OXDEV-9078 Move unnecessary viewconfig methods logic to controller

Sieg · Sieg · commit 63a7bc5243c8 · 2026-04-13T19:01:27.000+03:00
Signed-off-by: Anton Fedurtsya &lt;anton@fedurtsya.com&gt;
diff --git a/src/Authentication/TwoFactorAuth/Controller/TwoFactorAuthController.php b/src/Authentication/TwoFactorAuth/Controller/TwoFactorAuthController.php
@@ -39,6 +39,22 @@ public function __construct(
         parent::__construct();
     }
 
+    public function render(): string
+    {
+        parent::render();
+
+        $isResendable = $this->twoFAService instanceof TwoFAResendableInterface;
+        $this->addTplParam('resendable', $isResendable);
+
+        if ($isResendable) {
+            $userId = $this->twoFAUserService->getPendingUserId();
+            $this->addTplParam('remainingAttempts', $this->twoFAService->getRemainingAttempts($userId));
+            $this->addTplParam('resendCooldownRemaining', $this->twoFAService->getCooldownRemaining($userId));
+        }
+
+        return $this->_sThisTemplate;
+    }
+
     public function handleOTP(): ?string
     {
         $userId = $this->twoFAUserService->getPendingUserId();
diff --git a/src/Shared/Core/ViewConfig.php b/src/Shared/Core/ViewConfig.php
@@ -9,11 +9,6 @@
 
 namespace OxidEsales\SecurityModule\Shared\Core;
 
-use OxidEsales\SecurityModule\Authentication\OAuth2\Service\ProviderCollectorInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAResendableInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAUserServiceInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAUserSettingsServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Settings\TwoFAShopSettingsInterface;
 use OxidEsales\SecurityModule\Captcha\Captcha\Image\Service\ImageCaptchaService;
 use OxidEsales\SecurityModule\Captcha\Service\CaptchaServiceInterface;
@@ -57,30 +52,6 @@ public function getImage(): string
         return 'data:image/jpeg;base64,' . base64_encode($images[ImageCaptchaService::CAPTCHA_NAME]);
     }
 
-    // todo-critical: move to controller
-    public function getRemainingAttempts(): int
-    {
-        $twoFAService = $this->getService(TwoFAServiceInterface::class);
-        if (!$twoFAService instanceof TwoFAResendableInterface) {
-            return 0;
-        }
-
-        $userId = $this->getService(TwoFAUserServiceInterface::class)->getPendingUserId();
-        return $twoFAService->getRemainingAttempts($userId);
-    }
-
-    // todo-critical: move to controller
-    public function getResendCooldownRemaining(): int
-    {
-        $twoFAService = $this->getService(TwoFAServiceInterface::class);
-        if (!$twoFAService instanceof TwoFAResendableInterface) {
-            return 0;
-        }
-
-        $userId = $this->getService(TwoFAUserServiceInterface::class)->getPendingUserId();
-        return $twoFAService->getCooldownRemaining($userId);
-    }
-
     // todo-high: questionable if we want this method here at all, its just for one template - controller instead?
     public function isTwoFAEnabledForShop(): bool
     {
diff --git a/tests/Integration/Authentication/TwoFactorAuth/Controller/TwoFactorAuthControllerTest.php b/tests/Integration/Authentication/TwoFactorAuth/Controller/TwoFactorAuthControllerTest.php
@@ -0,0 +1,79 @@
+<?php
+
+/**
+ * Copyright © OXID eSales AG. All rights reserved.
+ * See LICENSE file for license details.
+ */
+
+declare(strict_types=1);
+
+namespace OxidEsales\SecurityModule\Tests\Integration\Authentication\TwoFactorAuth\Controller;
+
+use OxidEsales\Eshop\Core\UtilsView;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Controller\TwoFactorAuthController;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAResendableInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAUserServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Transput\AuthCodeRequestInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Transput\JsonResponseInterface;
+use OxidEsales\SecurityModule\Tests\Integration\IntegrationTestCase;
+use PHPUnit\Framework\Attributes\Test;
+use PHPUnit\Framework\MockObject\Generator\MockClass;
+use PHPUnit\Framework\MockObject\MockObject;
+
+class TwoFactorAuthControllerTest extends IntegrationTestCase
+{
+    #[Test]
+    public function renderSetsResendableFalseWhenServiceIsNotResendable(): void
+    {
+        $sut = $this->getSut(
+            twoFAService: $this->createStub(TwoFAServiceInterface::class),
+        );
+        $sut->render();
+
+        $this->assertFalse($sut->getViewDataElement('resendable'));
+    }
+
+    #[Test]
+    public function renderSetsResendableTrueAndParamsFromServiceWhenResendable(): void
+    {
+        $userId = uniqid();
+
+        $twoFAUserServiceStub = $this->createStub(TwoFAUserServiceInterface::class);
+        $twoFAUserServiceStub->method('getPendingUserId')->willReturn($userId);
+
+        /** @var TwoFAServiceInterface&TwoFAResendableInterface&MockObject $twoFAServiceStub */
+        $twoFAServiceStub = $this->createMockForIntersectionOfInterfaces([
+            TwoFAServiceInterface::class,
+            TwoFAResendableInterface::class,
+        ]);
+        $twoFAServiceStub->method('getRemainingAttempts')->with($userId)->willReturn($remaining = random_int(1, 5));
+        $twoFAServiceStub->method('getCooldownRemaining')->with($userId)->willReturn($cooldown = random_int(0, 30));
+
+        $sut = $this->getSut(
+            twoFAService: $twoFAServiceStub,
+            twoFAUserService: $twoFAUserServiceStub,
+        );
+        $sut->render();
+
+        $this->assertTrue($sut->getViewDataElement('resendable'));
+        $this->assertSame($remaining, $sut->getViewDataElement('remainingAttempts'));
+        $this->assertSame($cooldown, $sut->getViewDataElement('resendCooldownRemaining'));
+    }
+
+    private function getSut(
+        TwoFAServiceInterface $twoFAService = null,
+        TwoFAUserServiceInterface $twoFAUserService = null,
+        AuthCodeRequestInterface $authCodeRequest = null,
+        UtilsView $utilsView = null,
+        JsonResponseInterface $jsonResponse = null,
+    ): TwoFactorAuthController {
+        return new TwoFactorAuthController(
+            twoFAService: $twoFAService ?? $this->createStub(TwoFAServiceInterface::class),
+            twoFAUserService: $twoFAUserService ?? $this->createStub(TwoFAUserServiceInterface::class),
+            authCodeRequest: $authCodeRequest ?? $this->createStub(AuthCodeRequestInterface::class),
+            utilsView: $utilsView ?? $this->createStub(UtilsView::class),
+            jsonResponse: $jsonResponse ?? $this->createStub(JsonResponseInterface::class),
+        );
+    }
+}
diff --git a/views/twig/templates/two_factor_auth.html.twig b/views/twig/templates/two_factor_auth.html.twig
@@ -35,24 +35,26 @@
                                         <label for="auth_code" class="req">{{ translate({ ident: "OE_SECURITY_ENTER_CODE" }) }}</label>
                                     </div>
 
