Merge branch '2.3-develop' into feature/271-Customer-Attributes-Valid…

…ation Conflicts: app/code/Magento/CustomerGraphQl/Model/Customer/CreateCustomerAccount.php app/code/Magento/CustomerGraphQl/Model/Customer/UpdateCustomerAccount.php
Hypernova-Oy · Jul 25, 2019 · 5ae0633 · 5ae0633
2 parents 0b4c496 + 72f72dd
commit 5ae0633
Show file tree

Hide file tree

Showing 670 changed files with 14,824 additions and 6,313 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
diff --git a/app/code/Magento/Authorization/Model/Role.php b/app/code/Magento/Authorization/Model/Role.php
@@ -40,7 +40,7 @@ class Role extends \Magento\Framework\Model\AbstractModel
      * @param \Magento\Authorization\Model\ResourceModel\Role\Collection $resourceCollection
      * @param array $data
      */
-    public function __construct(
+    public function __construct( //phpcs:ignore Generic.CodeAnalysis.UselessOverridingMethod
         \Magento\Framework\Model\Context $context,
         \Magento\Framework\Registry $registry,
         \Magento\Authorization\Model\ResourceModel\Role $resource,
@@ -52,28 +52,18 @@ public function __construct(
 
     /**
      * @inheritDoc
-     *
-     * @SuppressWarnings(PHPMD.SerializationAware)
-     * @deprecated Do not use PHP serialization.
      */
     public function __sleep()
     {
-        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
-
         $properties = parent::__sleep();
         return array_diff($properties, ['_resource', '_resourceCollection']);
     }
 
     /**
      * @inheritDoc
-     *
-     * @SuppressWarnings(PHPMD.SerializationAware)
-     * @deprecated Do not use PHP serialization.
      */
     public function __wakeup()
     {
-        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
-
         parent::__wakeup();
         $objectManager = \Magento\Framework\App\ObjectManager::getInstance();
         $this->_resource = $objectManager->get(\Magento\Authorization\Model\ResourceModel\Role::class);

diff --git a/...Magento/Authorizenet/Test/Mftf/Test/StorefrontVerifySecureURLRedirectAuthorizenetTest.xml b/...Magento/Authorizenet/Test/Mftf/Test/StorefrontVerifySecureURLRedirectAuthorizenetTest.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="StorefrontVerifySecureURLRedirectAuthorizenet">
+        <annotations>
+            <features value="Authorizenet"/>
+            <stories value="Storefront Secure URLs"/>
+            <title value="Verify Secure URLs For Storefront Authorizenet Pages"/>
+            <description value="Verify that the Secure URL configuration applies to the Authorizenet pages on the Storefront"/>
+            <severity value="MAJOR"/>
+            <testCaseId value="MC-15610"/>
+            <group value="authorizenet"/>
+            <group value="configuration"/>
+            <group value="secure_storefront_url"/>
+        </annotations>
+        <before>
+            <createData entity="Simple_US_Customer" stepKey="customer"/>
+            <actionGroup ref="LoginToStorefrontActionGroup" stepKey="loginToStorefront">
+                <argument name="Customer" value="$$customer$$"/>
+            </actionGroup>
+            <executeJS function="return window.location.host" stepKey="hostname"/>
+            <magentoCLI command="config:set web/secure/base_url https://{$hostname}/" stepKey="setSecureBaseURL"/>
+            <magentoCLI command="config:set web/secure/use_in_frontend 1" stepKey="useSecureURLsOnStorefront"/>
+            <magentoCLI command="cache:flush" stepKey="flushCache"/>
+        </before>
+        <after>
+            <magentoCLI command="config:set web/secure/use_in_frontend 0" stepKey="dontUseSecureURLsOnStorefront"/>
+            <magentoCLI command="cache:flush" stepKey="flushCache"/>
+            <deleteData createDataKey="customer" stepKey="deleteCustomer"/>
+        </after>
+        <executeJS function="return window.location.host" stepKey="hostname"/>
+        <amOnUrl url="http://{$hostname}/authorizenet" stepKey="goToUnsecureAuthorizenetURL"/>
+        <seeCurrentUrlEquals url="https://{$hostname}/authorizenet" stepKey="seeSecureAuthorizenetURL"/>
+    </test>
+</tests>
diff --git a/app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml b/app/code/Magento/AuthorizenetAcceptjs/etc/adminhtml/di.xml
@@ -31,4 +31,9 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">
+        <arguments>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
+        </arguments>
+    </virtualType>
 </config>
diff --git a/app/code/Magento/AuthorizenetAcceptjs/etc/di.xml b/app/code/Magento/AuthorizenetAcceptjs/etc/di.xml
@@ -134,6 +134,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsRefundRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsRefundSettledHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsCaptureCommand" type="Magento\AuthorizenetAcceptjs\Gateway\Command\CaptureStrategyCommand">
@@ -145,6 +146,7 @@
         <arguments>
             <argument name="requestBuilder" xsi:type="object">AuthorizenetAcceptjsCaptureRequest</argument>
             <argument name="handler" xsi:type="object">AuthorizenetAcceptjsCaptureTransactionHandler</argument>
+            <argument name="validator" xsi:type="object">AuthorizenetAcceptjsTransactionValidator</argument>
         </arguments>
     </virtualType>
     <virtualType name="AuthorizenetAcceptjsVoidCommand" type="Magento\Payment\Gateway\Command\GatewayCommand">

