<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Security\Test\Unit\Model\SecurityChecker;
use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
use Magento\Security\Model\ConfigInterface;
use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection;
use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory;
/**
* Test class for \Magento\Security\Model\SecurityChecker\Quantity testing
*/
class QuantityTest extends \PHPUnit\Framework\TestCase
{
/**
* @var \Magento\Security\Model\SecurityChecker\Quantity
*/
protected $model;
/**
* @var ConfigInterface | \PHPUnit_Framework_MockObject_MockObject
*/
protected $securityConfigMock;
/**
* @var CollectionFactory | \PHPUnit_Framework_MockObject_MockObject
*/
protected $collectionFactoryMock;
/**
* @var Collection | \PHPUnit_Framework_MockObject_MockObject
*/
protected $collectionMock;
/**
* @var \Magento\Framework\TestFramework\Unit\Helper\ObjectManager
*/
protected $objectManager;
/*
* @var RemoteAddress
*/
protected $remoteAddressMock;
/**
* Init mocks for tests
* @return void
*/
public function setUp()
{
$this->objectManager = new ObjectManager($this);
$this->securityConfigMock = $this->getMockBuilder(\Magento\Security\Model\ConfigInterface::class)
->disableOriginalConstructor()
->setMethods(['getScopeByEventType'])
->getMockForAbstractClass();
$this->securityConfigMock->expects($this->any())
->method('getScopeByEventType')
->willReturnMap(
[
[0, 1],
[1, 0]
]
);
$this->collectionFactoryMock = $this->createPartialMock(
\Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory::class,
['create']
);
$this->collectionMock = $this->createPartialMock(
\Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection::class,
['addFieldToFilter', 'filterByLifetime', 'count']
);
$this->remoteAddressMock = $this->getMockBuilder(RemoteAddress::class)
->disableOriginalConstructor()
->getMock();
$this->model = $this->objectManager->getObject(
\Magento\Security\Model\SecurityChecker\Quantity::class,
[
'securityConfig' => $this->securityConfigMock,
'collectionFactory' => $this->collectionFactoryMock,
'remoteAddress' => $this->remoteAddressMock
]
);
}
/**
* @param int $securityEventType
* @param int $requestsMethod
* @dataProvider dataProviderSecurityEventTypeWithRequestsMethod
*/
public function testCheck($securityEventType, $requestsMethod)
{
$limitNumberPasswordResetRequests = 10;
$this->prepareTestCheck($requestsMethod, $limitNumberPasswordResetRequests);
$this->collectionMock->expects($this->once())
->method('count')
->willReturn($limitNumberPasswordResetRequests - 1);
$this->model->check($securityEventType);
}
/**
* @param int $securityEventType
* @param int $requestsMethod
* @dataProvider dataProviderSecurityEventTypeWithRequestsMethod
* @expectedException \Magento\Framework\Exception\SecurityViolationException
*/
public function testCheckException($securityEventType, $requestsMethod)
{
$limitNumberPasswordResetRequests = 10;
$this->prepareTestCheck($requestsMethod, $limitNumberPasswordResetRequests);
$this->collectionMock->expects($this->once())
->method('count')
->willReturn($limitNumberPasswordResetRequests);
$this->model->check($securityEventType);
$this->expectExceptionMessage(
'We received too many requests for password resets. '
. 'Please wait and try again later or contact test@host.com.'
);
}
/**
* @return array
*/
public function dataProviderSecurityEventTypeWithRequestsMethod()
{
return [
[
\Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_IP_AND_EMAIL
],
[
\Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_IP
],
[
\Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_EMAIL
],
[
\Magento\Security\Model\PasswordResetRequestEvent::ADMIN_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_IP_AND_EMAIL
],
[
\Magento\Security\Model\PasswordResetRequestEvent::ADMIN_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_IP
],
[
\Magento\Security\Model\PasswordResetRequestEvent::ADMIN_PASSWORD_RESET_REQUEST,
\Magento\Security\Model\Config\Source\ResetMethod::OPTION_BY_EMAIL
]
];
}
/**
* @param int $requestsMethod
* @param int $limitNumberPasswordResetRequests
*/
protected function prepareTestCheck($requestsMethod, $limitNumberPasswordResetRequests)
{
$this->remoteAddressMock->expects($this->any())
->method('getRemoteAddress')
->will($this->returnValue(12345));
$this->securityConfigMock->expects($this->any())
->method('getPasswordResetProtectionType')
->will($this->returnValue($requestsMethod));
$this->securityConfigMock->expects($this->once())
->method('getMaxNumberPasswordResetRequests')
->will($this->returnValue($limitNumberPasswordResetRequests));
$this->securityConfigMock->expects($this->any())
->method('getCustomerServiceEmail')
->will($this->returnValue('test@host.com'));
$this->collectionFactoryMock->expects($this->once())
->method('create')
->willReturn($this->collectionMock);
$this->collectionMock->expects($this->any())
->method('addFieldToFilter')
->willReturnSelf();
$this->collectionMock->expects($this->once())
->method('filterByLifetime')
->willReturnSelf();
}
}