-                                    <div class="mb-3 d-flex justify-content-between align-items-center">
-                                        <small class="text-muted">
-                                            {{ translate({ ident: "OE_SECURITY_REMAINING_ATTEMPTS" }) }}:
-                                            <strong id="remaining-attempts">{{ oViewConf.getRemainingAttempts() }}</strong>
-                                        </small>
-                                        <button
-                                            id="resend-btn"
-                                            class="btn btn-link btn-sm px-0"
-                                            type="button"
-                                            data-cooldown="60"
-                                            data-cooldown-remaining="{{ oViewConf.getResendCooldownRemaining() }}"
-                                            data-url="{{ seo_url({ ident: oViewConf.getSelfLink()|cat("cl=twofactorauth&fnc=resendCode") }) }}"
-                                            data-text-default="{{ translate({ ident: "RESEND_CODE" }) }}"
-                                            data-text-sending="{{ translate({ ident: "RESEND_CODE_SENDING" }) }}"
-                                            data-text-error="{{ translate({ ident: "RESEND_CODE_ERROR" }) }}"
-                                            data-text-countdown="{{ translate({ ident: "RESEND_CODE_COUNTDOWN" }) }}"
-                                        >{{ translate({ ident: "RESEND_CODE" }) }}</button>
-                                    </div>
+                                    {% if resendable %}
+                                        <div class="mb-3 d-flex justify-content-between align-items-center">
+                                            <small class="text-muted">
+                                                {{ translate({ ident: "OE_SECURITY_REMAINING_ATTEMPTS" }) }}:
+                                                <strong id="remaining-attempts">{{ remainingAttempts }}</strong>
+                                            </small>
+                                            <button
+                                                id="resend-btn"
+                                                class="btn btn-link btn-sm px-0"
+                                                type="button"
+                                                data-cooldown="60"
+                                                data-cooldown-remaining="{{ resendCooldownRemaining }}"
+                                                data-url="{{ seo_url({ ident: oViewConf.getSelfLink()|cat("cl=twofactorauth&fnc=resendCode") }) }}"
+                                                data-text-default="{{ translate({ ident: "RESEND_CODE" }) }}"
+                                                data-text-sending="{{ translate({ ident: "RESEND_CODE_SENDING" }) }}"
+                                                data-text-error="{{ translate({ ident: "RESEND_CODE_ERROR" }) }}"
+                                                data-text-countdown="{{ translate({ ident: "RESEND_CODE_COUNTDOWN" }) }}"
+                                            >{{ translate({ ident: "RESEND_CODE" }) }}</button>
+                                        </div>
+                                    {% endif %}
 
                                     <p id="resend-hint" class="small text-muted" aria-live="polite"></p>
 
