Merge pull request #2134 from spryker/bugfix/2133-LIVE09-Bruteforcing…

…-user-names-in-Zed 2133: LIVE09 Bruteforcing of user name is fixed.
spryker · Jun 8, 2016 · fcd79e8 · fcd79e8
2 parents 14d2881 + f362f77
commit fcd79e8
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 8 deletions.
diff --git a/src/Spryker/Zed/Customer/Business/Customer/Customer.php b/src/Spryker/Zed/Customer/Business/Customer/Customer.php
@@ -259,7 +259,6 @@ public function confirmRegistration(CustomerTransfer $customerTransfer)
     /**
      * @param \Generated\Shared\Transfer\CustomerTransfer $customerTransfer
      *
-     * @throws \Spryker\Zed\Customer\Business\Exception\CustomerNotFoundException
      * @throws \Propel\Runtime\Exception\PropelException
      *
      * @return \Generated\Shared\Transfer\CustomerResponseTransfer
@@ -271,13 +270,6 @@ public function sendPasswordRestoreMail(CustomerTransfer $customerTransfer)
         try {
             $customerEntity = $this->getCustomer($customerTransfer);
         } catch (CustomerNotFoundException $e) {
-            $customerError = new CustomerErrorTransfer();
-            $customerError->setMessage(Messages::CUSTOMER_EMAIL_INVALID);
-
-            $customerResponseTransfer
-                ->setIsSuccess(false)
-                ->addError($customerError);
-
             return $customerResponseTransfer;
         }
 

diff --git a/tests/Functional/Spryker/Zed/Customer/Business/CustomerFacadeTest.php b/tests/Functional/Spryker/Zed/Customer/Business/CustomerFacadeTest.php
@@ -26,6 +26,7 @@ class CustomerFacadeTest extends Test
 {
 
     const TESTER_EMAIL = 'tester@spryker.com';
+    const TESTER_NON_EXISTING_EMAIL = 'nonexisting@spryker.com';
     const TESTER_PASSWORD = 'tester';
     const TESTER_NAME = 'Tester';
     const TESTER_CITY = 'Testcity';
@@ -245,6 +246,18 @@ public function testRestorePassword()
         $this->assertTrue($customerResponseTransfer->getIsSuccess());
     }
 
+    /**
+     * @return void
+     */
+    public function testRestorePasswordNonExistent()
+    {
+        $customerTransfer = new CustomerTransfer();
+        $customerTransfer->setEmail(self::TESTER_NON_EXISTING_EMAIL);
+
+        $customerResponseTransfer = $this->customerFacade->sendPasswordRestoreMail($customerTransfer);
+        $this->assertTrue($customerResponseTransfer->getIsSuccess());
+    }
+
     /**
      * @return void
      */