Code Coverage for /home/runner/work/tao-community/tao-community/tao/actions/class.PasswordRecovery.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 58	0.00% covered (danger)	0.00%	0 / 4	CRAP	0.00% covered (danger)	0.00%	0 / 1
tao_actions_PasswordRecovery	0.00% covered (danger)	0.00%	0 / 58	0.00% covered (danger)	0.00%	0 / 4	156	0.00% covered (danger)	0.00%	0 / 1
index	0.00% covered (danger)	0.00%	0 / 19	0.00% covered (danger)	0.00%	0 / 1	20
resetPassword	0.00% covered (danger)	0.00%	0 / 26	0.00% covered (danger)	0.00%	0 / 1	20
sendMessage	0.00% covered (danger)	0.00%	0 / 12	0.00% covered (danger)	0.00%	0 / 1	12
getPasswordRecovery	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2

1	<?php
2
3	/**
4	* This program is free software; you can redistribute it and/or
5	* modify it under the terms of the GNU General Public License
6	* as published by the Free Software Foundation; under version 2
7	* of the License (non-upgradable).
8	*
9	* This program is distributed in the hope that it will be useful,
10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	* GNU General Public License for more details.
13	*
14	* You should have received a copy of the GNU General Public License
15	* along with this program; if not, write to the Free Software
16	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17	*
18	* Copyright (c) 2015-2018 (original work) Open Assessment Technologies SA;
19	*
20	*/
21
22	use oat\generis\model\GenerisRdf;
23	use oat\tao\model\passwordRecovery\PasswordRecoveryService;
24	use oat\oatbox\log\LoggerAwareTrait;
25	use tao_helpers_form_FormContainer as FormContainer;
26
27	/**
28	* Controller provide actions to reset user password
29	*
30	* @author Aleh Hutnikau <hutnikau@1pt.com>
31	*/
32	class tao_actions_PasswordRecovery extends tao_actions_CommonModule
33	{
34	use LoggerAwareTrait;
35
36	/**
37	* Show password recovery request form
38	*
39	* @author Aleh Hutnikau <hutnikau@1pt.com>
40	*/
41	public function index()
42	{
43	$this->defaultData();
44	$formContainer = new tao_actions_form_PasswordRecovery([], [FormContainer::CSRF_PROTECTION_OPTION => true]);
45
46	$form = $formContainer->getForm();
47
48	if ($form->isSubmited() && $form->isValid()) {
49	$mail = $form->getValue('userMail');
50	$user = $this->getPasswordRecovery()->getUser(GenerisRdf::PROPERTY_USER_MAIL, $mail);
51
52	if ($user !== null) {
53	$this->logInfo("User requests a password (user URI: {$user->getUri()})");
54	$this->sendMessage($user);
55	} else {
56	$this->logInfo("Unsuccessful recovery password. Entered e-mail address: {$mail}.");
57	$this->setData('header', __('An email has been sent'));
58	$this->setData(
59	'info',
60	__('A message with further instructions has been sent to your email address: %s', $mail)
61	);
62	$this->setData('content-template', ['passwordRecovery/password-recovery-info.tpl', 'tao']);
63	}
64	} else {
65	$this->setData('form', $form->render());
66	$this->setData('content-template', ['passwordRecovery/index.tpl', 'tao']);
67	}
68
69	$this->setView('layout.tpl', 'tao');
70	}
71
72	/**
73	* Password resrt form
74	*
75	* @author Aleh Hutnikau <hutnikau@1pt.com>
76	*/
77	public function resetPassword()
78	{
79	$this->defaultData();
80	$token = $this->getRequestParameter('token');
81
82	$formContainer = new tao_actions_form_ResetUserPassword([], [FormContainer::CSRF_PROTECTION_OPTION => true]);
83
84	$form = $formContainer->getForm();
85
86	$form->setValues(['token' => $token]);
87
88	$user = $this->getPasswordRecovery()->getUser(
89	PasswordRecoveryService::PROPERTY_PASSWORD_RECOVERY_TOKEN,
90	$token
91	);
92
93	if ($user === null) {
94	$this->logInfo("Password recovery token not found. Token value: {$token}");
95	$this->setData('header', __('User not found'));
96	$this->setData(
97	'error',
98	// phpcs:disable Generic.Files.LineLength
99	__('This password reset link is no longer valid. It may have already been used. If you still wish to reset your password please request a new link')
100	// phpcs:enable Generic.Files.LineLength
101	);
102	$this->setData('content-template', ['passwordRecovery/password-recovery-info.tpl', 'tao']);
103	} elseif ($form->isSubmited() && $form->isValid()) {
104	$this->getPasswordRecovery()->setPassword($user, $form->getValue('newpassword'));
105	$this->logInfo("User {$user->getUri()} has changed the password.");
106	$this->setData('info', __('Password successfully changed'));
107	$this->setData('content-template', ['passwordRecovery/password-recovery-info.tpl', 'tao']);
108	} else {
109	$this->setData('form', $form->render());
110	$this->setData('content-template', ['passwordRecovery/password-reset.tpl', 'tao']);
111	}
112
113	$this->setView('layout.tpl', 'tao');
114	}
115
116	/**
117	* Send message with password recovery instructions
118	*
119	* @author Aleh Hutnikau <hutnikau@1pt.com>
120	* @param User $user
121	* @return void
122	*/
123	private function sendMessage(core_kernel_classes_Resource $user)
124	{
125	try {
126	$messageSent = $this->getPasswordRecovery()->sendMail($user);
127	} catch (Exception $e) {
128	$messageSent = false;
129	$this->logWarning("Unsuccessful recovery password. {$e->getMessage()}.");
130	}
131
132	if ($messageSent) {
133	$mail = $this->getPasswordRecovery()->getUserMail($user);
134	$this->setData('header', __('An email has been sent'));
135	$this->setData(
136	'info',
137	__('A message with further instructions has been sent to your email address: %s', $mail)
138	);
139	} else {
140	$this->setData('error', __('Unable to send the password reset request'));
141	}
142	}
143
144	/**
145	* @return PasswordRecoveryService
146	*/
147	protected function getPasswordRecovery()
148	{
149	return PasswordRecoveryService::singleton();
150	}
151	}