/**
  * Save current admin password to prevent its usage when changed in the future.
  *
  * @param EventObserver $observer
  * @return void
  */
 public function execute(EventObserver $observer)
 {
     /* @var $user \Magento\User\Model\User */
     $user = $observer->getEvent()->getObject();
     if ($user->getId()) {
         $passwordHash = $user->getPassword();
         $passwordLifetime = $this->observerConfig->getAdminPasswordLifetime();
         if ($passwordLifetime && $passwordHash && !$user->getForceNewPassword()) {
             $this->userResource->trackPassword($user, $passwordHash, $passwordLifetime);
             $this->messageManager->getMessages()->deleteMessageByIdentifier('magento_user_password_expired');
             $this->authSession->unsPciAdminUserIsPasswordExpired();
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function execute(InputInterface $input, OutputInterface $output)
 {
     $adminUserName = $input->getArgument(self::ARGUMENT_ADMIN_USERNAME);
     $userData = $this->adminUser->loadByUsername($adminUserName);
     $outputMessage = sprintf('Couldn\'t find the user account "%s"', $adminUserName);
     if ($userData) {
         if (isset($userData[self::USER_ID]) && $this->adminUser->unlock($userData[self::USER_ID])) {
             $outputMessage = sprintf('The user account "%s" has been unlocked', $adminUserName);
         } else {
             $outputMessage = sprintf('The user account "%s" was not locked or could not be unlocked', $adminUserName);
         }
     }
     $output->writeln('<info>' . $outputMessage . '</info>');
 }
 /**
  * Update locking information for the user
  *
  * @param \Magento\User\Model\User $user
  * @return void
  */
 private function _updateLockingInformation($user)
 {
     $now = new \DateTime();
     $lockThreshold = $this->observerConfig->getAdminLockThreshold();
     $maxFailures = $this->observerConfig->getMaxFailures();
     if (!($lockThreshold && $maxFailures)) {
         return;
     }
     $failuresNum = (int) $user->getFailuresNum() + 1;
     /** @noinspection PhpAssignmentInConditionInspection */
     if ($firstFailureDate = $user->getFirstFailure()) {
         $firstFailureDate = new \DateTime($firstFailureDate);
     }
     $newFirstFailureDate = false;
     $updateLockExpires = false;
     $lockThreshInterval = new \DateInterval('PT' . $lockThreshold . 'S');
     // set first failure date when this is first failure or last first failure expired
     if (1 === $failuresNum || !$firstFailureDate || $now->diff($firstFailureDate) > $lockThreshInterval) {
         $newFirstFailureDate = $now;
         // otherwise lock user
     } elseif ($failuresNum >= $maxFailures) {
         $updateLockExpires = $now->add($lockThreshInterval);
     }
     $this->userResource->updateFailure($user, $updateLockExpires, $newFirstFailureDate);
 }
 /**
  * @expectedException \Magento\Framework\Exception\LocalizedException
  * @return void
  */
 public function testAuthenticateException()
 {
     $username = '******';
     $password = '******';
     $config = 'config';
     $this->configMock->expects($this->once())->method('isSetFlag')->with('admin/security/use_case_sensitive_login')->willReturn($config);
     $this->eventManagerMock->expects($this->any())->method('dispatch');
     $this->resourceMock->expects($this->once())->method('loadByUsername')->willThrowException(new \Magento\Framework\Exception\LocalizedException(__()));
     $this->model->authenticate($username, $password);
 }
 public function testGetLatestPassword()
 {
     $uid = 123;
     $returnData = ['password1', 'password2'];
     $this->resourceMock->expects($this->atLeastOnce())->method('getConnection')->willReturn($this->dbAdapterMock);
     $this->dbAdapterMock->expects($this->once())->method('fetchRow')->willReturn($returnData);
     $this->dbAdapterMock->expects($this->once())->method('select')->willReturn($this->selectMock);
     $this->selectMock->expects($this->atLeastOnce())->method('from')->willReturn($this->selectMock);
     $this->selectMock->expects($this->atLeastOnce())->method('where')->willReturn($this->selectMock);
     $this->selectMock->expects($this->atLeastOnce())->method('order')->willReturn($this->selectMock);
     $this->selectMock->expects($this->atLeastOnce())->method('limit')->willReturn($this->selectMock);
     $this->assertEquals($returnData, $this->model->getLatestPassword($uid));
 }
 /**
  * Harden admin password change.
