function UserPasswordResetTest::testUserPasswordResetWithAdditionalAjaxForm

Tests password reset functionality with an AJAX form.

Make sure the ajax request from uploading a user picture does not invalidate the reset token.

File

core/modules/user/tests/src/FunctionalJavascript/UserPasswordResetTest.php, line 77

Class

UserPasswordResetTest

Ensure that password reset methods work as expected.

Namespace

Code

public function testUserPasswordResetWithAdditionalAjaxForm() : void {
    $this->drupalGet(Url::fromRoute('user.reset.form', [
        'uid' => $this->account
            ->id(),
    ]));
    // Try to reset the password for an invalid account.
    $this->drupalGet('user/password');
    // Reset the password by username via the password reset page.
    $edit['name'] = $this->account
        ->getAccountName();
    $this->submitForm($edit, 'Submit');
    $resetURL = $this->getResetURL();
    $this->drupalGet($resetURL);
    // Login
    $this->submitForm([], 'Log in');
    // Generate file.
    $image_file = current($this->drupalGetTestFiles('image'));
    $image_path = \Drupal::service('file_system')->realpath($image_file->uri);
    // Upload file.
    $this->getSession()
        ->getPage()
        ->attachFileToField('Picture', $image_path);
    $this->assertSession()
        ->waitForButton('Remove');
    // Change the forgotten password.
    $password = \Drupal::service('password_generator')->generate();
    $edit = [
        'pass[pass1]' => $password,
        'pass[pass2]' => $password,
    ];
    $this->submitForm($edit, 'Save');
    // Verify that the password reset session has been destroyed.
    $this->submitForm($edit, 'Save');
    // Password needed to make profile changes.
    $this->assertSession()
        ->pageTextContains("Your current password is missing or incorrect; it's required to change the Password.");
}