add $update_password event test

src/inc/woocommerce-actions.php

@@ -22,7 +22,7 @@ public static function hooks() {
 		add_action( 'wp_login', array( static::class, 'login_success' ), 100, 2 );
 		add_action( 'wp_login_failed', array( static::class, 'login_failure' ), 100, 2 );
 		add_action( 'user_register', array( static::class, 'create_account' ), 100 );
-		add_action( 'profile_update', array( static::class, 'update_account' ), 100 );
+		add_action( 'profile_update', array( static::class, 'update_account' ), 100, 3 );
 		add_action( 'wp_set_password', array( static::class, 'update_password' ), 100, 2 );
 		add_action( 'woocommerce_add_to_cart', array( static::class, 'add_to_cart' ), 100 );
 		add_action( 'woocommerce_remove_cart_item', array( static::class, 'remove_from_cart' ), 100, 2 );
@@ -175,13 +175,20 @@ public static function create_account( string $user_id ) {
 	 *
 	 * @link https://developers.sift.com/docs/curl/events-api/reserved-events/update-account
 	 *
-	 * @param string $user_id User's ID.
+	 * @param string   $user_id       User's ID.
+	 * @param \WP_User $old_user_data The old user data.
+	 * @param array    $new_user_data The new user data.
 	 *
 	 * @return void
 	 */
-	public static function update_account( string $user_id ) {
+	public static function update_account( string $user_id, ?\WP_User $old_user_data = null, ?array $new_user_data = null ) {
 		$user = get_user_by( 'id', $user_id );
 
+		// check if the password changed
+		if ( ! empty( $new_user_data['user_pass'] ) && $old_user_data->user_pass !== $new_user_data['user_pass'] ) {
+			self::update_password( '', $user_id );
+		}
+
 		self::add(
 			'$update_account',
 			array(

tests/UpdateAccountEventTest.php

@@ -59,4 +59,22 @@ public static function assertUpdateAccountEvent( $user_id ) {
 		);
 		static::assertGreaterThanOrEqual( 1, count( $events ), 'No $update_account event found' );
 	}
+
+
+	/**
+	 * Assert $update_account event is not triggered.
+	 *
+	 * @param integer $user_id User ID.
+	 *
+	 * @return void
+	 */
+	public static function assertNoUpdateAccountEvent( $user_id ) {
+		$events = static::filter_events(
+			[
+				'event'               => '$update_account',
+				'properties.$user_id' => $user_id,
+			]
+		);
+		static::assertEquals( 0, count( $events ), '$update_account event found' );
+	}
 }

tests/UpdatePasswordEventTest.php

@@ -0,0 +1,138 @@
+<?php
+/**
+ * Class UpdatePasswordEventTest
+ *
+ * @package Sift_Decisions
+ */
+
+require_once 'EventTest.php';
+
+// phpcs:disable Universal.Arrays.DisallowShortArraySyntax.Found, WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound
+
+use WPCOMSpecialProjects\SiftDecisions\WooCommerce_Actions\Events;
+
+/**
+ * Test case.
+ */
+class UpdatePasswordEventTest extends EventTest {
+	/**
+	 * Test that the $update_password event is triggered.
+	 *
+	 * @return void
+	 */
+	public function test_set_password() {
+		// Arrange
+		// - create a user
+		$user_id = $this->factory()->user->create();
+		$user    = get_user_by( 'ID', $user_id );
+
+		// Act
+		// - update the user
+		$password = wp_generate_password();
+		wp_set_password( $password, $user_id );
+
+		// Assert
+		UpdateAccountEventTest::assertNoUpdateAccountEvent( $user_id );
+		static::assertUpdatePasswordEvent( $user_id );
+
+		// Clean up
+		wp_delete_user( $user_id );
+	}
+
+	/**
+	 * Test that the $update_password event is triggered.
+	 *
+	 * @return void
+	 */
+	public function test_update_password_event() {
+		// Arrange
+		// - create a user
+		$user_id = $this->factory()->user->create();
+		$user    = get_user_by( 'ID', $user_id );
+
+		// Act
+		// - update the user
+		$password = wp_generate_password();
+		// wp_insert_user() will not hash the password on an update, so we'll use wp_update_user().
+		wp_update_user(
+			[
+				'ID'         => $user->ID,
+				'user_login' => $user->user_login,
+				'user_pass'  => $password,
+			]
+		);
+
+		// Assert
+		// Might as well 😆 (currently only testing wp_insert_user() so this adds another check).
+		UpdateAccountEventTest::assertUpdateAccountEvent( $user_id );
+		static::assertUpdatePasswordEvent( $user_id );
+
+		// Clean up
+		wp_delete_user( $user_id );
+	}
+
+	/**
+	 * Test that the $update_password event is NOT triggered.
+	 *
+	 * @return void
+	 */
+	public function test_no_update_password_event() {
+		// Arrange
+		// - create a user
+		$user_id = $this->factory()->user->create();
+		$user    = get_user_by( 'ID', $user_id );
+
+		// Act
+		// - update the user
+		$password = wp_generate_password();
+		// wp_insert_user() will not hash the password on an update, so we'll use wp_update_user().
+		wp_update_user(
+			[
+				'ID'         => $user->ID,
+				'user_login' => $user->user_login,
+			]
+		);
+
+		// Assert
+		// Might as well 😆 (currently only testing wp_insert_user() so this adds another check).
+		UpdateAccountEventTest::assertUpdateAccountEvent( $user_id );
+		static::assertNoUpdatePasswordEvent( $user_id );
+
+		// Clean up
+		wp_delete_user( $user_id );
+	}
+
+	/**
+	 * Assert $update_password event is triggered.
+	 *
+	 * @param integer $user_id User ID.
+	 *
+	 * @return void
+	 */
+	public static function assertUpdatePasswordEvent( $user_id ) {
+		$events = static::filter_events(
+			[
+				'event'               => '$update_password',
+				'properties.$user_id' => $user_id,
+			]
+		);
+		static::assertGreaterThanOrEqual( 1, count( $events ), 'No $update_password event found' );
+	}
+
+	/**
+	 * Assert $update_password event is triggered.
+	 *
+	 * @param integer $user_id User ID.
+	 *
+	 * @return void
+	 */
+	public static function assertNoUpdatePasswordEvent( $user_id ) {
+		$events = static::filter_events(
+			[
+				'event'               => '$update_password',
+				'properties.$user_id' => $user_id,
+			]
+		);
+		static::assertEquals( 0, count( $events ), '$update_password event found' );
+	}
+}