Add unsubscribe token to new subscribers and newsletters

lib/Models/Newsletter.php

@@ -373,6 +373,7 @@ class Newsletter extends Model {
     unset($newsletter_data['id']);
 
     // merge data with newsletter data (allows override)
+    $data['unsubscribe_token'] = Security::generateUnsubscribeToken(self::class);
     $data = array_merge($newsletter_data, $data);
 
     $duplicate = self::create();
@@ -446,6 +447,7 @@ class Newsletter extends Model {
         'parent_id' => $this->id,
         'type' => self::TYPE_NOTIFICATION_HISTORY,
         'status' => self::STATUS_SENDING,
+        'unsubscribe_token' => Security::generateUnsubscribeToken(self::class),
       ]
     );
 
@@ -1013,6 +1015,7 @@ class Newsletter extends Model {
   }
 
   static function createOrUpdate($data = []) {
+    $data['unsubscribe_token'] = Security::generateUnsubscribeToken(self::class);
     return parent::_createOrUpdate($data, false, function($data) {
       $settings = new SettingsController();
       // set default sender based on settings

lib/Models/Subscriber.php

@@ -6,6 +6,7 @@ use MailPoet\Settings\SettingsController;
 use MailPoet\Util\Helpers;
 use function MailPoet\Util\array_column;
 use MailPoet\WP\Functions as WPFunctions;
+use MailPoet\Util\Security;
 
 if (!defined('ABSPATH')) exit;
 
@@ -781,6 +782,7 @@ class Subscriber extends Model {
     $required_field_default_values = [
       'first_name' => '',
       'last_name' => '',
+      'unsubscribe_token' => Security::generateUnsubscribeToken(self::class),
       'status' => (!$settings->get('signup_confirmation.enabled')) ? self::STATUS_SUBSCRIBED : self::STATUS_UNCONFIRMED,
     ];
     foreach ($required_field_default_values as $field => $value) {

tests/integration/API/JSON/v1/NewslettersTest.php

@@ -176,6 +176,7 @@ class NewslettersTest extends \MailPoetTest {
     expect($response->data)->equals($saved_newsletter->asArray());
     // newsletter option should be saved
     expect($saved_newsletter->some_option)->equals('some_option_value');
+    expect(strlen($saved_newsletter->unsubscribe_token))->equals(15);
 
     $hook_name = 'mailpoet_api_newsletters_save_before';
     expect(WPHooksHelper::isFilterApplied($hook_name))->true();

tests/integration/API/MP/APITest.php

@@ -472,6 +472,7 @@ class APITest extends \MailPoetTest {
     expect($result['email'])->equals($subscriber['email']);
     expect($result['cf_' . $custom_field->id])->equals('test');
     expect($result['source'])->equals('api');
+    expect(strlen($result['unsubscribe_token']))->equals(15);
   }
 
   function testItChecksForMandatoryCustomFields() {

tests/integration/Models/SubscriberTest.php

@@ -820,45 +820,31 @@ class SubscriberTest extends \MailPoetTest {
 
   function testItSetsDefaultValuesForRequiredFields() {
     // MySQL running in strict mode requires a value to be set for certain fields
-    expect(Subscriber::setRequiredFieldsDefaultValues([]))->equals(
-      [
-        'first_name' => '',
-        'last_name' => '',
-        'status' => Subscriber::STATUS_UNCONFIRMED,
-      ]
-    );
+    $values = Subscriber::setRequiredFieldsDefaultValues([]);
+    expect($values['first_name'])->equals('');
+    expect($values['last_name'])->equals('');
+    expect($values['status'])->equals(Subscriber::STATUS_UNCONFIRMED);
+    expect(strlen($values['unsubscribe_token']))->equals(15);
   }
 
   function testItSetsDefaultStatusDependingOnSingupConfirmationOption() {
     // when signup confirmation is disabled, status should be 'subscribed'
     $this->settings->set('signup_confirmation.enabled', false);
-    expect(Subscriber::setRequiredFieldsDefaultValues([]))->equals(
-      [
-        'first_name' => '',
-        'last_name' => '',
-        'status' => Subscriber::STATUS_SUBSCRIBED,
-      ]
-    );
+    $values = Subscriber::setRequiredFieldsDefaultValues([]);
+    expect($values['first_name'])->equals('');
+    expect($values['last_name'])->equals('');
+    expect($values['status'])->equals(Subscriber::STATUS_SUBSCRIBED);
+    expect(strlen($values['unsubscribe_token']))->equals(15);
 
     $this->settings->set('signup_confirmation.enabled', true);
     // when signup confirmation is enabled, status should be 'unconfirmed'
-    expect(Subscriber::setRequiredFieldsDefaultValues([]))->equals(
-      [
-        'first_name' => '',
-        'last_name' => '',
-        'status' => Subscriber::STATUS_UNCONFIRMED,
-      ]
-    );
+    $values = Subscriber::setRequiredFieldsDefaultValues([]);
+    expect($values['status'])->equals(Subscriber::STATUS_UNCONFIRMED);
 
     // when status is specified, it should not change regardless of signup confirmation option
     $this->settings->set('signup_confirmation.enabled', true);
-    expect(Subscriber::setRequiredFieldsDefaultValues(['status' => Subscriber::STATUS_SUBSCRIBED]))->equals(
-      [
-        'first_name' => '',
-        'last_name' => '',
-        'status' => Subscriber::STATUS_SUBSCRIBED,
-      ]
-    );
+    $values = Subscriber::setRequiredFieldsDefaultValues(['status' => Subscriber::STATUS_SUBSCRIBED]);
+    expect($values['status'])->equals(Subscriber::STATUS_SUBSCRIBED);
   }
 
   function testItSetsDefaultValuesForNewSubscribers() {

tests/integration/Subscribers/ImportExport/Export/ExportTest.php

@@ -125,7 +125,7 @@ class ExportTest extends \MailPoetTest {
     expect(
       preg_match(
         '|' .
-        preg_quote(Env::$temp_path, '|') . '/MailPoet_export_[a-f0-9]{15}.' .
+        preg_quote(Env::$temp_path, '|') . '/MailPoet_export_[a-z0-9]{15}.' .
         $this->export->export_format_option .
         '|', $this->export->export_file)
     )->equals(1);