diff --git a/app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/templates/payment/script.phtml b/app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/templates/payment/script.phtml
@@ -6,12 +6,19 @@
 
 /** @var Magento\AuthorizenetAcceptjs\Block\Payment $block */
 ?>
-<script type="text/x-magento-init">
-    {
-        "#payment_form_<?= $block->escapeJs($block->escapeHtml($block->getMethodCode())) ?>": {
-            "Magento_AuthorizenetAcceptjs/js/payment-form": {
-                "config": <?= /* @noEscape */ $block->getPaymentConfig() ?>
-            }
-        }
-    }
-</script>
+<script>
+    //<![CDATA[
+    require(
+        [
+            'Magento_AuthorizenetAcceptjs/js/authorizenet',
+            'jquery',
+            'domReady!'
+        ], function(AuthorizenetAcceptjs, $) {
+            var config = <?= /* @noEscape */ $block->getPaymentConfig() ?>,
+                form = $('#payment_form_<?= /* @noEscape */ $block->escapeJs($block->escapeHtml($block->getMethodCode())) ?>');
+
+            config.active = form.length > 0 && !form.is(':hidden');
+            new AuthorizenetAcceptjs(config);
+        });
+    //]]>
+</script>
diff --git a/app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/web/js/payment-form.js b/app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/web/js/payment-form.js
@@ -8,9 +8,8 @@ define([
 ], function (AuthorizenetAcceptjs, $) {
     'use strict';
 
-    return function (data, element) {
-        var $form = $(element),
-            config = data.config;
+    return function (config, element) {
+        var $form = $(element);
 
         config.active = $form.length > 0 && !$form.is(':hidden');
         new AuthorizenetAcceptjs(config);

diff --git a/...agento/AuthorizenetAcceptjs/view/frontend/web/template/payment/authorizenet-acceptjs.html b/...agento/AuthorizenetAcceptjs/view/frontend/web/template/payment/authorizenet-acceptjs.html
@@ -35,6 +35,7 @@
                 <button class="action primary checkout"
                         type="submit"
                         click="beforePlaceOrder"
+                        css="disabled: !isPlaceOrderActionAllowed()"
                         attr="title: $t('Place Order')"
                 >
                     <span translate="'Place Order'"></span>

diff --git a/app/code/Magento/AuthorizenetCardinal/Gateway/Request/Authorize3DSecureBuilder.php b/app/code/Magento/AuthorizenetCardinal/Gateway/Request/Authorize3DSecureBuilder.php
@@ -10,7 +10,7 @@
 
 use Magento\AuthorizenetAcceptjs\Gateway\SubjectReader;
 use Magento\AuthorizenetCardinal\Model\Config;
-use Magento\CardinalCommerce\Model\Response\JwtParser;
+use Magento\CardinalCommerce\Model\Response\JwtParserInterface;
 use Magento\Payment\Gateway\Request\BuilderInterface;
 use Magento\Sales\Model\Order\Payment;
 
