Skip to content

Commit

Permalink
ENGCOM-4581: [2.3]creating customer without password is directly conf…
Browse files Browse the repository at this point in the history 
…irmed 14492 magento#21394
  • Loading branch information
@p-bystritsky
p-bystritsky authored Jun 3, 2019
2 parents 83afb14 + 5d57272 commit 4033888
Show file tree
Hide file tree
Showing 6 changed files with 351 additions and 138 deletions.
33 changes: 25 additions & 8 deletions app/code/Magento/Customer/Controller/Account/CreatePassword.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,17 @@
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
declare(strict_types=1);

namespace Magento\Customer\Controller\Account;

use Magento\Customer\Api\AccountManagementInterface;
use Magento\Customer\Model\ForgotPasswordToken\ConfirmCustomerByToken;
use Magento\Customer\Model\Session;
use Magento\Framework\App\Action\HttpGetActionInterface;
use Magento\Framework\View\Result\PageFactory;
use Magento\Framework\App\Action\Context;
use Magento\Framework\App\ObjectManager;

/**
* Class CreatePassword
Expand All @@ -34,20 +38,30 @@ class CreatePassword extends \Magento\Customer\Controller\AbstractAccount implem
protected $resultPageFactory;

/**
* @param Context $context
* @param Session $customerSession
* @param PageFactory $resultPageFactory
* @param AccountManagementInterface $accountManagement
* @var \Magento\Customer\Model\ForgotPasswordToken\ConfirmCustomerByToken
*/
private $confirmByToken;

/**
* @param \Magento\Framework\App\Action\Context $context
* @param \Magento\Customer\Model\Session $customerSession
* @param \Magento\Framework\View\Result\PageFactory $resultPageFactory
* @param \Magento\Customer\Api\AccountManagementInterface $accountManagement
* @param \Magento\Customer\Model\ForgotPasswordToken\ConfirmCustomerByToken $confirmByToken
*/
public function __construct(
Context $context,
Session $customerSession,
PageFactory $resultPageFactory,
AccountManagementInterface $accountManagement
AccountManagementInterface $accountManagement,
ConfirmCustomerByToken $confirmByToken = null
) {
$this->session = $customerSession;
$this->resultPageFactory = $resultPageFactory;
$this->accountManagement = $accountManagement;
$this->confirmByToken = $confirmByToken
?? ObjectManager::getInstance()->get(ConfirmCustomerByToken::class);

parent::__construct($context);
}

Expand All @@ -67,6 +81,8 @@ public function execute()
try {
$this->accountManagement->validateResetPasswordLinkToken(null, $resetPasswordToken);

$this->confirmByToken->execute($resetPasswordToken);

if ($isDirectLink) {
$this->session->setRpToken($resetPasswordToken);
$resultRedirect = $this->resultRedirectFactory->create();
Expand All @@ -77,16 +93,17 @@ public function execute()
/** @var \Magento\Framework\View\Result\Page $resultPage */
$resultPage = $this->resultPageFactory->create();
$resultPage->getLayout()
->getBlock('resetPassword')
->setResetPasswordLinkToken($resetPasswordToken);
->getBlock('resetPassword')
->setResetPasswordLinkToken($resetPasswordToken);

return $resultPage;
}
} catch (\Exception $exception) {
$this->messageManager->addError(__('Your password reset link has expired.'));
$this->messageManager->addErrorMessage(__('Your password reset link has expired.'));
/** @var \Magento\Framework\Controller\Result\Redirect $resultRedirect */
$resultRedirect = $this->resultRedirectFactory->create();
$resultRedirect->setPath('*/*/forgotpassword');

return $resultRedirect;
}
}
Expand Down
138 changes: 68 additions & 70 deletions app/code/Magento/Customer/Model/AccountManagement.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
use Magento\Customer\Model\Config\Share as ConfigShare;
use Magento\Customer\Model\Customer as CustomerModel;
use Magento\Customer\Model\Customer\CredentialsValidator;
use Magento\Customer\Model\ForgotPasswordToken\GetCustomerByToken;
use Magento\Customer\Model\Metadata\Validator;
use Magento\Customer\Model\ResourceModel\Visitor\CollectionFactory;
use Magento\Directory\Model\AllowedCountries;
Expand Down Expand Up @@ -44,7 +45,6 @@
use Magento\Framework\Intl\DateTimeFactory;
use Magento\Framework\Mail\Template\TransportBuilder;
use Magento\Framework\Math\Random;
use Magento\Framework\Phrase;
use Magento\Framework\Reflection\DataObjectProcessor;
use Magento\Framework\Registry;
use Magento\Framework\Session\SaveHandlerInterface;
Expand Down Expand Up @@ -345,6 +345,11 @@ class AccountManagement implements AccountManagementInterface
*/
private $allowedCountriesReader;

