Skip to content
Snippets Groups Projects
Verified Commit d349f1d6 authored by Alex Pott's avatar Alex Pott
Browse files

Issue #3055807 by ptmkenny, murilohp, vladimir.krupin, smustgrave,... 

Issue #3055807 by ptmkenny, murilohp, vladimir.krupin, smustgrave, ankithashetty, yogeshmpawar, ravi.shankar, rensingh99, vikashsoni, axel80, alexpott: User created via /user/register?_format=json get blocked
parent 8e036a94
No related branches found
No related tags found
29 merge requests!12227Issue #3181946 by jonmcl, mglaman,!11131[10.4.x-only-DO-NOT-MERGE]: Issue ##2842525 Ajax attached to Views exposed filter form does not trigger callbacks,!9470[10.3.x-only-DO-NOT-MERGE]: #3331771 Fix file_get_contents(): Passing null to parameter,!8540Issue #3457061: Bootstrap Modal dialog Not closing after 10.3.0 Update,!8528Issue #3456871 by Tim Bozeman: Support NULL services,!8373Issue #3427374 by danflanagan8, Vighneshh: taxonomy_tid ViewsArgumentDefault...,!5423Draft: Resolve #3329907 "Test2",!3878Removed unused condition head title for views,!3818Issue #2140179: $entity->original gets stale between updates,!3742Issue #3328429: Create item list field formatter for displaying ordered and unordered lists,!3731Claro: role=button on status report items,!3651Issue #3347736: Create new SDC component for Olivero (header-search),!3531Issue #3336994: StringFormatter always displays links to entity even if the user in context does not have access,!3478Issue #3337882: Deleted menus are not removed from content type config,!3355Issue #3209129: Scrolling problems when adding a block via layout builder,!3154Fixes #2987987 - CSRF token validation broken on routes with optional parameters.,!3133core/modules/system/css/components/hidden.module.css,!2964Issue #2865710 : Dependencies from only one instance of a widget are used in display modes,!2812Issue #3312049: [Followup] Fix Drupal.Commenting.FunctionComment.MissingReturnType returns for NULL,!2378Issue #2875033: Optimize joins and table selection in SQL entity query implementation,!2062Issue #3246454: Add weekly granularity to views date sort,!1105Issue #3025039: New non translatable field on translatable content throws error,!1073issue #3191727: Focus states on mobile second level navigation items fixed,!10223132456: Fix issue where views instances are emptied before an ajax request is complete,!877Issue #2708101: Default value for link text is not saved,!617Issue #3043725: Provide a Entity Handler for user cancelation,!579Issue #2230909: Simple decimals fail to pass validation,!560Move callback classRemove outside of the loop,!555Issue #3202493
Pipeline #162256 canceled
Stage: 🏗️ Build
Stage: 🪄 Lint
Stage: 🗜️ Test
Pipeline: drupal

