diff --git a/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLength.php b/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLength.php index 14b3fdf..1180cfe 100644 --- a/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLength.php +++ b/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLength.php @@ -10,11 +10,7 @@ use Symfony\Component\Validator\Constraint; /** - * Checks if the user's email address is provided if required. - * - * The user mail field is NOT required if account originally had no mail set - * and the user performing the edit has 'administer users' permission. - * This allows users without email address to be edited and deleted. + * Checks if the user's password meets minimum password length requirements. * * @Plugin( * id = "UserPasswordLength", @@ -24,7 +20,7 @@ class UserPasswordLength extends Constraint { /** - * Violation message. Use the same message as FormValidator. + * Violation message. * * @var string */ diff --git a/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLengthValidator.php b/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLengthValidator.php index c71e265..08170a3 100644 --- a/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLengthValidator.php +++ b/core/modules/user/src/Plugin/Validation/Constraint/UserPasswordLengthValidator.php @@ -20,11 +20,19 @@ class UserPasswordLengthValidator extends ConstraintValidator implements ContainerInjectionInterface { /** - * @var \Symfony\Component\Validator\ExecutionContextInterface + * The user-settings config object. + * + * @var \Drupal\Core\Config\Config */ protected $config; - function __construct(ConfigFactoryInterface $config_factory) { + /** + * Creates a new UserPasswordLengthValidator object. + * + * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory + * The config factory service. + */ + public function __construct(ConfigFactoryInterface $config_factory) { $this->config = $config_factory->get('user.settings'); } @@ -32,8 +40,13 @@ function __construct(ConfigFactoryInterface $config_factory) { * {@inheritdoc} */ public function validate($items, Constraint $constraint) { - - /** @var \Drupal\Core\Field\FieldItemListInterface $items */ + if (!$items) { + // If no entity is present, we cannot validate. + // @todo Remove once we can access the raw password on user-edits when + // https://www.drupal.org/node/2418119 is resolved. + return; + } + /* @var \Drupal\Core\Field\FieldItemListInterface $items */ $password = $items->value; $entity = $items->getEntity(); // @todo Revisit user edit password validation when blocker @@ -52,6 +65,6 @@ public function validate($items, Constraint $constraint) { * {@inheritdoc} */ public static function create(ContainerInterface $container) { - return new static (null, $container->get('config.factory')); + return new static($container->get('config.factory')); } } diff --git a/core/modules/user/src/Tests/UserValidationTest.php b/core/modules/user/src/Tests/UserValidationTest.php index acc64b7..814bc5e 100644 --- a/core/modules/user/src/Tests/UserValidationTest.php +++ b/core/modules/user/src/Tests/UserValidationTest.php @@ -188,6 +188,34 @@ function testValidation() { $this->assertEqual(count($violations), 1); $this->assertEqual($violations[0]->getPropertyPath(), 'roles.1'); $this->assertEqual($violations[0]->getMessage(), t('The referenced entity (%entity_type: %name) does not exist.', array('%entity_type' => 'user_role', '%name' => 'unknown_role'))); + + // Test minimium password length validation. + // Default minimum length is 6 characters. + $passwords = [ + // More than 6 characters. + 'valid_pw' => TRUE, + // Less than 6 characters. + 'wrong' => FALSE, + // Check UTF-8 validation: less than 6 characters, but more than 6 bytes. + 'þòøÇß' => FALSE, + ]; + foreach ($passwords as $password => $valid) { + // Test cardinality of user roles. + $user = entity_create('user', array( + 'name' => 'role_test', + 'mail' => 'test@example.com', + 'pass' => $password, + )); + $violations = $user->validate(); + if ($valid) { + $this->assertEqual(count($violations), 0); + } + else { + $this->assertEqual(count($violations), 1); + $this->assertEqual($violations[0]->getPropertyPath(), 'pass'); + $this->assertEqual($violations[0]->getMessage(), t('Password must be at least @minimum_password_length characters long.', ['@minimum_password_length' => 6])); + } + } } /**