/**
* @var GetCustomerByToken
*/
private $getByToken;

/**
* @param CustomerFactory $customerFactory
* @param ManagerInterface $eventManager
Expand Down Expand Up @@ -377,10 +382,12 @@ class AccountManagement implements AccountManagementInterface
* @param CollectionFactory|null $visitorCollectionFactory
* @param SearchCriteriaBuilder|null $searchCriteriaBuilder
* @param AddressRegistry|null $addressRegistry
* @param GetCustomerByToken|null $getByToken
* @param AllowedCountries|null $allowedCountriesReader
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.ExcessiveParameterList)
* @SuppressWarnings(PHPMD.NPathComplexity)
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.LongVariable)
*/
public function __construct(
CustomerFactory $customerFactory,
Expand Down Expand Up @@ -414,6 +421,7 @@ public function __construct(
CollectionFactory $visitorCollectionFactory = null,
SearchCriteriaBuilder $searchCriteriaBuilder = null,
AddressRegistry $addressRegistry = null,
GetCustomerByToken $getByToken = null,
AllowedCountries $allowedCountriesReader = null
) {
$this->customerFactory = $customerFactory;
Expand All @@ -439,23 +447,26 @@ public function __construct(
$this->customerModel = $customerModel;
$this->objectFactory = $objectFactory;
$this->extensibleDataObjectConverter = $extensibleDataObjectConverter;
$objectManager = ObjectManager::getInstance();
$this->credentialsValidator =
$credentialsValidator ?: ObjectManager::getInstance()->get(CredentialsValidator::class);
$this->dateTimeFactory = $dateTimeFactory ?: ObjectManager::getInstance()->get(DateTimeFactory::class);
$this->accountConfirmation = $accountConfirmation ?: ObjectManager::getInstance()
$credentialsValidator ?: $objectManager->get(CredentialsValidator::class);
$this->dateTimeFactory = $dateTimeFactory ?: $objectManager->get(DateTimeFactory::class);
$this->accountConfirmation = $accountConfirmation ?: $objectManager
->get(AccountConfirmation::class);
$this->sessionManager = $sessionManager
?: ObjectManager::getInstance()->get(SessionManagerInterface::class);
?: $objectManager->get(SessionManagerInterface::class);
$this->saveHandler = $saveHandler
?: ObjectManager::getInstance()->get(SaveHandlerInterface::class);
?: $objectManager->get(SaveHandlerInterface::class);
$this->visitorCollectionFactory = $visitorCollectionFactory
?: ObjectManager::getInstance()->get(CollectionFactory::class);
?: $objectManager->get(CollectionFactory::class);
$this->searchCriteriaBuilder = $searchCriteriaBuilder
?: ObjectManager::getInstance()->get(SearchCriteriaBuilder::class);
?: $objectManager->get(SearchCriteriaBuilder::class);
$this->addressRegistry = $addressRegistry
?: ObjectManager::getInstance()->get(AddressRegistry::class);
?: $objectManager->get(AddressRegistry::class);
$this->getByToken = $getByToken
?: $objectManager->get(GetCustomerByToken::class);
$this->allowedCountriesReader = $allowedCountriesReader
?: ObjectManager::getInstance()->get(AllowedCountries::class);
?: $objectManager->get(AllowedCountries::class);
}

/**
Expand Down Expand Up @@ -521,8 +532,11 @@ public function activateById($customerId, $confirmationKey)
* @param \Magento\Customer\Api\Data\CustomerInterface $customer
* @param string $confirmationKey
* @return \Magento\Customer\Api\Data\CustomerInterface
* @throws \Magento\Framework\Exception\State\InvalidTransitionException
* @throws \Magento\Framework\Exception\State\InputMismatchException
* @throws InputException
* @throws InputMismatchException
* @throws InvalidTransitionException
* @throws LocalizedException
* @throws NoSuchEntityException
*/
private function activateCustomer($customer, $confirmationKey)
{
Expand Down Expand Up @@ -630,42 +644,6 @@ public function initiatePasswordReset($email, $template, $websiteId = null)
return false;
}

/**
* Match a customer by their RP token.
*
* @param string $rpToken
* @throws ExpiredException
* @throws NoSuchEntityException
* @return CustomerInterface
* @throws LocalizedException
*/
private function matchCustomerByRpToken(string $rpToken): CustomerInterface
{
$this->searchCriteriaBuilder->addFilter(
'rp_token',
$rpToken
);
$this->searchCriteriaBuilder->setPageSize(1);
$found = $this->customerRepository->getList(
$this->searchCriteriaBuilder->create()
);
if ($found->getTotalCount() > 1) {
//Failed to generated unique RP token
throw new ExpiredException(
new Phrase('Reset password token expired.')
);
}
if ($found->getTotalCount() === 0) {
//Customer with such token not found.
throw NoSuchEntityException::singleField(
'rp_token',
$rpToken
);
}
//Unique customer found.
return $found->getItems()[0];
}

