function UserPasswordResetTest::testUserPasswordResetWithAdditionalAjaxForm

Tests password reset functionality with an AJAX form.

Make sure the ajax request from uploading a user picture does not invalidate the reset token.

File

core/modules/user/tests/src/FunctionalJavascript/UserPasswordResetTest.php, line 77

Class

UserPasswordResetTest

Ensure that password reset methods work as expected.

Namespace

Code

public function testUserPasswordResetWithAdditionalAjaxForm() : void {
  $this->drupalGet(Url::fromRoute('user.reset.form', [
    'uid' => $this->account
      ->id(),
  ]));
  // Try to reset the password for an invalid account.
  $this->drupalGet('user/password');
  // Reset the password by username via the password reset page.
  $edit['name'] = $this->account
    ->getAccountName();
  $this->submitForm($edit, 'Submit');
  $resetURL = $this->getResetURL();
  $this->drupalGet($resetURL);
  // Login
  $this->submitForm([], 'Log in');
  // Generate file.
  $image_file = current($this->drupalGetTestFiles('image'));
  $image_path = \Drupal::service('file_system')->realpath($image_file->uri);
  // Upload file.
  $this->getSession()
    ->getPage()
    ->attachFileToField('Picture', $image_path);
  $this->assertSession()
    ->waitForButton('Remove');
  // Change the forgotten password.
  $password = \Drupal::service('password_generator')->generate();
  $edit = [
    'pass[pass1]' => $password,
    'pass[pass2]' => $password,
  ];
  $this->submitForm($edit, 'Save');
  // Verify that the password reset session has been destroyed.
  $this->submitForm($edit, 'Save');
  // Password needed to make profile changes.
  $this->assertSession()
    ->pageTextContains("Your current password is missing or incorrect; it's required to change the Password.");
}