Chris@17: <?php
Chris@17: 
Chris@17: namespace Drupal\Tests\user\Functional;
Chris@17: 
Chris@17: use Drupal\Component\Render\FormattableMarkup;
Chris@17: use Drupal\Core\Entity\Entity\EntityFormDisplay;
Chris@17: use Drupal\Core\Field\FieldStorageDefinitionInterface;
Chris@17: use Drupal\field\Entity\FieldConfig;
Chris@17: use Drupal\field\Entity\FieldStorageConfig;
Chris@17: use Drupal\Tests\BrowserTestBase;
Chris@18: use Drupal\user\UserInterface;
Chris@17: 
Chris@17: /**
Chris@17:  * Tests registration of user under different configurations.
Chris@17:  *
Chris@17:  * @group user
Chris@17:  */
Chris@17: class UserRegistrationTest extends BrowserTestBase {
Chris@17: 
Chris@17:   /**
Chris@17:    * Modules to enable.
Chris@17:    *
Chris@17:    * @var array
Chris@17:    */
Chris@17:   public static $modules = ['field_test'];
Chris@17: 
Chris@17:   public function testRegistrationWithEmailVerification() {
Chris@17:     $config = $this->config('user.settings');
Chris@17:     // Require email verification.
Chris@17:     $config->set('verify_mail', TRUE)->save();
Chris@17: 
Chris@17:     // Set registration to administrator only.
Chris@18:     $config->set('register', UserInterface::REGISTER_ADMINISTRATORS_ONLY)->save();
Chris@17:     $this->drupalGet('user/register');
Chris@17:     $this->assertResponse(403, 'Registration page is inaccessible when only administrators can create accounts.');
Chris@17: 
Chris@17:     // Allow registration by site visitors without administrator approval.
Chris@18:     $config->set('register', UserInterface::REGISTER_VISITORS)->save();
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertText(t('A welcome message with further instructions has been sent to your email address.'), 'User registered successfully.');
Chris@17: 
Chris@17:     /** @var EntityStorageInterface $storage */
Chris@17:     $storage = $this->container->get('entity_type.manager')->getStorage('user');
Chris@17:     $accounts = $storage->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $this->assertTrue($new_user->isActive(), 'New account is active after registration.');
Chris@17:     $resetURL = user_pass_reset_url($new_user);
Chris@17:     $this->drupalGet($resetURL);
Chris@17:     $this->assertTitle(t('Set password | Drupal'), 'Page title is "Set password".');
Chris@17: 
Chris@17:     // Allow registration by site visitors, but require administrator approval.
Chris@18:     $config->set('register', UserInterface::REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL)->save();
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->container->get('entity.manager')->getStorage('user')->resetCache();
Chris@17:     $accounts = $storage->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $this->assertFalse($new_user->isActive(), 'New account is blocked until approved by an administrator.');
Chris@17:   }
Chris@17: 
Chris@17:   public function testRegistrationWithoutEmailVerification() {
Chris@17:     $config = $this->config('user.settings');
Chris@17:     // Don't require email verification and allow registration by site visitors
Chris@17:     // without administrator approval.
Chris@17:     $config
Chris@17:       ->set('verify_mail', FALSE)
Chris@18:       ->set('register', UserInterface::REGISTER_VISITORS)
Chris@17:       ->save();
Chris@17: 
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17: 
Chris@17:     // Try entering a mismatching password.
Chris@17:     $edit['pass[pass1]'] = '99999.0';
Chris@17:     $edit['pass[pass2]'] = '99999';
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertText(t('The specified passwords do not match.'), 'Typing mismatched passwords displays an error message.');
Chris@17: 
Chris@17:     // Enter a correct password.
