repatched https://www.drupal.org/project/drupal/issues/1754162#comment-9737269

2020-03-27 14:23:44 +01:00 · 2020-03-27 14:23:44 +01:00 · 1e27fcca51
commit 1e27fcca51
parent ab5d43a397
3 changed files with 99 additions and 7 deletions
--- a/modules/user/user.module
+++ b/modules/user/user.module
@ -2359,14 +2359,26 @@ function user_external_login_register($name, $module) {
 *   following properties:
 *   - uid: The user ID number.
 *   - login: The UNIX timestamp of the user's last login.
+ * @param array $options
+ *   (optional) A keyed array of settings. Supported options are:
+ *   - langcode: A language code to be used when generating locale-sensitive
+ *    urls. If langcode is NULL the users preferred language is used.
 *
 * @return
 *   A unique URL that provides a one-time log in for the user, from which
 *   they can change their password.
 */
-function user_pass_reset_url($account) {
+function user_pass_reset_url($account, $options = array()) {
  $timestamp = REQUEST_TIME;
-  return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), array('absolute' => TRUE));
+  $url_options = array('absolute' => TRUE);
+  if (isset($options['langcode'])) {
+    $languages = language_list();
+    $url_options['language'] = $languages[$options['langcode']];
+  }
+  else {
+    $url_options['language'] = user_preferred_language($account);
+  }
+  return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), $url_options);
 }

 /**
@ -2378,6 +2390,10 @@ function user_pass_reset_url($account) {
 *   - uid: The user ID number.
 *   - pass: The hashed user password string.
 *   - login: The UNIX timestamp of the user's last login.
+ * @param array $options
+ *   (optional) A keyed array of settings. Supported options are:
+ *   - langcode: A language code to be used when generating locale-sensitive
+ *    urls. If langcode is NULL the users preferred language is used.
 *
 * @return
 *   A unique URL that may be used to confirm the cancellation of the user
@ -2386,9 +2402,17 @@ function user_pass_reset_url($account) {
 * @see user_mail_tokens()
 * @see user_cancel_confirm()
 */
-function user_cancel_url($account) {
+function user_cancel_url($account, $options = array()) {
  $timestamp = REQUEST_TIME;
-  return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), array('absolute' => TRUE));
+  $url_options = array('absolute' => TRUE);
+  if (isset($options['langcode'])) {
+    $languages = language_list();
+    $url_options['language'] = $languages[$options['langcode']];
+  }
+  else {
+    $url_options['language'] = user_preferred_language($account);
+  }
+  return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login, $account->uid), $url_options);
 }

 /**
@ -2878,7 +2902,7 @@ Your account on [site:name] has been canceled.
  if ($replace) {
    // We do not sanitize the token replacement, since the output of this
    // replacement is intended for an e-mail message, not a web browser.
-    return token_replace($text, $variables, array('language' => $language, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
+    return token_replace($text, $variables, array('language' => $language, 'langcode' => $langcode, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
  }

  return $text;
@ -2905,8 +2929,8 @@ Your account on [site:name] has been canceled.
 */
 function user_mail_tokens(&$replacements, $data, $options) {
  if (isset($data['user'])) {
-    $replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user']);
-    $replacements['[user:cancel-url]'] = user_cancel_url($data['user']);
+    $replacements['[user:one-time-login-url]'] = user_pass_reset_url($data['user'], $options);
+    $replacements['[user:cancel-url]'] = user_cancel_url($data['user'], $options);
  }
 }

--- a/modules/user/user.test
+++ b/modules/user/user.test
@ -2336,6 +2336,26 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
    );
  }

+  public function setUp() {
+    parent::setUp('locale');
+
+    $account = $this->drupalCreateUser(array('access administration pages', 'administer languages'));
+    $this->drupalLogin($account);
+
+    // Add language.
+    $edit = array('langcode' => 'de');
+    $this->drupalPost('admin/config/regional/language/add', $edit, t('Add language'));
+
+    // Enable URL language detection and selection.
+    $edit = array('language[enabled][locale-url]' => 1);
+    $this->drupalPost('admin/config/regional/language/configure', $edit, t('Save settings'));
+
+    // Reset static caching.
+    drupal_static_reset('language_list');
+    drupal_static_reset('locale_url_outbound_alter');
+    drupal_static_reset('locale_language_url_rewrite_url');
+  }
+
  /**
   * Creates a user, then tests the tokens generated from it.
   */
@ -2386,6 +2406,39 @@ class UserTokenReplaceTestCase extends DrupalWebTestCase {
      $output = token_replace($input, array('user' => $account), array('language' => $language, 'sanitize' => FALSE));
      $this->assertEqual($output, $expected, format_string('Unsanitized user token %token replaced.', array('%token' => $input)));
    }
+
+    $languages = language_list();
+
+    // Generate login and cancel link.
+    $tests = array();
+    $tests['[user:one-time-login-url]'] = user_pass_reset_url($account);
+    $tests['[user:cancel-url]'] = user_cancel_url($account);
+
+    // Generate tokens with interface language.
+    $link = url('user', array('absolute' => TRUE));
+    foreach ($tests as $input => $expected) {
+      $output = token_replace($input, array('user' => $account), array('langcode' => $language->language, 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
+      $this->assertTrue(strpos($output, $link) === 0, 'Generated URL is in interface language.');
+    }
+
+    // Generate tokens with the user's preferred language.
+    $edit['language'] = 'de';
+    $account = user_save($account, $edit);
+    $link = url('user', array('language' => $languages[$account->language], 'absolute' => TRUE));
+    foreach ($tests as $input => $expected) {
+      $output = token_replace($input, array('user' => $account), array('callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
+      $this->assertTrue(strpos($output, $link) === 0, "Generated URL is in the user's preferred language.");
+    }
+
+    // Generate tokens with one specific language.
+    $link = url('user', array('language' => $languages['de'], 'absolute' => TRUE));
+    foreach ($tests as $input => $expected) {
+      foreach (array($user1, $user2) as $account) {
+        $output = token_replace($input, array('user' => $account), array('langcode' => 'de', 'callback' => 'user_mail_tokens', 'sanitize' => FALSE, 'clear' => TRUE));
+        $this->assertTrue(strpos($output, $link) === 0, "Generated URL in in the requested language.");
+      }
+    }
+
  }
 }

--- a/modules/user/user.test.orig
+++ b/modules/user/user.test.orig
@ -321,6 +321,10 @@ class UserLoginTestCase extends DrupalWebTestCase {
    );
  }

+  function setUp() {
+    parent::setUp('user_session_test');
+  }
+
  /**
   * Test the global login flood control.
   */
@ -421,6 +425,17 @@ class UserLoginTestCase extends DrupalWebTestCase {
    $this->assertIdentical(_password_get_count_log2($account->pass), DRUPAL_HASH_COUNT + 1);
  }

+  /**
+   * Test logging in when an anon session already exists.
+   */
+  function testLoginWithAnonSession() {
+    // Visit the callback to generate a session for this anon user.
+    $this->drupalGet('user_session_test_anon_session');
+    // Now login.
+    $account = $this->drupalCreateUser(array());
+    $this->drupalLogin($account);
+  }
+
  /**
   * Make an unsuccessful login attempt.
   *