Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Sécurité - Login] Ne pas logger automatiquement les utilisateurs à la réinitialisation de mot de passe #2144

Merged
merged 2 commits into from
Jan 30, 2024
Merged

[Sécurité - Login] Ne pas logger automatiquement les utilisateurs à la réinitialisation de mot de passe #2144

merged 2 commits into from
Jan 30, 2024

Conversation

numew
Copy link
Collaborator

@numew numew commented Jan 25, 2024
edited by hmeneuvrier
Loading

Ticket

#2034

Description

  • Suppression du système de login par lien
  • Adaptation des système d'activation du compte et réinitialisation du mot de passe
  • Utilisation des contraintes sur le mot de passe lors de la création/modification du mot de passe

Changements apportés

Tests

  • Tester l'activation d'un compte inactif (ne doit pas être possible sous un autre statut)
  • Tester la réinitialisation d'un mot de passe sur un compte actif (ne doit pas être possible sous un autre statut)
  • Tester le transfert d'un utilisateur actif et inactif vers un autre partenaire
  • Tester la commande make console app="add-user"
  • Tester la commande make console app="remind-inactive-user"
  • Tester la commande make console app="reinit-admin-passwords"

sfinx13
sfinx13 requested changes Jan 29, 2024
View reviewed changes
src/Service/Mailer/Mail/Account/AccountActivationBoMailer.php Outdated Show resolved Hide resolved
src/Service/Mailer/Mail/Account/AccountActivationFoMailer.php Outdated
$loginLinkDetails = $this->loginLinkHandler->createLoginLink($notificationMail->getUser());
$user = $notificationMail->getUser();
$this->userManager->loadUserTokenForUser($user);
$link = $this->generateLink('activate_account', ['user' => $user->getId(), 'token' => $user->getToken()]);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Plutôt s'appuyer sur l'uuid que les id généré en auto-increment

src/Service/Mailer/Mail/Account/AccountActivationReminderMailer.php Outdated Show resolved Hide resolved
src/Service/Mailer/Mail/Account/AccountLostPasswordMailer.php Outdated Show resolved Hide resolved
src/Service/Mailer/Mail/Account/AccountTransferMailer.php Outdated Show resolved Hide resolved
tests/Functional/Controller/UserAccountControllerTest.php Outdated Show resolved Hide resolved
tests/Functional/Controller/UserAccountControllerTest.php Outdated Show resolved Hide resolved
src/Controller/Security/UserAccountController.php Outdated Show resolved Hide resolved
@hmeneuvrier
Copy link
Collaborator

Tests OK

hmeneuvrier
hmeneuvrier approved these changes Jan 29, 2024
View reviewed changes
Copy link
Collaborator

@hmeneuvrier hmeneuvrier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pas de commentaire en plus, tests OK

emilschn
emilschn requested changes Jan 29, 2024
View reviewed changes
Copy link
Collaborator

@emilschn emilschn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pas testé, juste relevé une typo :)

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jan 29, 2024

Quality Gate Failed Quality Gate failed

Failed conditions

6.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarCloud

@sfinx13
Copy link
Collaborator

sfinx13 commented Jan 30, 2024

J'ai ajouté ce test et c'est OK

make console app="import-grid-affectation 78"

@sfinx13 sfinx13 merged commit 44d6880 into develop Jan 30, 2024
2 of 3 checks passed
@emilschn emilschn added v1.15.0 and removed v1.15.0 labels Feb 6, 2024
@sfinx13 sfinx13 deleted the feature/2034-password-lost-feature branch February 13, 2024 21:09
@sfinx13 sfinx13 mentioned this pull request Mar 18, 2024
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emilschn emilschn emilschn requested changes

@sfinx13 sfinx13 sfinx13 approved these changes

@hmeneuvrier hmeneuvrier hmeneuvrier approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@numew @hmeneuvrier @sfinx13 @emilschn