#162260

    Hide whitespace changes
    Inline Side-by-side
    core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php
    + 24
    23
    View file @ d349f1d6
    ......@@ -3,6 +3,7 @@
    namespace Drupal\user\Plugin\rest\resource;
    use Drupal\Core\Config\ImmutableConfig;
    use Drupal\Core\Password\PasswordGeneratorInterface;
    use Drupal\Core\Session\AccountInterface;
    use Drupal\Core\StringTranslation\TranslatableMarkup;
    use Drupal\rest\Attribute\RestResource;
    ......@@ -34,20 +35,6 @@ class UserRegistrationResource extends ResourceBase {
    use EntityResourceValidationTrait;
    use EntityResourceAccessTrait;
    /**
    * User settings config instance.
    *
    * @var \Drupal\Core\Config\ImmutableConfig
    */
    protected $userSettings;
    /**
    * The current user.
    *
    * @var \Drupal\Core\Session\AccountInterface
    */
    protected $currentUser;
    /**
    * Constructs a new UserRegistrationResource instance.
    *
    ......@@ -61,15 +48,24 @@ class UserRegistrationResource extends ResourceBase {
    * The available serialization formats.
    * @param \Psr\Log\LoggerInterface $logger
    * A logger instance.
    * @param \Drupal\Core\Config\ImmutableConfig $user_settings
    * @param \Drupal\Core\Config\ImmutableConfig $userSettings
    * A user settings config instance.
    * @param \Drupal\Core\Session\AccountInterface $current_user
    * @param \Drupal\Core\Session\AccountInterface $currentUser
    * The current user.
    * @param \Drupal\Core\Password\PasswordGeneratorInterface $passwordGenerator
    * The password generator.
    */
    public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger, ImmutableConfig $user_settings, AccountInterface $current_user) {
    public function __construct(
    array $configuration,
    $plugin_id,
    $plugin_definition,
    array $serializer_formats,
    LoggerInterface $logger,
    protected ImmutableConfig $userSettings,
    protected AccountInterface $currentUser,
    protected PasswordGeneratorInterface $passwordGenerator,
    ) {
    parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger);
    $this->userSettings = $user_settings;
    $this->currentUser = $current_user;
    }
    /**
    ......@@ -83,7 +79,8 @@ public static function create(ContainerInterface $container, array $configuratio
    $container->getParameter('serializer.formats'),
    $container->get('logger.factory')->get('rest'),
    $container->get('config.factory')->get('user.settings'),
    $container->get('current_user')
    $container->get('current_user'),
    $container->get('password_generator')
    );
    }
    ......@@ -102,15 +99,19 @@ public static function create(ContainerInterface $container, array $configuratio
    public function post(UserInterface $account = NULL) {
    $this->ensureAccountCanRegister($account);
    // Only activate new users if visitors are allowed to register and no email
    // verification required.
    if ($this->userSettings->get('register') == UserInterface::REGISTER_VISITORS && !$this->userSettings->get('verify_mail')) {
    // Only activate new users if visitors are allowed to register.
    if ($this->userSettings->get('register') == UserInterface::REGISTER_VISITORS) {
    $account->activate();
    }
    else {
    $account->block();
    }
    // Generate password if email verification required.
    if ($this->userSettings->get('verify_mail')) {
    $account->setPassword($this->passwordGenerator->generate());
    }
    $this->checkEditFieldAccess($account);
    // Make sure that the user entity is valid (email and name are valid).
    ......
    core/modules/user/tests/src/Functional/UserRegistrationRestTest.php
    + 3
    3
    View file @ d349f1d6
    ......@@ -103,8 +103,8 @@ public function testRegisterUser() {
    $config->save();
    $name = 'Jason.Taverner';
    $user = $this->registerUser($name, FALSE);
    $this->assertEmpty($user->getPassword());
    $this->assertTrue($user->isBlocked());
    $this->assertNotEmpty($user->getPassword());
    $this->assertFalse($user->isBlocked());
    $this->resetAll();
    $this->assertMailString('body', 'You may now log in by clicking this link', 1);
    ......@@ -128,7 +128,7 @@ public function testRegisterUser() {
    $name = 'PhilipK.Dick';
    $user = $this->registerUser($name, FALSE);
    $this->resetAll();
    $this->assertEmpty($user->getPassword());
    $this->assertNotEmpty($user->getPassword());
    $this->assertTrue($user->isBlocked());
    $this->assertMailString('body', 'Your application for an account is', 2);
    ......
    core/modules/user/tests/src/Unit/UserRegistrationResourceTest.php
    + 13
    3
    View file @ d349f1d6
    ......@@ -5,6 +5,7 @@
    namespace Drupal\Tests\user\Unit;
    use Drupal\Core\Config\ImmutableConfig;
    use Drupal\Core\Password\PasswordGeneratorInterface;
    use Drupal\Core\Session\AccountInterface;
    use Drupal\Tests\UnitTestCase;
    use Drupal\user\Entity\User;
    ......@@ -59,6 +60,13 @@ class UserRegistrationResourceTest extends UnitTestCase {
    */
    protected $currentUser;
    /**
    * The password generator.
    *
    * @var \Drupal\Core\Password\PasswordGeneratorInterface|\PHPUnit\Framework\MockObject\MockObject
    */
    protected $passwordGenerator;
    /**
    * {@inheritdoc}
    */
    ......@@ -71,7 +79,9 @@ protected function setUp(): void {
    $this->currentUser = $this->prophesize(AccountInterface::class);
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal());
    $this->passwordGenerator = $this->prophesize(PasswordGeneratorInterface::class)->reveal();
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal(), $this->passwordGenerator);
    $this->reflection = new \ReflectionClass($this->testClass);
    }
    ......@@ -103,7 +113,7 @@ public function testRegistrationAdminOnlyPost() {
    $this->currentUser->isAnonymous()->willReturn(TRUE);
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal());
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal(), $this->passwordGenerator);
    $entity = $this->prophesize(User::class);
    $entity->isNew()->willReturn(TRUE);
    ......@@ -119,7 +129,7 @@ public function testRegistrationAdminOnlyPost() {
    public function testRegistrationAnonymousOnlyPost() {
    $this->currentUser->isAnonymous()->willReturn(FALSE);
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal());
    $this->testClass = new UserRegistrationResource([], 'plugin_id', '', [], $this->logger, $this->userSettings->reveal(), $this->currentUser->reveal(), $this->passwordGenerator);
    $entity = $this->prophesize(User::class);
    $entity->isNew()->willReturn(TRUE);
    ......
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Please register or to comment