Skip to content

Commit 98c2c13

Browse files
adamlundriganadamlundrigan
committed
Force the account ID value during update so it can't be changed
(and so it's also available in the field validators) Fixes #15
1 parent f234fff commit 98c2c13

File tree

2 files changed

+10
-3
lines changed

2 files changed

+10
-3
lines changed

src/LdcUserProfile/Controller/ProfileController.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,9 @@ public function indexAction()
4646

4747
$fm = $this->flashMessenger()->setNamespace('ldc-user-profile');
4848

49+
// Ensure that the user can't change the account ID during update
50+
$prg['zfcuser']['id'] = $this->zfcUserAuthentication()->getIdentity()->getId();
51+
4952
$form->setData($prg);
5053
if ( ! $form->isValid() ) {
5154
$fm->addErrorMessage('One or more of the values you provided is invalid.');

tests/LdcUserProfileTest/Controller/ProfileControllerTest.php

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ class ProfileControllerTest extends \PHPUnit_Framework_TestCase
2323
public function setUp()
2424
{
2525
$this->mockUserEntity = new \ZfcUser\Entity\User();
26+
$this->mockUserEntity->setId(42);
2627

2728
$this->mockUserService = \Mockery::mock('ZfcUser\Service\User');
2829

@@ -105,7 +106,8 @@ public function testControllerDispatchedWithValidFormDataWillCompleteAndRedirect
105106

106107
$req = $this->controller->getRequest();
107108
$req->setMethod(Request::METHOD_POST);
108-
$req->getPost()->set('foo', 'bar');
109+
$req->getPost()->set('foo', ['bar' => 'baz']);
110+
$req->getPost()->set('zfcuser', ['id' => 42]);
109111

110112
$postData = $req->getPost()->toArray();
111113
$mockResult = new \stdClass();
@@ -133,7 +135,8 @@ public function testControllerDispatchedWithInvalidFormDataWillRenderForm()
133135

134136
$req = $this->controller->getRequest();
135137
$req->setMethod(Request::METHOD_POST);
136-
$req->getPost()->set('foo', 'bar');
138+
$req->getPost()->set('foo', ['bar' => 'baz']);
139+
$req->getPost()->set('zfcuser', ['id' => 42]);
137140

138141
$postData = $req->getPost()->toArray();
139142
$mockResult = new \stdClass();
@@ -159,7 +162,8 @@ public function testControllerWillRenderFormWhenSaveCallFails()
159162

160163
$req = $this->controller->getRequest();
161164
$req->setMethod(Request::METHOD_POST);
162-
$req->getPost()->set('foo', 'bar');
165+
$req->getPost()->set('foo', ['bar' => 'baz']);
166+
$req->getPost()->set('zfcuser', ['id' => 42]);
163167

164168
$postData = $req->getPost()->toArray();
165169
$mockResult = new \stdClass();

0 commit comments

Comments
 (0)