Chris@17:     $edit['pass[pass1]'] = $new_pass = $this->randomMachineName();
Chris@17:     $edit['pass[pass2]'] = $new_pass;
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->container->get('entity.manager')->getStorage('user')->resetCache();
Chris@17:     $accounts = $this->container->get('entity_type.manager')->getStorage('user')
Chris@17:       ->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $this->assertNotNull($new_user, 'New account successfully created with matching passwords.');
Chris@17:     $this->assertText(t('Registration successful. You are now logged in.'), 'Users are logged in after registering.');
Chris@17:     $this->drupalLogout();
Chris@17: 
Chris@17:     // Allow registration by site visitors, but require administrator approval.
Chris@18:     $config->set('register', UserInterface::REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL)->save();
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     $edit['pass[pass1]'] = $pass = $this->randomMachineName();
Chris@17:     $edit['pass[pass2]'] = $pass;
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertText(t('Thank you for applying for an account. Your account is currently pending approval by the site administrator.'), 'Users are notified of pending approval');
Chris@17: 
Chris@17:     // Try to log in before administrator approval.
Chris@17:     $auth = [
Chris@17:       'name' => $name,
Chris@17:       'pass' => $pass,
Chris@17:     ];
Chris@17:     $this->drupalPostForm('user/login', $auth, t('Log in'));
Chris@17:     $this->assertText(t('The username @name has not been activated or is blocked.', ['@name' => $name]), 'User cannot log in yet.');
Chris@17: 
Chris@17:     // Activate the new account.
Chris@17:     $accounts = $this->container->get('entity_type.manager')->getStorage('user')
Chris@17:       ->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $admin_user = $this->drupalCreateUser(['administer users']);
Chris@17:     $this->drupalLogin($admin_user);
Chris@17:     $edit = [
Chris@17:       'status' => 1,
Chris@17:     ];
Chris@17:     $this->drupalPostForm('user/' . $new_user->id() . '/edit', $edit, t('Save'));
Chris@17:     $this->drupalLogout();
Chris@17: 
Chris@17:     // Log in after administrator approval.
Chris@17:     $this->drupalPostForm('user/login', $auth, t('Log in'));
Chris@17:     $this->assertText(t('Member for'), 'User can log in after administrator approval.');
Chris@17:   }
Chris@17: 
Chris@17:   public function testRegistrationEmailDuplicates() {
Chris@17:     // Don't require email verification and allow registration by site visitors
Chris@17:     // without administrator approval.
Chris@17:     $this->config('user.settings')
Chris@17:       ->set('verify_mail', FALSE)
Chris@18:       ->set('register', UserInterface::REGISTER_VISITORS)
Chris@17:       ->save();
Chris@17: 
Chris@17:     // Set up a user to check for duplicates.
Chris@17:     $duplicate_user = $this->drupalCreateUser();
Chris@17: 
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $this->randomMachineName();
Chris@17:     $edit['mail'] = $duplicate_user->getEmail();
Chris@17: 
Chris@17:     // Attempt to create a new account using an existing email address.
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertText(t('The email address @email is already taken.', ['@email' => $duplicate_user->getEmail()]), 'Supplying an exact duplicate email address displays an error message');
Chris@17: 
Chris@17:     // Attempt to bypass duplicate email registration validation by adding spaces.
Chris@17:     $edit['mail'] = '   ' . $duplicate_user->getEmail() . '   ';
Chris@17: 
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertText(t('The email address @email is already taken.', ['@email' => $duplicate_user->getEmail()]), 'Supplying a duplicate email address with added whitespace displays an error message');
Chris@17:   }
Chris@17: 
Chris@17:   /**
Chris@17:    * Tests that UUID isn't cached in form state on register form.
Chris@17:    *
Chris@17:    * This is a regression test for https://www.drupal.org/node/2500527 to ensure
Chris@17:    * that the form is not cached on GET requests.
Chris@17:    */
Chris@17:   public function testUuidFormState() {
Chris@17:     \Drupal::service('module_installer')->install(['image']);
Chris@17:     \Drupal::service('router.builder')->rebuild();
Chris@17: 
Chris@17:     // Add a picture field in order to ensure that no form cache is written,
Chris@17:     // which breaks registration of more than 1 user every 6 hours.
