] + ], + 'Valid username, different case, username protection off' => [ + ['username' => 'S1'], + [], + ['protectusernames' => 0] + ], + 'Non-existent username' => [ + ['username' => 's2'], + ], + 'Non-existing username, username protection off' => [ + ['username' => 's2'], + ['username' => get_string('usernamenotfound')], + ['protectusernames' => 0] + ], + 'Valid username, unconfirmed username' => [ + ['username' => 's1'], + ['email' => get_string('confirmednot')], + ['confirmed' => 0] + ], + 'Invalid email' => [ + ['email' => 's1-example.com'], + ['email' => get_string('invalidemail')] + ], + 'Multiple accounts with the same email' => [ + ['email' => 's1@example.com'], + ['email' => get_string('forgottenduplicate')], + ['allowaccountssameemail' => 1] + ], + 'Non-existent email, username protection on' => [ + ['email' => 's2@example.com'] + ], + 'Non-existent email, username protection off' => [ + ['email' => 's2@example.com'], + ['email' => get_string('emailnotfound')], + ['protectusernames' => 0] + ], + 'Valid email' => [ + ['email' => 's1@example.com'] + ], + 'Valid email, different case' => [ + ['email' => 'S1@EXAMPLE.COM'] + ], + 'Valid email, unconfirmed user' => [ + ['email' => 's1@example.com'], + ['email' => get_string('confirmednot')], + ['confirmed' => 0] + ], + ]; + } + + /** + * Test for core_login_validate_forgot_password_data(). + * + * @dataProvider forgot_password_data_provider + * @param array $data Key-value array containing username and email data. + * @param array $errors Key-value array containing error messages for the username and email fields. + * @param array $options Options for $CFG->protectusernames, $CFG->allowaccountssameemail and $user->confirmed. + */ + public function test_core_login_validate_forgot_password_data($data, $errors = [], $options = []) { + $this->resetAfterTest(); + + // Set config settings we need for our environment. + $protectusernames = $options['protectusernames'] ?? 1; + set_config('protectusernames', $protectusernames); + + $allowaccountssameemail = $options['allowaccountssameemail'] ?? 0; + set_config('allowaccountssameemail', $allowaccountssameemail); + + // Generate the user data. + $generator = $this->getDataGenerator(); + $userdata = [ + 'username' => 's1', + 'email' => 's1@example.com', + 'confirmed' => $options['confirmed'] ?? 1 + ]; + $generator->create_user($userdata); + + if ($allowaccountssameemail) { + // Create another user with the same email address. + $generator->create_user(['email' => 's1@example.com']); + } + + // Validate the data. + $validationerrors = core_login_validate_forgot_password_data($data); + + // Check validation errors for the username field. + if (isset($errors['username'])) { + // If we expect and error for the username field, confirm that it's set. + $this->assertArrayHasKey('username', $validationerrors); + // And the actual validation error is equal to the expected validation error. + $this->assertEquals($errors['username'], $validationerrors['username']); + } else { + // If we don't expect that there's a validation for the username field, confirm that it's not set. + $this->assertArrayNotHasKey('username', $validationerrors); + } + + // Check validation errors for the email field. + if (isset($errors['email'])) { + // If we expect and error for the email field, confirm that it's set. + $this->assertArrayHasKey('email', $validationerrors); + // And the actual validation error is equal to the expected validation error. + $this->assertEquals($errors['email'], $validationerrors['email']); + } else { + // If we don't expect that there's a validation for the email field, confirm that it's not set. + $this->assertArrayNotHasKey('email', $validationerrors); + } + } }