Merge pull request #4 from rjwebdev/username-validator

Password may not contain username

src/Constraints/PasswordValidator.php

@@ -53,7 +53,7 @@ public function validate($value, Constraint $constraint)
                 ->addViolation();
         }
 
-        if (null !== $plainPasswordAccessor && $value->getUserName() === $stringValue) {
+        if (null !== $plainPasswordAccessor && false !== strpos($stringValue, $value->getUserName())) {
             $this->context
                 ->buildViolation($constraint->usernameMessage)
                 ->setInvalidValue($value)

tests/src/Constraints/PasswordValidatorTest.php

@@ -18,6 +18,17 @@ public function testNotEqualsUserName()
         $this->assertSame($passwordConstraint->usernameMessage, $this->context->getViolations()->get(0)->getMessageTemplate());
     }
 
+    public function testNotContainsUserName()
+    {
+        $user = new Symfony\Component\Security\Core\User\User('[email protected]', '[email protected]');
+        $passwordConstraint = new Password(['plainPasswordAccessor' => 'getPassword', 'plainPasswordProperty' => 'password']);
+
+        $this->validator->validate($user, $passwordConstraint);
+
+        $this->assertSame(1, $this->context->getViolations()->count());
+        $this->assertSame($passwordConstraint->usernameMessage, $this->context->getViolations()->get(0)->getMessageTemplate());
+    }
+
     public function testLength()
     {
         $user = new Symfony\Component\Security\Core\User\User('[email protected]', 'Foo1');