Chris@17:     $field_storage = FieldStorageConfig::create([
Chris@17:       'field_name' => 'user_picture',
Chris@17:       'entity_type' => 'user',
Chris@17:       'type' => 'image',
Chris@17:     ]);
Chris@17:     $field_storage->save();
Chris@17: 
Chris@17:     $field = FieldConfig::create([
Chris@17:       'field_name' => 'user_picture',
Chris@17:       'entity_type' => 'user',
Chris@17:       'bundle' => 'user',
Chris@17:     ]);
Chris@17:     $field->save();
Chris@17: 
Chris@17:     $form_display = EntityFormDisplay::create([
Chris@17:       'targetEntityType' => 'user',
Chris@17:       'bundle' => 'user',
Chris@17:       'mode' => 'default',
Chris@17:       'status' => TRUE,
Chris@17:     ]);
Chris@17:     $form_display->setComponent('user_picture', [
Chris@17:       'type' => 'image_image',
Chris@17:     ]);
Chris@17:     $form_display->save();
Chris@17: 
Chris@17:     // Don't require email verification and allow registration by site visitors
Chris@17:     // without administrator approval.
Chris@17:     $this->config('user.settings')
Chris@17:       ->set('verify_mail', FALSE)
Chris@18:       ->set('register', UserInterface::REGISTER_VISITORS)
Chris@17:       ->save();
Chris@17: 
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $this->randomMachineName();
Chris@17:     $edit['mail'] = $edit['name'] . '@example.com';
Chris@17:     $edit['pass[pass2]'] = $edit['pass[pass1]'] = $this->randomMachineName();
Chris@17: 
Chris@17:     // Create one account.
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertResponse(200);
Chris@17: 
Chris@17:     $user_storage = \Drupal::entityManager()->getStorage('user');
Chris@17: 
Chris@17:     $this->assertTrue($user_storage->loadByProperties(['name' => $edit['name']]));
Chris@17:     $this->drupalLogout();
Chris@17: 
Chris@17:     // Create a second account.
Chris@17:     $edit['name'] = $this->randomMachineName();
Chris@17:     $edit['mail'] = $edit['name'] . '@example.com';
Chris@17:     $edit['pass[pass2]'] = $edit['pass[pass1]'] = $this->randomMachineName();
Chris@17: 
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertResponse(200);
Chris@17: 
Chris@17:     $this->assertTrue($user_storage->loadByProperties(['name' => $edit['name']]));
Chris@17:   }
Chris@17: 
Chris@17:   public function testRegistrationDefaultValues() {
Chris@17:     // Don't require email verification and allow registration by site visitors
Chris@17:     // without administrator approval.
Chris@17:     $config_user_settings = $this->config('user.settings')
Chris@17:       ->set('verify_mail', FALSE)
Chris@18:       ->set('register', UserInterface::REGISTER_VISITORS)
Chris@17:       ->save();
Chris@17: 
Chris@17:     // Set the default timezone to Brussels.
Chris@17:     $config_system_date = $this->config('system.date')
Chris@17:       ->set('timezone.user.configurable', 1)
Chris@17:       ->set('timezone.default', 'Europe/Brussels')
Chris@17:       ->save();
Chris@17: 
Chris@17:     // Check the presence of expected cache tags.
Chris@17:     $this->drupalGet('user/register');
Chris@17:     $this->assertCacheTag('config:user.settings');
Chris@17: 
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     $edit['pass[pass1]'] = $new_pass = $this->randomMachineName();
Chris@17:     $edit['pass[pass2]'] = $new_pass;
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Create new account'));
Chris@17: 
Chris@17:     // Check user fields.
