/**
*
*/
public function testInsertLastUsedPasswords()
{
// Persist the user
$this->user->save();
$passwords = array('asjfdkj2i2', 'asdjfkjasfjl', 'asdfjkasjdfas');
$result = $this->userMapper->insertLastUsedPasswords($this->user->getId(), $passwords);
$this->assertNotNull($result);
$this->assertEquals($passwords, $result['passwords']);
return array($this->user->getId(), $passwords);
}
public function testLoadUser()
{
// Persist user
$this->_user->save();
$user = $this->_service->load($this->_user->getId());
$this->assertInstanceOf('\\Application\\Model\\UserModel', $user);
$expData = $this->_user->exportData();
$actData = $user->exportData();
unset($actData['created']);
unset($actData['modified']);
$this->assertEquals($expData, $actData);
}
public function testCreateNewUser()
{
$user = new UserModel($this->_data);
$user->save();
$this->assertNotNull($user->getId());
}
public function updatePassword(UserModel $user, $newPassword, $oldPassword = null)
{
if (!$user->getId()) {
throw new InvalidArgumentException('Supplied user model does not have an Id');
}
if (!$newPassword) {
throw new InvalidArgumentException('newPassword param not given');
}
$userId = $user->getId();
// Fetch password hashing resource
$bootstrap = \Zend_Controller_Front::getInstance()->getParam('bootstrap');
$phpass = $bootstrap->getResource('PHPass');
if ($oldPassword && !$phpass->checkPassword($oldPassword, $user->getPassword())) {
throw new \Application\Exceptions\ValidateException("Invalid old password given", ValidationCodes::USER_INVALID_PASSWORD);
}
// Validate password
$user->setPassword($newPassword);
$this->validatePassword($user);
// Store a hashed version of the password in the user profile
$user->setPassword($phpass->hashPassword($newPassword));
$user->setLastPasswordChange(time());
// Update last used passwords
$lastUsedPasswordsLimit = \App::config('lastUsedPasswordsLimit', 10);
$lastUsedPasswords = $this->getLastUsedPasswords($userId);
if (!$lastUsedPasswords) {
$lastUsedPasswords = array();
}
if (count($lastUsedPasswords) >= $lastUsedPasswordsLimit) {
$limit = $lastUsedPasswordsLimit - 1;
$lastUsedPasswords = array_slice($lastUsedPasswords, $limit * -1, $limit);
}
array_push($lastUsedPasswords, sha1($newPassword));
UserMapper::getInstance()->insertLastUsedPasswords($user->id, $lastUsedPasswords);
// Persist the changes
$user->save();
// Remove old token if exists
$userMapper = \Application\Model\Mapper\UserMapper::getInstance();
$userMapper->removeLostPasswordToken($user->getId());
\App::audit('Updated password for user with Id ' . $user->getId(), $user);
$this->_sendEvent('update', $user);
return $user;
}
