Skip to content
Permalink
Browse files

NEW Make Member::changePassword extensible

  • Loading branch information...
robbieaverill committed Oct 3, 2017
1 parent daad976 commit 6b52412693eaf13d0ae60bb807180069d9cb7eec
@@ -1680,8 +1680,10 @@ public function validate()
}
/**
* Change password. This will cause rehashing according to
* the `PasswordEncryption` property.
* Change password. This will cause rehashing according to the `PasswordEncryption` property. This method will
* allow extensions to perform actions and augment the validation result if required before the password is written
* and can check it after the write also. Note that the onAfterChangePassword extension point receives a clone of
* the validation result which cannot be modified.
*
* @param string $password Cleartext password
* @return ValidationResult
@@ -1691,11 +1693,15 @@ public function changePassword($password)
$this->Password = $password;
$valid = $this->validate();
$this->extend('onBeforeChangePassword', $password, $valid);
if ($valid->isValid()) {
$this->AutoLoginHash = null;
$this->write();
}
$this->extend('onAfterChangePassword', $password, $valid);
return $valid;
}
@@ -11,6 +11,7 @@
use SilverStripe\ORM\DB;
use SilverStripe\ORM\FieldType\DBDatetime;
use SilverStripe\ORM\ValidationException;
use SilverStripe\ORM\ValidationResult;
use SilverStripe\Security\Group;
use SilverStripe\Security\IdentityStore;
use SilverStripe\Security\Member;
@@ -1462,4 +1463,20 @@ public function testActAsUser()
});
$this->assertEmpty($member);
}
public function testChangePasswordWithExtensionsThatModifyValidationResult()
{
// Default behaviour
$member = $this->objFromFixture(Member::class, 'admin');
$result = $member->changePassword('my-secret-new-password');
$this->assertInstanceOf(ValidationResult::class, $result);
$this->assertTrue($result->isValid());
// With an extension added
Member::add_extension(MemberTest\ExtendedChangePasswordExtension::class);
$member = $this->objFromFixture(Member::class, 'admin');
$result = $member->changePassword('my-second-secret-password');
$this->assertInstanceOf(ValidationResult::class, $result);
$this->assertFalse($result->isValid());
}
}
@@ -0,0 +1,18 @@
<?php
namespace SilverStripe\Security\Tests\MemberTest;
use SilverStripe\Dev\TestOnly;
use SilverStripe\ORM\DataExtension;
use SilverStripe\ORM\ValidationResult;
/**
* Extension that does something extra when changing a member's password
*/
class ExtendedChangePasswordExtension extends DataExtension implements TestOnly
{
public function onBeforeChangePassword($newPassword, $valid)
{
$valid->addError('Extension failed to handle Mary changing her password');
}
}

0 comments on commit 6b52412

Please sign in to comment.
You can’t perform that action at this time.