PR feedback on tests

auth0 · Nov 14, 2018 · 64d6852 · 64d6852
1 parent 4e04f99
commit 64d6852
Show file tree

Hide file tree

Showing 2 changed files with 97 additions and 57 deletions.
diff --git a/lib/profile/WP_Auth0_Profile_Change_Password.php b/lib/profile/WP_Auth0_Profile_Change_Password.php
@@ -34,8 +34,14 @@ public function __construct( WP_Auth0_Api_Change_Password $api_change_password )
  * @codeCoverageIgnore - Tested in TestProfileChangePassword::testInitHooks()
  */
  public function init() {
+
+ // Used during profile update in wp-admin.
  add_action( 'user_profile_update_errors', array( $this, 'validate_new_password' ), 10, 2 );
+
+ // Used during password reset on wp-login.php
  add_action( 'validate_password_reset', array( $this, 'validate_new_password' ), 10, 2 );
+
+ // Used during WooCommerce edit account save.
  add_action( 'woocommerce_save_account_details_errors', array( $this, 'validate_new_password' ), 10, 2 );
  }
 
@@ -44,8 +50,8 @@ public function init() {
  * Hooked to: user_profile_update_errors, validate_password_reset
  * IMPORTANT: Internal callback use only, do not call this function directly!
  *
- * @param WP_Error $errors - WP_Error object to use if validation fails.
- * @param boolean|WP_User $user - Boolean update or WP_User instance, depending on action.
+ * @param WP_Error  $errors - WP_Error object to use if validation fails.
+ * @param boolean|stdClass $user - Boolean update or WP_User instance, depending on action.
  *
  * @return boolean
  */

diff --git a/tests/testProfileChangePassword.php b/tests/testProfileChangePassword.php
@@ -89,54 +89,103 @@ public function testInitHooks() {
  }
 
  /**
- * Test that empty password fields will skip password update.
+ * Test that password update succeeds when run in the user_profile_update_errors hook.
  */
- public function testThatEmptyPasswordFieldSkipsUpdate() {
- $user_id = $this->createUser()->ID;
- $errors = new WP_Error();
-
- $mock_api_test_password = $this->getStub( true );
- $change_password = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
+ public function testSuccessfulPasswordChangeDuringProfileUpdate() {
+ $user_id = $this->createUser()->ID;
+ $errors = new WP_Error();
+ $password = uniqid();
 
- $_POST['pass1'] = uniqid();
+ // Core WP profile update fields.
+ $_POST['pass1'] = $password;
+ $_POST['pass2'] = $password;
  $_POST['user_id'] = $user_id;
- $this->storeAuth0Data( $user_id );
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
 
- // Test core WP password field.
- unset( $_POST['pass1'] );
- $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
+ // API call mocked to succeed.
+ $change_password = $this->getStub( true );
 
- $_POST['password_1'] = uniqid();
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
+ // Store userinfo for a DB strategy user.
+ $this->storeAuth0Data( $user_id, 'auth0' );
 
- // Test WooCommerce password field.
- unset( $_POST['password_1'] );
- $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
+ $this->assertTrue( $change_password->validate_new_password( $errors, true ) );
+ $this->assertEquals( $password, $_POST['pass1'] );
+ $this->assertEquals( $password, $_POST['pass2'] );
+ $this->assertEmpty( $errors->get_error_messages() );
  }
 
  /**
- * Test that empty user data will skip the password update.
+ * Test that password update succeeds when run in the validate_password_reset hook.
  */
- public function testThatMissingUserDataSkipsUpdate() {
- $user_obj = $this->createUser();
- $user_id = $user_obj->ID;
+ public function testSuccessfulPasswordChangeDuringPasswordReset() {
+ $password = uniqid();
+ $user = $this->createUser();
  $errors = new WP_Error();
 
- $mock_api_test_password = $this->getStub( true );
- $change_password  = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
+ // API call mocked to succeed.
+ $change_password = $this->getStub( true );
 