@@ -30,19 +30,19 @@ class Authorize3DSecureBuilder implements BuilderInterface
     private $config;
 
     /**
-     * @var JwtParser
+     * @var JwtParserInterface
      */
     private $jwtParser;
 
     /**
      * @param SubjectReader $subjectReader
      * @param Config $config
-     * @param JwtParser $jwtParser
+     * @param JwtParserInterface $jwtParser
      */
     public function __construct(
         SubjectReader $subjectReader,
         Config $config,
-        JwtParser $jwtParser
+        JwtParserInterface $jwtParser
     ) {
         $this->subjectReader = $subjectReader;
         $this->config = $config;

diff --git a/app/code/Magento/AuthorizenetCardinal/Gateway/Validator/CavvResponseValidator.php b/app/code/Magento/AuthorizenetCardinal/Gateway/Validator/CavvResponseValidator.php
@@ -0,0 +1,83 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\AuthorizenetCardinal\Gateway\Validator;
+
+use Magento\AuthorizenetAcceptjs\Gateway\SubjectReader;
+use Magento\AuthorizenetCardinal\Model\Config;
+use Magento\Payment\Gateway\Validator\AbstractValidator;
+use Magento\Payment\Gateway\Validator\ResultInterface;
+use Magento\Payment\Gateway\Validator\ResultInterfaceFactory;
+
+/**
+ * Validates cardholder authentication verification response code.
+ */
+class CavvResponseValidator extends AbstractValidator
+{
+    /**
+     * The result code that authorize.net returns if CAVV passed validation.
+     */
+    private const RESULT_CODE_SUCCESS = '2';
+
+    /**
+     * @var SubjectReader
+     */
+    private $subjectReader;
+
+    /**
+     * @var ResultInterfaceFactory
+     */
+    private $resultFactory;
+
+    /**
+     * @var Config
+     */
+    private $config;
+
+    /**
+     * @param ResultInterfaceFactory $resultFactory
+     * @param SubjectReader $subjectReader
+     * @param Config $config
+     */
+    public function __construct(
+        ResultInterfaceFactory $resultFactory,
+        SubjectReader $subjectReader,
+        Config $config
+    ) {
+        parent::__construct($resultFactory);
+
+        $this->resultFactory = $resultFactory;
+        $this->subjectReader = $subjectReader;
+        $this->config = $config;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function validate(array $validationSubject): ResultInterface
+    {
+        if ($this->config->isActive() === false) {
+            return $this->createResult(true);
+        }
+
+        $response = $this->subjectReader->readResponse($validationSubject);
+        $transactionResponse = $response['transactionResponse'];
+
+        $cavvResultCode = $transactionResponse['cavvResultCode'] ?? '';
+        $isValid = $cavvResultCode === self::RESULT_CODE_SUCCESS;
+        $errorCodes = [];
+        $errorMessages = [];
+
+        if (!$isValid) {
+            $errorCodes[] = $transactionResponse['cavvResultCode'];
+            $errorMessages[] = 'CAVV failed validation';
+        }
+
+        return $this->createResult($isValid, $errorMessages, $errorCodes);
+    }
+}
diff --git a/app/code/Magento/AuthorizenetCardinal/etc/di.xml b/app/code/Magento/AuthorizenetCardinal/etc/di.xml
@@ -13,4 +13,20 @@
             </argument>
         </arguments>
     </virtualType>
+    <virtualType name="Magento\AuthorizenetCardinal\Gateway\Validator\VirtualTransactionValidator" type="Magento\Payment\Gateway\Validator\ValidatorComposite">
+        <arguments>
+            <argument name="chainBreakingValidators" xsi:type="array">
+                <item name="general" xsi:type="boolean">true</item>
+            </argument>
+            <argument name="validators" xsi:type="array">
+                <item name="general" xsi:type="string">AuthorizenetAcceptjsTransactionValidator</item>
+                <item name="cavv_response" xsi:type="string">Magento\AuthorizenetCardinal\Gateway\Validator\CavvResponseValidator</item>
+            </argument>
+        </arguments>
+    </virtualType>
+    <virtualType name="AuthorizenetAcceptjsAuthorizeCommand">
+        <arguments>
+            <argument name="validator" xsi:type="object">Magento\AuthorizenetCardinal\Gateway\Validator\VirtualTransactionValidator</argument>
+        </arguments>
+    </virtualType>
 </config>
diff --git a/app/code/Magento/AuthorizenetCardinal/view/frontend/web/js/authorizenet-accept-mixin.js b/app/code/Magento/AuthorizenetCardinal/view/frontend/web/js/authorizenet-accept-mixin.js
@@ -56,6 +56,8 @@ define([
             },
 
