diff --git a/dbee.module b/dbee.module index fe5d5fe..4d11a3c 100644 --- a/dbee.module +++ b/dbee.module @@ -523,6 +523,46 @@ function dbee_user_account_form_validate($form, &$form_state) { } /** + * Implements hook_form_FORM_ID_alter(). + * + * Replace the email validation callback into the "ask new password" form. + */ +function dbee_form_user_pass_alter(&$form, &$form_state, $form_id) { + $to_replace = 'user_pass_validate'; + $replaced_by = 'dbee_user_pass_validate'; + $key_to_replace = array_search($to_replace, $form['#validate']); + if ($key_to_replace !== FALSE) { + $form['#validate'][$key_to_replace] = $replaced_by; + } +} + +/** + * Form validation handler for user_pass(). + * + * This function replace the user_pass_validate() core function. + * + * @see user_pass_validate() + */ +function dbee_user_pass_validate($form, &$form_state) { + $name = trim($form_state['values']['name']); + // Try to load by email. + // HERE: we edit the core function. + $users = user_load_multiple(array(), array('dbee_mail' => dbee_encrypt($name, TRUE), 'status' => '1')); + $account = reset($users); + if (!$account) { + // No success, try to load by name. + $users = user_load_multiple(array(), array('name' => $name, 'status' => '1')); + $account = reset($users); + } + if (isset($account->uid)) { + form_set_value(array('#parents' => array('account')), $account, $form_state); + } + else { + form_set_error('name', t('Sorry, %name is not recognized as a user name or an e-mail address.', array('%name' => $name))); + } +} + +/** * Implements hook_aes_config_change(). */ function dbee_aes_config_change($decrypt_params, $encrypt_params) { diff --git a/tests/dbee.test b/tests/dbee.test index 798543c..a8813e2 100644 --- a/tests/dbee.test +++ b/tests/dbee.test @@ -521,6 +521,69 @@ class DbeeEditUserTestCase extends DbeeWebTestCase { } } +class DbeeUserPassTestCase extends DbeeWebTestCase { + protected $edited_user_account; + protected $existing_user; + + public static function getInfo() { + return array( + 'name' => 'User lost password', + 'description' => 'Test sending email for lost password user.', + 'group' => 'DataBase Email Encryption', + ); + } + + public function setUp() { + parent::setUp('aes', 'dbee'); + // Create a basic user with mail = 'example@example.com'. This email will + // be used to testing if the system prevent from creating a new user with + // an existing email. + // Create a user, with sensitive case mail. + $this->existing_user = $this->drupalCreateUser(array()); + + $this->edited_user_account = $this->drupalCreateUser(array()); + // drupalCreateUser() set an empty 'init' value. Fix it. + $this->edited_user_account->init = $this->randomName() . '@example.com'; + user_save($this->edited_user_account); + // Make sure we are logged out. + } + + public function testUserPass() { + + $uid = $this->edited_user_account->uid; + + $data0 = array( + $uid => array( + 'mail' => $this->edited_user_account->mail, + 'init' => $this->edited_user_account->init, + ), + ); + $this->assertTrue($this->dbee_all_users_valid($data0), 'The user is encrypted and can be decrypted back'); + // Go to the lost password page. + $this->drupalGet('user/password'); + // Set the email sensitive case. + $edit1 = array( + 'name' => $data0[$uid]['mail'], + ); + $this->drupalPost('user/password', $edit1, t('E-mail new password')); + $this->assertText(t('Further instructions have been sent to your e-mail address.'), 'login link successfully sent for the sensitive case email'); + + $this->drupalGet('user/password'); + // Set the email to lowercase. + $edit2 = array( + 'name' => drupal_strtolower($data0[$uid]['mail']), + ); + $this->drupalPost('user/password', $edit2, t('E-mail new password')); + $this->assertText(t('Further instructions have been sent to your e-mail address.'), 'login link successfully sent for lowercase email'); + + $edit3 = array( + 'name' => $this->edited_user_account->name, + ); + $this->drupalPost('user/password', $edit3, t('E-mail new password')); + $this->assertText(t('Further instructions have been sent to your e-mail address.'), 'login link successfully sent for username'); + } +} + class DbeeCoreFunctionsTestCase extends DrupalWebTestCase { protected $user_save_user; protected $user_load_user;