Chris@17:     $accounts = $this->container->get('entity_type.manager')->getStorage('user')
Chris@17:       ->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@18:     $this->assertEqual($new_user->getAccountName(), $name, 'Username matches.');
Chris@17:     $this->assertEqual($new_user->getEmail(), $mail, 'Email address matches.');
Chris@17:     $this->assertTrue(($new_user->getCreatedTime() > REQUEST_TIME - 20), 'Correct creation time.');
Chris@18:     $this->assertEqual($new_user->isActive(), $config_user_settings->get('register') == UserInterface::REGISTER_VISITORS ? 1 : 0, 'Correct status field.');
Chris@17:     $this->assertEqual($new_user->getTimezone(), $config_system_date->get('timezone.default'), 'Correct time zone field.');
Chris@17:     $this->assertEqual($new_user->langcode->value, \Drupal::languageManager()->getDefaultLanguage()->getId(), 'Correct language field.');
Chris@17:     $this->assertEqual($new_user->preferred_langcode->value, \Drupal::languageManager()->getDefaultLanguage()->getId(), 'Correct preferred language field.');
Chris@17:     $this->assertEqual($new_user->init->value, $mail, 'Correct init field.');
Chris@17:   }
Chris@17: 
Chris@17:   /**
Chris@17:    * Tests username and email field constraints on user registration.
Chris@17:    *
Chris@17:    * @see \Drupal\user\Plugin\Validation\Constraint\UserNameUnique
Chris@17:    * @see \Drupal\user\Plugin\Validation\Constraint\UserMailUnique
Chris@17:    */
Chris@17:   public function testUniqueFields() {
Chris@17:     $account = $this->drupalCreateUser();
Chris@17: 
Chris@18:     $edit = ['mail' => 'test@example.com', 'name' => $account->getAccountName()];
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@18:     $this->assertRaw(new FormattableMarkup('The username %value is already taken.', ['%value' => $account->getAccountName()]));
Chris@17: 
Chris@17:     $edit = ['mail' => $account->getEmail(), 'name' => $this->randomString()];
Chris@17:     $this->drupalPostForm('user/register', $edit, t('Create new account'));
Chris@17:     $this->assertRaw(new FormattableMarkup('The email address %value is already taken.', ['%value' => $account->getEmail()]));
Chris@17:   }
Chris@17: 
Chris@17:   /**
Chris@17:    * Tests Field API fields on user registration forms.
Chris@17:    */
Chris@17:   public function testRegistrationWithUserFields() {
Chris@17:     // Create a field on 'user' entity type.
Chris@17:     $field_storage = FieldStorageConfig::create([
Chris@17:       'field_name' => 'test_user_field',
Chris@17:       'entity_type' => 'user',
Chris@17:       'type' => 'test_field',
Chris@17:       'cardinality' => 1,
Chris@17:     ]);
Chris@17:     $field_storage->save();
Chris@17:     $field = FieldConfig::create([
Chris@17:       'field_storage' => $field_storage,
Chris@17:       'label' => 'Some user field',
Chris@17:       'bundle' => 'user',
Chris@17:       'required' => TRUE,
Chris@17:     ]);
Chris@17:     $field->save();
Chris@17:     entity_get_form_display('user', 'user', 'default')
Chris@17:       ->setComponent('test_user_field', ['type' => 'test_field_widget'])
Chris@17:       ->save();
Chris@17:     entity_get_form_display('user', 'user', 'register')
Chris@17:       ->save();
Chris@17: 
Chris@17:     // Check that the field does not appear on the registration form.
Chris@17:     $this->drupalGet('user/register');
Chris@17:     $this->assertNoText($field->label(), 'The field does not appear on user registration form');
Chris@17:     $this->assertCacheTag('config:core.entity_form_display.user.user.register');
Chris@17:     $this->assertCacheTag('config:user.settings');
Chris@17: 
Chris@17:     // Have the field appear on the registration form.