             /**
+             * Adds cardinal response JWT to payment additional data.
+             *
              * @returns {Object}
              */
             getData: function () {

diff --git a/app/code/Magento/AuthorizenetGraphQl/etc/schema.graphqls b/app/code/Magento/AuthorizenetGraphQl/etc/schema.graphqls
@@ -1,7 +1,7 @@
 # Copyright © Magento, Inc. All rights reserved.
 # See COPYING.txt for license details.
 
-input PaymentMethodAdditionalDataInput {
+input PaymentMethodInput {
     authorizenet_acceptjs: AuthorizenetInput @doc(description: "Defines the required attributes for Authorize.Net payments")
 }
 

diff --git a/app/code/Magento/Backend/Block/Context.php b/app/code/Magento/Backend/Block/Context.php
@@ -5,6 +5,8 @@
  */
 namespace Magento\Backend\Block;
 
+use Magento\Framework\Cache\LockGuardedCacheLoader;
+
 /**
  * Constructor modification point for Magento\Backend\Block\AbstractBlock.
  *
@@ -17,7 +19,7 @@
  * the classes they were introduced for.
  *
  * @api
- * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
+ * @SuppressWarnings(PHPMD)
  * @since 100.0.2
  */
 class Context extends \Magento\Framework\View\Element\Context
@@ -44,8 +46,9 @@ class Context extends \Magento\Framework\View\Element\Context
      * @param \Magento\Framework\Escaper $escaper
      * @param \Magento\Framework\Filter\FilterManager $filterManager
      * @param \Magento\Framework\Stdlib\DateTime\TimezoneInterface $localeDate
-     * @param \Magento\Framework\AuthorizationInterface $authorization
      * @param \Magento\Framework\Translate\Inline\StateInterface $inlineTranslation
+     * @param \Magento\Framework\AuthorizationInterface $authorization
+     * @param LockGuardedCacheLoader|null $lockQuery
      *
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
@@ -67,7 +70,8 @@ public function __construct(
         \Magento\Framework\Filter\FilterManager $filterManager,
         \Magento\Framework\Stdlib\DateTime\TimezoneInterface $localeDate,
         \Magento\Framework\Translate\Inline\StateInterface $inlineTranslation,
-        \Magento\Framework\AuthorizationInterface $authorization
+        \Magento\Framework\AuthorizationInterface $authorization,
+        LockGuardedCacheLoader $lockQuery = null
     ) {
         $this->_authorization = $authorization;
         parent::__construct(
@@ -87,7 +91,8 @@ public function __construct(
             $escaper,
             $filterManager,
             $localeDate,
-            $inlineTranslation
+            $inlineTranslation,
+            $lockQuery
         );
     }
-Original file line number
+Diff line change
@@ Expand Up / @@ -56,6 +56,8 @@ define([ @@
                 },
                 /**
+                 * Adds cardinal response JWT to payment additional data.
+                 *
                  * @returns {Object}
                  */
                 getData: function () {
@@ Expand Down @@