FIX Ensure we can set titles in the child password fields (#11926)

GuySartorelli · web-flow · commit cf94f1b8430a · 2025-12-02T10:52:15.000+13:00
diff --git a/src/Forms/ConfirmedPasswordField.php b/src/Forms/ConfirmedPasswordField.php
@@ -397,6 +397,9 @@ public function setChildrenTitles($titles)
         $expectedChildren = $this->getRequireExistingPassword() ? 3 : 2;
         if (is_array($titles) && count($titles ?? []) === $expectedChildren) {
             foreach ($this->getChildren() as $field) {
+                if ($field instanceof DatalessField) {
+                    continue;
+                }
                 if (isset($titles[0])) {
                     $field->setTitle($titles[0]);
 
@@ -496,11 +499,11 @@ public function validate(): ValidationResult
         }
         $this->beforeExtending('updateValidate', function (ValidationResult $result) {
             $name = $this->name;
-    
+
             $this->getPasswordField()->setValue($this->value);
             $this->getConfirmPasswordField()->setValue($this->confirmValue);
             $value = $this->getPasswordField()->getValue();
-    
+
             // both password-fields should be the same
             if ($value != $this->getConfirmPasswordField()->getValue()) {
                 $result->addFieldError(
@@ -510,7 +513,7 @@ public function validate(): ValidationResult
                 );
                 return;
             }
-    
+
             if (!$this->canBeEmpty) {
                 // both password-fields shouldn't be empty
                 if (!$value || !$this->getConfirmPasswordField()->getValue()) {
@@ -522,7 +525,7 @@ public function validate(): ValidationResult
                     return;
                 }
             }
-    
+
             // lengths
             $minLength = $this->getMinLength();
             $maxLength = $this->getMaxLength();
@@ -561,7 +564,7 @@ public function validate(): ValidationResult
                     return;
                 }
             }
-    
+
             if ($this->getRequireStrongPassword()) {
                 $strongEnough = ConstraintValidator::validate(
                     $value,
@@ -579,7 +582,7 @@ public function validate(): ValidationResult
                     return;
                 }
             }
-    
+
             // Check if current password is valid
             if (!empty($value) && $this->getRequireExistingPassword()) {
                 if (!$this->currentPasswordValue) {
@@ -593,7 +596,7 @@ public function validate(): ValidationResult
                     );
                     return;
                 }
-    
+
                 // Check this password is valid for the current user
                 $member = Security::getCurrentUser();
                 if (!$member) {
@@ -607,7 +610,7 @@ public function validate(): ValidationResult
                     );
                     return;
                 }
-    
+
                 // With a valid user and password, check the password is correct
                 $authenticators = Security::singleton()->getApplicableAuthenticators(Authenticator::CHECK_PASSWORD);
                 foreach ($authenticators as $authenticator) {
diff --git a/tests/php/Forms/ConfirmedPasswordFieldTest.php b/tests/php/Forms/ConfirmedPasswordFieldTest.php
@@ -326,19 +326,38 @@ public function testSetRightTitlePropagatesToChildren()
         }
     }
 
-    public function testSetChildrenTitles()
+    public static function provideSetChildrenTitles(): array
+    {
+        return [
+            [true],
+            [false],
+        ];
+    }
+
+    #[DataProvider('provideSetChildrenTitles')]
+    public function testSetChildrenTitles(bool $requireExistingPassword)
     {
         $field = new ConfirmedPasswordField('Test');
-        $field->setRequireExistingPassword(true);
-        $field->setChildrenTitles([
-            'Current Password',
-            'Password',
-            'Confirm Password',
-        ]);
+        $field->setRequireExistingPassword($requireExistingPassword);
+        $setValues = [
+            'New Password field',
+            'Confirm Password field',
+        ];
+
+        if ($requireExistingPassword) {
+            array_unshift($setValues, 'Original Password field');
+        }
+
+        $field->setChildrenTitles($setValues);
 
-        $this->assertSame('Current Password', $field->getChildren()->shift()->Title());
-        $this->assertSame('Password', $field->getChildren()->shift()->Title());
-        $this->assertSame('Confirm Password', $field->getChildren()->shift()->Title());
+        $children = $field->getChildren();
+        $children->removeByName('Test[_PasswordStrength]');
+
+        if ($requireExistingPassword) {
+            $this->assertSame('Original Password field', $children->shift()->Title());
+        }
+        $this->assertSame('New Password field', $children->shift()->Title());
+        $this->assertSame('Confirm Password field', $children->shift()->Title());
     }
 
     public function testPerformReadonlyTransformation()
@@ -604,7 +623,7 @@ public function testStrength(
         $expectedContentType = $expectedBody ? 'application/json' : $defaultContentType;
         $this->assertSame($expectedContentType, $response->getHeader('Content-Type'));
     }
-    
+
     public static function provideDataAttributes(): array
     {
         return [