- $_POST['pass1'] = uniqid();
+ // Core WP form fields sent for password update.
+ $_POST['pass1'] = $password;
+ $_POST['pass2'] = $password;
+
+ // Store userinfo for a DB strategy user.
+ $this->storeAuth0Data( $user->ID, 'auth0' );
+
+ $this->assertTrue( $change_password->validate_new_password( $errors, $user ) );
+ $this->assertEquals( $password, $_POST['pass1'] );
+ $this->assertEquals( $password, $_POST['pass2'] );
+ $this->assertEmpty( $errors->get_error_messages() );
+ }
+
+ /**
+ * Test that password update succeeds when run in the woocommerce_save_account_details_errors hook.
+ */
+ public function testSuccessfulPasswordChangeDuringWooAccountEdit() {
+ $user = $this->createUser();
+ $errors = new WP_Error();
+
+ // API call mocked to succeed.
+ $change_password = $this->getStub( true );
+
+ // WooCommerce form fields sent for password update.
+ $_POST['password_1'] = uniqid();
+
+ // Store userinfo for a DB strategy user.
+ $this->storeAuth0Data( $user->ID, 'auth0' );
+
+ $this->assertTrue( $change_password->validate_new_password( $errors, $user ) );
+ $this->assertEmpty( $errors->get_error_messages() );
+ }
+
+ /**
+ * Test that empty password fields will skip password update.
+ */
+ public function testThatEmptyPasswordFieldSkipsUpdate() {
+ $user_id = $this->createUser()->ID;
+ $errors = new WP_Error();
+
+ // Provide everything except a password field.
+ $change_password = $this->getStub( true );
  $_POST['user_id'] = $user_id;
  $this->storeAuth0Data( $user_id );
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
 
- // Test core WP profile update screen field.
- unset( $_POST['user_id'] );
  $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
+ $this->assertEmpty( $errors->get_error_messages() );
+ }
+
+ /**
+ * Test that the password update is skipped if no user record is provided.
+ */
+ public function testThatMissingUserRecordSkipsUpdate() {
+ $user_id = $this->createUser()->ID;
+ $errors = new WP_Error();
 
- // Test user object.
- $this->assertTrue( $change_password->validate_new_password( $errors, $user_obj ) );
+ // Provide everything except a user record.
+ $change_password = $this->getStub( true );
+ $_POST['pass1'] = uniqid();
+ $this->storeAuth0Data( $user_id );
+
+ $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
  }
 
  /**
@@ -146,16 +195,11 @@ public function testThatNonAuth0UserSkipsUpdate() {
  $user_id = $this->createUser()->ID;
  $errors = new WP_Error();
 
- $mock_api_test_password = $this->getStub( true );
- $change_password = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
-
+ // Provide everything except Auth0 userinfo.
+ $change_password = $this->getStub( true );
  $_POST['pass1'] = uniqid();
  $_POST['user_id'] = $user_id;
- $this->storeAuth0Data( $user_id );
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
 
- // Test that an unlinked user will not be updated.
- self::$users_repo->delete_auth0_object( $user_id );
  $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
  }
 
@@ -166,16 +210,12 @@ public function testThatNonDbStrategySkipsUpdate() {
  $user_id = $this->createUser()->ID;
  $errors = new WP_Error();
 
- $mock_api_test_password = $this->getStub( true );
- $change_password = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
-
+ // Provide everything except Auth0 userinfo for a DB user.
+ $change_password = $this->getStub( true );
  $_POST['pass1'] = uniqid();
  $_POST['user_id'] = $user_id;
- $this->storeAuth0Data( $user_id );
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
-
- // Test that a linked, non-DB user will not be updated.
  $this->storeAuth0Data( $user_id, 'not-a-db-strategy' );
+
  $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
  }
 
@@ -186,20 +226,14 @@ public function testThatApiFailureSetsErrorsUnsetsPassword() {
  $user_id = $this->createUser()->ID;
  $errors = new WP_Error();
 
- // API call mocked to succeed.
- $mock_api_test_password = $this->getStub( true );
- $change_password = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
+ // API call mocked to fail.
+ $change_password = $this->getStub( false );
 
- // Confirm that data is set to succeed.
+ // Setup correct user data.
  $_POST['pass1'] = uniqid();
  $_POST['pass2'] = $_POST['pass1'];
  $_POST['user_id'] = $user_id;
  $this->storeAuth0Data( $user_id );
- $this->assertTrue( $change_password->validate_new_password( $errors, false ) );
-
- // API call mocked to fail.
- $mock_api_test_password = $this->getStub( false );
- $change_password = new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
 
  $this->assertFalse( $change_password->validate_new_password( $errors, false ) );
  $this->assertEquals( 'Password could not be updated.', $errors->errors['auth0_password'][0] );
@@ -213,7 +247,7 @@ public function testThatApiFailureSetsErrorsUnsetsPassword() {
  *
  * @param boolean $success - True for the API call to succeed, false for it to fail.
  *
- * @return \PHPUnit\Framework\MockObject\MockObject
+ * @return WP_Auth0_Profile_Change_Password
  */
  public function getStub( $success ) {
  $mock_api_test_password = $this
@@ -222,6 +256,6 @@ public function getStub( $success ) {
  ->setConstructorArgs( [ self::$options, self::$api_client_creds ] )
  ->getMock();
  $mock_api_test_password->method( 'call' )->willReturn( $success );
- return $mock_api_test_password;
+ return new WP_Auth0_Profile_Change_Password( $mock_api_test_password );
  }
 }