/**
* Handle not supported template
*
Expand All @@ -674,15 +652,17 @@ private function matchCustomerByRpToken(string $rpToken): CustomerInterface
*/
private function handleUnknownTemplate($template)
{
throw new InputException(__(
'Invalid value of "%value" provided for the %fieldName field. Possible values: %template1 or %template2.',
[
'value' => $template,
'fieldName' => 'template',
'template1' => AccountManagement::EMAIL_REMINDER,
'template2' => AccountManagement::EMAIL_RESET
]
));
throw new InputException(
__(
'Invalid value of "%value" provided for the %fieldName field. Possible values: %template1 or %template2.',
[
'value' => $template,
'fieldName' => 'template',
'template1' => AccountManagement::EMAIL_REMINDER,
'template2' => AccountManagement::EMAIL_RESET
]
)
);
}

/**
Expand All @@ -691,7 +671,7 @@ private function handleUnknownTemplate($template)
public function resetPassword($email, $resetToken, $newPassword)
{
if (!$email) {
$customer = $this->matchCustomerByRpToken($resetToken);
$customer = $this->getByToken->execute($resetToken);
$email = $customer->getEmail();
} else {
$customer = $this->customerRepository->get($email);
Expand Down Expand Up @@ -830,6 +810,8 @@ public function getConfirmationStatus($customerId)

/**
* @inheritdoc
*
* @throws LocalizedException
*/
public function createAccount(CustomerInterface $customer, $password = null, $redirectUrl = '')
{
Expand All @@ -852,6 +834,8 @@ public function createAccount(CustomerInterface $customer, $password = null, $re

/**
* @inheritdoc
*
* @throws InputMismatchException
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
Expand Down Expand Up @@ -987,6 +971,8 @@ protected function sendEmailConfirmation(CustomerInterface $customer, $redirectU

/**
* @inheritdoc
*
* @throws InvalidEmailOrPasswordException
*/
public function changePassword($email, $currentPassword, $newPassword)
{
Expand All @@ -1000,6 +986,8 @@ public function changePassword($email, $currentPassword, $newPassword)

/**
* @inheritdoc
*
* @throws InvalidEmailOrPasswordException
*/
public function changePasswordById($customerId, $currentPassword, $newPassword)
{
Expand Down Expand Up @@ -1137,12 +1125,14 @@ public function isCustomerInStore($customerWebsiteId, $storeId)
*
* @param int $customerId
* @param string $resetPasswordLinkToken
*
* @return bool
* @throws \Magento\Framework\Exception\State\InputMismatchException If token is mismatched
* @throws \Magento\Framework\Exception\State\ExpiredException If token is expired
* @throws \Magento\Framework\Exception\InputException If token or customer id is invalid
* @throws \Magento\Framework\Exception\NoSuchEntityException If customer doesn't exist
* @throws ExpiredException If token is expired
* @throws InputException If token or customer id is invalid
* @throws InputMismatchException If token is mismatched
* @throws LocalizedException
* @throws NoSuchEntityException If customer doesn't exist
* @SuppressWarnings(PHPMD.LongVariable)
*/
private function validateResetPasswordToken($customerId, $resetPasswordLinkToken)
{
Expand All @@ -1157,7 +1147,8 @@ private function validateResetPasswordToken($customerId, $resetPasswordLinkToken

if ($customerId === null) {
//Looking for the customer.
$customerId = $this->matchCustomerByRpToken($resetPasswordLinkToken)
$customerId = $this->getByToken
->execute($resetPasswordLinkToken)
->getId();
}
if (!is_string($resetPasswordLinkToken) || empty($resetPasswordLinkToken)) {
Expand Down Expand Up @@ -1325,13 +1316,20 @@ protected function sendEmailTemplate(
}

$transport = $this->transportBuilder->setTemplateIdentifier($templateId)
->setTemplateOptions(['area' => Area::AREA_FRONTEND, 'store' => $storeId])
->setTemplateOptions(
[
'area' => Area::AREA_FRONTEND,
'store' => $storeId
]
)
->setTemplateVars($templateParams)
->setFrom($this->scopeConfig->getValue(
$sender,
ScopeInterface::SCOPE_STORE,
$storeId
))
->setFrom(
$this->scopeConfig->getValue(
$sender,
ScopeInterface::SCOPE_STORE,
$storeId
)
)
->addTo($email, $this->customerViewHelper->getCustomerName($customer))
->getTransport();

Expand Down
Loading

0 comments on commit 4033888

Please sign in to comment.