You are here

public function UserAccountFormPasswordResetTest::testPasswordResetToken in Drupal 10

Same name and namespace in other branches
  1. 9 core/modules/user/tests/src/Kernel/UserAccountFormPasswordResetTest.php \Drupal\Tests\user\Kernel\UserAccountFormPasswordResetTest::testPasswordResetToken()

Tests the reset token used only from query string.

File

core/modules/user/tests/src/Kernel/UserAccountFormPasswordResetTest.php, line 53

Class

UserAccountFormPasswordResetTest
Verifies that the password reset behaves as expected with form elements.

Namespace

Drupal\Tests\user\Kernel

Code

public function testPasswordResetToken() {

  /** @var \Symfony\Component\HttpFoundation\Request $request */
  $request = $this->container
    ->get('request_stack')
    ->getCurrentRequest();

  // @todo: Replace with $request->getSession() as soon as the session is
  // present in KernelTestBase.
  // see: https://www.drupal.org/node/2484991
  $session = new Session();
  $request
    ->setSession($session);
  $token = 'VALID_TOKEN';
  $session
    ->set('pass_reset_1', $token);

  // Set token in query string.
  $request->query
    ->set('pass-reset-token', $token);
  $form = $this
    ->buildAccountForm('default');

  // User shouldn't see current password field.
  $this
    ->assertFalse($form['account']['current_pass']['#access']);
  $request->query
    ->set('pass-reset-token', NULL);
  $request->attributes
    ->set('pass-reset-token', $token);
  $form = $this
    ->buildAccountForm('default');
  $this
    ->assertTrue($form['account']['current_pass']['#access']);
}