From 3c608fd284e485f81f45f0a27563bc6e7b663937 Mon Sep 17 00:00:00 2001
From: lfolco <me@laurafolco.com>
Date: Fri, 21 Jun 2019 12:34:39 -0400
Subject: [PATCH] move changes out of user and into security
 (magento/magento2#22833: Short-termadmin accounts)

---
 .../User/Cron/DisableExpiredUsersTest.php     | 77 -------------------
 .../Magento/User/_files/expired_users.php     | 55 -------------
 2 files changed, 132 deletions(-)
 delete mode 100644 dev/tests/integration/testsuite/Magento/User/Cron/DisableExpiredUsersTest.php
 delete mode 100644 dev/tests/integration/testsuite/Magento/User/_files/expired_users.php

diff --git a/dev/tests/integration/testsuite/Magento/User/Cron/DisableExpiredUsersTest.php b/dev/tests/integration/testsuite/Magento/User/Cron/DisableExpiredUsersTest.php
deleted file mode 100644
index c532dc1aa9c94..0000000000000
--- a/dev/tests/integration/testsuite/Magento/User/Cron/DisableExpiredUsersTest.php
+++ /dev/null
@@ -1,77 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-
-namespace Magento\User\Cron;
-
-use Magento\TestFramework\Helper\Bootstrap;
-
-/**
- * TODO: test logging out sessions
- * @magentoAppArea adminhtml
- */
-class DisableExpiredUsersTest extends \PHPUnit\Framework\TestCase
-{
-
-    /**
-     * @magentoDataFixture Magento/User/_files/expired_users.php
-     */
-    public function testExecuteWithExpiredUser()
-    {
-        $adminUserNameFromFixture = 'adminUser3';
-
-        $tokenService = Bootstrap::getObjectManager()->get(\Magento\Integration\Api\AdminTokenServiceInterface::class);
-        $tokenService->createAdminAccessToken(
-            $adminUserNameFromFixture,
-            \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD
-        );
-
-        /** @var \Magento\User\Cron\DisableExpiredUsers $job */
-        $job = Bootstrap::getObjectManager()->create(\Magento\User\Cron\DisableExpiredUsers::class);
-        $job->execute();
-
-        /** @var \Magento\User\Model\User $user */
-        $user = Bootstrap::getObjectManager()->create(\Magento\User\Model\User::class);
-        $user->loadByUsername($adminUserNameFromFixture);
-
-        /** @var \Magento\Integration\Model\Oauth\Token $tokenModel */
-        $tokenModel = Bootstrap::getObjectManager()->get(\Magento\Integration\Model\Oauth\Token::class);
-        $token = $tokenModel->loadByAdminId($user->getId());
-
-        static::assertEquals(0, $user->getIsActive());
-        static::assertNull($user->getExpiresAt());
-        static::assertEquals(null, $token->getId());
-    }
-
-    /**
-     * @magentoDataFixture Magento/User/_files/expired_users.php
-     */
-    public function testExecuteWithNonExpiredUser()
-    {
-        $adminUserNameFromFixture = 'adminUser4';
-
-        $tokenService = Bootstrap::getObjectManager()->get(\Magento\Integration\Api\AdminTokenServiceInterface::class);
-        $tokenService->createAdminAccessToken(
-            $adminUserNameFromFixture,
-            \Magento\TestFramework\Bootstrap::ADMIN_PASSWORD
-        );
-
-        /** @var \Magento\User\Cron\DisableExpiredUsers $job */
-        $job = Bootstrap::getObjectManager()->create(\Magento\User\Cron\DisableExpiredUsers::class);
-        $job->execute();
-
-        /** @var \Magento\User\Model\User $user */
-        $user = Bootstrap::getObjectManager()->create(\Magento\User\Model\User::class);
-        $user->loadByUsername($adminUserNameFromFixture);
-
-        /** @var \Magento\Integration\Model\Oauth\Token $tokenModel */
-        $tokenModel = Bootstrap::getObjectManager()->get(\Magento\Integration\Model\Oauth\Token::class);
-        $token = $tokenModel->loadByAdminId($user->getId());
-
-        static::assertEquals(1, $user->getIsActive());
-        static::assertNotNull($user->getExpiresAt());
-        static::assertNotNull($token->getId());
-    }
-}
diff --git a/dev/tests/integration/testsuite/Magento/User/_files/expired_users.php b/dev/tests/integration/testsuite/Magento/User/_files/expired_users.php
deleted file mode 100644
index c35a4ac66b9cc..0000000000000
--- a/dev/tests/integration/testsuite/Magento/User/_files/expired_users.php
+++ /dev/null
@@ -1,55 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-
-$objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager();
-
-/**
- * Create an admin user with expired access date
- */
-$userIds = [];
-
-/** @var $model \Magento\User\Model\User */
-$model = $objectManager->create(\Magento\User\Model\User::class);
-$model->setFirstName("John")
-    ->setLastName("Doe")
-    ->setUserName('adminUser3')
-    ->setPassword(\Magento\TestFramework\Bootstrap::ADMIN_PASSWORD)
-    ->setEmail('adminUser3@example.com')
-    ->setRoleType('G')
-    ->setResourceId('Magento_Adminhtml::all')
-    ->setPrivileges("")
-    ->setAssertId(0)
-    ->setRoleId(1)
-    ->setPermission('allow');
-$model->save();
-$userIds[] = $model->getDataByKey('user_id');
-
-/** @var $model \Magento\User\Model\User */
-$futureDate = new \DateTime();
-$futureDate->modify('+10 days');
-$model = $objectManager->create(\Magento\User\Model\User::class);
-$model->setFirstName("John")
-    ->setLastName("Doe")
-    ->setUserName('adminUser4')
-    ->setPassword(\Magento\TestFramework\Bootstrap::ADMIN_PASSWORD)
-    ->setEmail('adminUser4@example.com')
-    ->setExpiresAt($futureDate->format('Y-m-d H:i:s'))
-    ->setRoleType('G')
-    ->setResourceId('Magento_Adminhtml::all')
-    ->setPrivileges("")
-    ->setAssertId(0)
-    ->setRoleId(1)
-    ->setPermission('allow');
-$model->save();
-$userIds[] = $model->getDataByKey('user_id');
-
-// need to bypass model validation to set expired date
-$resource = $objectManager->get(\Magento\Framework\App\ResourceConnection::class);
-$conn = $resource->getConnection(\Magento\Framework\App\ResourceConnection::DEFAULT_CONNECTION);
-$tableName = $resource->getTableName('admin_user');
-$sql = "UPDATE " . $tableName . " SET expires_at = '2010-01-01 00:00:00' WHERE user_id=" .
-    $userIds[0] . ";";
-$result = $conn->query($sql);