  *
  * New password must be minimum 7 chars length and include alphanumeric characters
  * The password is compared to at least last 4 previous passwords to prevent setting them again
  *
  * @param EventObserver $observer
  * @return void
  * @throws \Magento\Framework\Exception\LocalizedException
  */
 public function execute(EventObserver $observer)
 {
     /* @var $user \Magento\User\Model\User */
     $user = $observer->getEvent()->getObject();
     if ($user->getNewPassword()) {
         $password = $user->getNewPassword();
     } else {
         $password = $user->getPassword();
     }
     if ($password && !$user->getForceNewPassword() && $user->getId()) {
         if ($this->encryptor->isValidHash($password, $user->getOrigData('password'))) {
             throw new \Magento\Framework\Exception\LocalizedException(__('Sorry, but this password has already been used. Please create another.'));
         }
         // check whether password was used before
         $passwordHash = $this->encryptor->getHash($password, false);
         foreach ($this->userResource->getOldPasswords($user) as $oldPasswordHash) {
             if ($passwordHash === $oldPasswordHash) {
                 throw new \Magento\Framework\Exception\LocalizedException(__('Sorry, but this password has already been used. Please create another.'));
             }
         }
     }
 }
 public function testCheckAdminPasswordChangeThrowsLocalizedExp()
 {
     $newPW = "mYn3wpassw0rd";
     $uid = 123;
     /** @var \Magento\Framework\Event\Observer|\PHPUnit_Framework_MockObject_MockObject $eventObserverMock */
     $eventObserverMock = $this->getMockBuilder('Magento\\Framework\\Event\\Observer')->disableOriginalConstructor()->setMethods([])->getMock();
     /** @var \Magento\Framework\Event|\PHPUnit_Framework_MockObject_MockObject */
     $eventMock = $this->getMockBuilder('Magento\\Framework\\Event')->disableOriginalConstructor()->setMethods(['getObject'])->getMock();
     /** @var \Magento\User\Model\User|\PHPUnit_Framework_MockObject_MockObject $userMock */
     $userMock = $this->getMockBuilder('Magento\\User\\Model\\User')->disableOriginalConstructor()->setMethods(['getId', 'getNewPassword', 'getForceNewPassword'])->getMock();
     $eventObserverMock->expects($this->once())->method('getEvent')->willReturn($eventMock);
     $eventMock->expects($this->once())->method('getObject')->willReturn($userMock);
     $userMock->expects($this->atLeastOnce())->method('getNewPassword')->willReturn($newPW);
     $userMock->expects($this->once())->method('getForceNewPassword')->willReturn(false);
     $userMock->expects($this->once())->method('getId')->willReturn($uid);
     $this->encryptorMock->expects($this->once())->method('isValidHash')->willReturn(true);
     $this->userMock->method('getOldPasswords')->willReturn([md5('pw1'), md5('pw2')]);
     try {
         $this->model->execute($eventObserverMock);
     } catch (\Magento\Framework\Exception\LocalizedException $expected) {
         return;
     }
     $this->fail('An expected exception has not been raised.');
 }
 public function testCheckPasswordChangeValid()
 {
     /** @var $validatorMock \Magento\Framework\Validator\DataObject|\PHPUnit_Framework_MockObject_MockObject */
     $validatorMock = $this->getMockBuilder('Magento\\Framework\\Validator\\DataObject')->disableOriginalConstructor()->setMethods([])->getMock();
     $this->validatorObjectFactoryMock->expects($this->once())->method('create')->willReturn($validatorMock);
     $this->validationRulesMock->expects($this->once())->method('addUserInfoRules')->with($validatorMock);
     $validatorMock->expects($this->once())->method('isValid')->willReturn(true);
     $newPassword = "******";
     $newPasswordHash = "new password hash";
     $oldPassword = "******";
     $this->model->setPassword($newPassword)->setId(1)->setOrigData('password', $oldPassword);
     $this->encryptorMock->expects($this->once())->method('isValidHash')->with($newPassword, $oldPassword)->willReturn(false);
     $this->encryptorMock->expects($this->once())->method('getHash')->with($newPassword, false)->willReturn($newPasswordHash);