Chris@17:     entity_get_form_display('user', 'user', 'register')
Chris@17:       ->setComponent('test_user_field', ['type' => 'test_field_widget'])
Chris@17:       ->save();
Chris@17: 
Chris@17:     $this->drupalGet('user/register');
Chris@17:     $this->assertText($field->label(), 'The field appears on user registration form');
Chris@17:     $this->assertRegistrationFormCacheTagsWithUserFields();
Chris@17: 
Chris@17:     // Check that validation errors are correctly reported.
Chris@17:     $edit = [];
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     // Missing input in required field.
Chris@17:     $edit['test_user_field[0][value]'] = '';
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Create new account'));
Chris@17:     $this->assertRegistrationFormCacheTagsWithUserFields();
Chris@17:     $this->assertRaw(t('@name field is required.', ['@name' => $field->label()]), 'Field validation error was correctly reported.');
Chris@17:     // Invalid input.
Chris@17:     $edit['test_user_field[0][value]'] = '-1';
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Create new account'));
Chris@17:     $this->assertRegistrationFormCacheTagsWithUserFields();
Chris@17:     $this->assertRaw(t('%name does not accept the value -1.', ['%name' => $field->label()]), 'Field validation error was correctly reported.');
Chris@17: 
Chris@17:     // Submit with valid data.
Chris@17:     $value = rand(1, 255);
Chris@17:     $edit['test_user_field[0][value]'] = $value;
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Create new account'));
Chris@17:     // Check user fields.
Chris@17:     $accounts = $this->container->get('entity_type.manager')->getStorage('user')
Chris@17:       ->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $this->assertEqual($new_user->test_user_field->value, $value, 'The field value was correctly saved.');
Chris@17: 
Chris@17:     // Check that the 'add more' button works.
Chris@17:     $field_storage->setCardinality(FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED);
Chris@17:     $field_storage->save();
Chris@17:     $this->drupalGet('user/register');
Chris@17:     $this->assertRegistrationFormCacheTagsWithUserFields();
Chris@17:     // Add two inputs.
Chris@17:     $value = rand(1, 255);
Chris@17:     $edit = [];
Chris@17:     $edit['test_user_field[0][value]'] = $value;
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Add another item'));
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Add another item'));
Chris@17:     // Submit with three values.
Chris@17:     $edit['test_user_field[1][value]'] = $value + 1;
Chris@17:     $edit['test_user_field[2][value]'] = $value + 2;
Chris@17:     $edit['name'] = $name = $this->randomMachineName();
Chris@17:     $edit['mail'] = $mail = $edit['name'] . '@example.com';
Chris@17:     $this->drupalPostForm(NULL, $edit, t('Create new account'));
Chris@17:     // Check user fields.
Chris@17:     $accounts = $this->container->get('entity_type.manager')->getStorage('user')
Chris@17:       ->loadByProperties(['name' => $name, 'mail' => $mail]);
Chris@17:     $new_user = reset($accounts);
Chris@17:     $this->assertEqual($new_user->test_user_field[0]->value, $value, 'The field value was correctly saved.');
Chris@17:     $this->assertEqual($new_user->test_user_field[1]->value, $value + 1, 'The field value was correctly saved.');
Chris@17:     $this->assertEqual($new_user->test_user_field[2]->value, $value + 2, 'The field value was correctly saved.');
Chris@17:   }
Chris@17: 
Chris@17:   /**
Chris@17:    * Asserts the presence of cache tags on registration form with user fields.
Chris@17:    */
Chris@17:   protected function assertRegistrationFormCacheTagsWithUserFields() {
Chris@17:     $this->assertCacheTag('config:core.entity_form_display.user.user.register');
Chris@17:     $this->assertCacheTag('config:field.field.user.user.test_user_field');
Chris@17:     $this->assertCacheTag('config:field.storage.user.test_user_field');
Chris@17:     $this->assertCacheTag('config:user.settings');
Chris@17:   }
Chris@17: 
Chris@17: }