bugfix(user) fix unnecessary sending password changing email (#1549)

Author: rprzedzik

CHANGELOG.md

@@ -1,5 +1,9 @@
 
 ## CHANGELOG FOR 1.0.x
+#### 1.0.4
+- bugfix [#1548](https://github.com/ergonode/backend/issues/1548) Plain text password in CreateUserEvent (rprzedzik)
+- bugfix [#1545](https://github.com/ergonode/backend/issues/1545) Unnecessary sending of password changing e-mail (rprzedzik)
+
 #### 1.0.3
 - bugfix [#1526](https://github.com/ergonode/backend/issues/1526) Opened gesdinet/jwt-refresh-token-bundle dependency (piotrkreft)
 - bugfix [#1522](https://github.com/ergonode/backend/issues/1522) Remove ramsey/uuid-doctrine composer relation (wfajczyk)

module/account/migrations/Version20210728123000.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * Copyright © Ergonode Sp. z o.o. All rights reserved.
+ * See LICENSE.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Ergonode\Migration;
+
+use Doctrine\DBAL\Schema\Schema;
+use Ergonode\Account\Domain\Event\User\UserPasswordChangedEvent;
+use Doctrine\DBAL\FetchMode;
+
+class Version20210728123000 extends AbstractErgonodeMigration
+{
+    public function up(Schema $schema): void
+    {
+        $eventId = $this->connection->executeQuery(
+            'SELECT id FROM event_store_event WHERE event_class = :class',
+            [
+                'class' => UserPasswordChangedEvent::class,
+            ]
+        )->fetch(FetchMode::COLUMN);
+
+        $aggregates = $this->connection->executeQuery(
+            'SELECT aggregate_id, payload->\'password\' as password 
+                 FROM event_store WHERE event_id = :id AND sequence = 2',
+            [
+                'id' => $eventId,
+            ]
+        )->fetchAll();
+
+        foreach ($aggregates as $aggregate) {
+            $this->addSql(
+                'UPDATE event_store SET payload = jsonb_set(payload, \'{password}\',:password::JSONB) 
+                     WHERE aggregate_id = :id and sequence = 1',
+                [
+                    'password' => $aggregate['password'],
+                    'id' => $aggregate['aggregate_id'],
+                ]
+            );
+        }
+    }
+}

module/account/src/Infrastructure/Handler/CreateUserCommandHandler.php

@@ -15,6 +15,7 @@
 use Ergonode\Account\Infrastructure\Encoder\UserPasswordEncoderInterface;
 use Ergonode\Core\Domain\Query\LanguageQueryInterface;
 use Ergonode\Core\Domain\ValueObject\LanguagePrivileges;
+use Ergonode\Account\Domain\ValueObject\Password;
 
 class CreateUserCommandHandler
 {
@@ -44,21 +45,26 @@ public function __invoke(CreateUserCommand $command): void
         foreach ($activeLanguages as $activeLanguage) {
             $languagePrivilegesCollection[$activeLanguage->getCode()] = new LanguagePrivileges(true, true);
         }
-        $user = new User(
+
+        $plainPasswordUser = $this->createUser($command, $command->getPassword(), $languagePrivilegesCollection);
+        $encodedPassword = $this->userPasswordEncoder->encode($plainPasswordUser, $command->getPassword());
+        $user = $this->createUser($command, $encodedPassword, $languagePrivilegesCollection);
+
+        $this->repository->save($user);
+    }
+
+    private function createUser(CreateUserCommand $command, Password $password, array $languagePrivilege): User
+    {
+        return new User(
             $command->getId(),
             $command->getFirstName(),
             $command->getLastName(),
             $command->getEmail(),
             $command->getLanguage(),
-            $command->getPassword(),
+            $password,
             $command->getRoleId(),
-            $languagePrivilegesCollection,
+            $languagePrivilege,
             $command->isActive()
         );
-
-        $encodedPassword = $this->userPasswordEncoder->encode($user, $command->getPassword());
-        $user->changePassword($encodedPassword);
-
-        $this->repository->save($user);
     }
 }