     $this->resourceMock->expects($this->once())->method('getOldPasswords')->willReturn(['hash1', 'hash2']);
     $result = $this->model->validate();
     $this->assertTrue($result);
 }
 /**
  * Test for performIdentityCheck method
  *
  * @param bool $verifyIdentityResult
  * @param bool $lockExpires
  * @dataProvider dataProviderPerformIdentityCheck
  */
 public function testPerformIdentityCheck($verifyIdentityResult, $lockExpires)
 {
     $password = '******';
     $userName = '******';
     $this->encryptorMock->expects($this->once())->method('validateHash')->with($password, $this->model->getPassword())->willReturn($verifyIdentityResult);
     $this->model->setIsActive(true);
     $this->resourceMock->expects($this->any())->method('hasAssigned2Role')->willReturn(true);
     $this->model->setUserName($userName);
     $this->model->setLockExpires($lockExpires);
     $this->eventManagerMock->expects($this->any())->method('dispatch')->with('admin_user_authenticate_after', ['username' => $userName, 'password' => $password, 'user' => $this->model, 'result' => $verifyIdentityResult])->willReturnSelf();
     if ($lockExpires) {
         $this->setExpectedException('\\Magento\\Framework\\Exception\\State\\UserLockedException', __('Your account is temporarily disabled.'));
     }
     if (!$verifyIdentityResult) {
         $this->setExpectedException('\\Magento\\Framework\\Exception\\AuthenticationException', __('You have entered an invalid password for current user.'));
     }
     $this->model->performIdentityCheck($password);
 }
 public function testAdminAuthenticateUpdateLockingInfo()
 {
     $password = "******";
     $uid = 123;
     $authResult = false;
     $firstFailure = '1965-07-08 11:14:15.638276';
     $numOfFailures = 5;
     /** @var Observer|\PHPUnit_Framework_MockObject_MockObject $eventObserverMock */
     $eventObserverMock = $this->getMockBuilder('Magento\\Framework\\Event\\Observer')->disableOriginalConstructor()->setMethods([])->getMock();
     /** @var Event|\PHPUnit_Framework_MockObject_MockObject */
     $eventMock = $this->getMockBuilder('Magento\\Framework\\Event')->disableOriginalConstructor()->setMethods(['getPassword', 'getUser', 'getResult'])->getMock();
     /** @var ModelUser|\PHPUnit_Framework_MockObject_MockObject $userMock */
     $userMock = $this->getMockBuilder('Magento\\User\\Model\\User')->disableOriginalConstructor()->setMethods(['getId', 'getFailuresNum', 'getFirstFailure'])->getMock();
     $eventObserverMock->expects($this->atLeastOnce())->method('getEvent')->willReturn($eventMock);
     $eventMock->expects($this->once())->method('getPassword')->willReturn($password);
     $eventMock->expects($this->once())->method('getUser')->willReturn($userMock);
     $eventMock->expects($this->once())->method('getResult')->willReturn($authResult);
     $userMock->expects($this->once())->method('getId')->willReturn($uid);
     $this->configInterfaceMock->expects($this->atLeastOnce())->method('getValue')->willReturn(1);
     $userMock->expects($this->once())->method('getFailuresNum')->willReturn($numOfFailures);
     $userMock->expects($this->once())->method('getFirstFailure')->willReturn($firstFailure);
     $this->userMock->expects($this->once())->method('updateFailure');
     $this->model->execute($eventObserverMock);
 }
 /**
  * Update role users ACL.
  *
  * @param Role $subject
  * @param Role $result
  * @return Role
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function afterSave(Role $subject, Role $result)
 {
     $this->userResourceModel->updateRoleUsersAcl($subject);
     return $result;
 }
 public function testAfterSave()
 {
     $this->userResourceModelMock->expects($this->once())->method('updateRoleUsersAcl')->with($this->roleMock);
     $this->assertInstanceOf('\\Magento\\Authorization\\Model\\Role', $this->model->afterSave($this->roleMock, $this->roleMock));
 }
Exemple #13
0
 public function testGetValidationRulesBeforeSave()
 {
     $rules = $this->_model->getValidationRulesBeforeSave();
     $this->assertInstanceOf('Zend_Validate_Interface', $rules);
 }