Inheritance diagram for SecurityManagerTest:

Public Member Functions
	setUp ()

	testPerformSecurityCheck ()

	testPerformSecurityCheckLimitNumber ()

	testPerformSecurityCheckLimitTime ()

Protected Member Functions
	tearDown ()

	getPasswordResetRequestEventCollection ()

Protected Attributes
	$securityManager

	$accountManagement

	$objectManager

	$passwordResetRequestEvent

Detailed Description

Definition at line 12 of file SecurityManagerTest.php.

Member Function Documentation

◆ getPasswordResetRequestEventCollection()

getPasswordResetRequestEventCollection ( )

protected

Get PasswordResetRequestEvent collection

Returns: \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection

Definition at line 92 of file SecurityManagerTest.php.

     {
         $collection = $this->passwordResetRequestEvent->getResourceCollection();
         $collection->load();
 
         return $collection;
     }

◆ setUp()

setUp ( )

Set up

Definition at line 37 of file SecurityManagerTest.php.

     {
         $this->objectManager = Bootstrap::getObjectManager();
         $this->accountManagement = $this->objectManager->create(
             \Magento\Customer\Api\AccountManagementInterface::class
         );
         $this->securityManager = $this->objectManager->create(\Magento\Security\Model\SecurityManager::class);
         $this->passwordResetRequestEvent = $this->objectManager
             ->get(\Magento\Security\Model\PasswordResetRequestEvent::class);
     }

◆ tearDown()

tearDown ( )

protected

Tear down

Definition at line 51 of file SecurityManagerTest.php.

     {
         $this->objectManager = null;
         $this->accountManagement  = null;
         $this->securityManager  = null;
         parent::tearDown();
     }

◆ testPerformSecurityCheck()

testPerformSecurityCheck ( )

Test for performSecurityCheck() method

@magentoConfigFixture current_store customer/password/limit_password_reset_requests_method 0 @magentoDbIsolation enabled

Definition at line 65 of file SecurityManagerTest.php.

     {
         $collection = $this->getPasswordResetRequestEventCollection();
         $sizeBefore = $collection->getSize();
 
         $requestType = \Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST;
         $longIp = 127001;
         $accountReference = '[email protected]';
         $this->assertInstanceOf(
             \Magento\Security\Model\SecurityManager::class,
             $this->securityManager->performSecurityCheck(
                 $requestType,
                 $accountReference,
                 $longIp
             )
         );
 
         $collection = $this->getPasswordResetRequestEventCollection();
         $sizeAfter = $collection->getSize();
         $this->assertEquals(1, $sizeAfter - $sizeBefore);
     }

◆ testPerformSecurityCheckLimitNumber()

testPerformSecurityCheckLimitNumber ( )

Test for performSecurityCheck() method when number of password reset events is exceeded

@magentoConfigFixture current_store customer/password/limit_password_reset_requests_method 1 @magentoConfigFixture current_store customer/password/max_number_password_reset_requests 1 @magentoConfigFixture current_store customer/password/min_time_between_password_reset_requests 0 @magentoConfigFixture current_store contact/email/recipient_email hi@ex.nosp@m.ampl.nosp@m.e.com @expectedException \Magento\Framework\Exception\SecurityViolationException @magentoDbIsolation enabled

Definition at line 110 of file SecurityManagerTest.php.

     {
         $attempts = 2;
         $requestType = \Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST;
         $longIp = 127001;
         $accountReference = '[email protected]';
 
         try {
             for ($i = 0; $i < $attempts; $i++) {
                 $this->securityManager->performSecurityCheck($requestType, $accountReference, $longIp);
             }
         } catch (\Magento\Framework\Exception\SecurityViolationException $e) {
             $this->assertEquals(1, $i);
             throw new \Magento\Framework\Exception\SecurityViolationException(
                 __($e->getMessage())
             );
         }
 
         $this->expectExceptionMessage(
             'We received too many requests for password resets. '
             . 'Please wait and try again later or contact [email protected].'
         );
     }

◆ testPerformSecurityCheckLimitTime()

testPerformSecurityCheckLimitTime ( )

Test for performSecurityCheck() method when time between password reset events is exceeded

@magentoConfigFixture current_store customer/password/limit_password_reset_requests_method 1 @magentoConfigFixture current_store customer/password/max_number_password_reset_requests 0 @magentoConfigFixture current_store customer/password/min_time_between_password_reset_requests 1 @magentoConfigFixture current_store contact/email/recipient_email hi@ex.nosp@m.ampl.nosp@m.e.com @expectedException \Magento\Framework\Exception\SecurityViolationException @magentoDbIsolation enabled

Definition at line 144 of file SecurityManagerTest.php.

     {
         $attempts = 2;
         $requestType = \Magento\Security\Model\PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST;
         $longIp = 127001;
         $accountReference = '[email protected]';
 
         try {
             for ($i = 0; $i < $attempts; $i++) {
                 $this->securityManager->performSecurityCheck($requestType, $accountReference, $longIp);
             }
         } catch (\Magento\Framework\Exception\SecurityViolationException $e) {
             $this->assertEquals(1, $i);
             throw new \Magento\Framework\Exception\SecurityViolationException(
                 __($e->getMessage())
             );
         }
 
         $this->fail('Something went wrong. Please check method execution logic.');
 
         $this->expectExceptionMessage(
             'We received too many requests for password resets. '
             . 'Please wait and try again later or contact [email protected].'
         );
     }

Field Documentation

◆ $accountManagement

$accountManagement

protected

Definition at line 22 of file SecurityManagerTest.php.

◆ $objectManager

$objectManager

protected

Definition at line 27 of file SecurityManagerTest.php.

◆ $passwordResetRequestEvent

$passwordResetRequestEvent

protected

Definition at line 32 of file SecurityManagerTest.php.

◆ $securityManager

$securityManager

protected

Definition at line 17 of file SecurityManagerTest.php.

The documentation for this class was generated from the following file:

vendor/magento/magento2-base/dev/tests/integration/testsuite/Magento/Security/Model/SecurityManagerTest.php

Public Member Functions

Protected Member Functions

Protected Attributes

Detailed Description

Member Function Documentation

◆ getPasswordResetRequestEventCollection()

◆ setUp()

◆ tearDown()

◆ testPerformSecurityCheck()

◆ testPerformSecurityCheckLimitNumber()

◆ testPerformSecurityCheckLimitTime()

Field Documentation

◆ $accountManagement

◆ $objectManager

◆ $passwordResetRequestEvent

◆ $securityManager