Skip to content

Commit 20025b6

Browse files
committed
Merge branch '2.4-develop' into bugfix/36947_orders_graphql_date_timezone
# Conflicts: # app/code/Magento/SalesGraphQl/Model/Formatter/Order.php
2 parents 0b9fbb7 + 5d745d7 commit 20025b6

File tree

7,525 files changed

+146953
-84777
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

7,525 files changed

+146953
-84777
lines changed

.editorconfig

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ trim_trailing_whitespace = false
1414
[*.{yml,yaml,json}]
1515
indent_size = 2
1616

17-
[{composer, auth}.json]
17+
[{composer,auth}.json]
1818
indent_size = 4
1919

2020
[db_schema_whitelist.json]

app/code/Magento/AdminAnalytics/Controller/Adminhtml/Config/EnableAdminUsage.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ private function markUserNotified(): ResultInterface
8989
public function execute()
9090
{
9191
$this->enableAdminUsage();
92-
$this->markUserNotified();
92+
return $this->markUserNotified();
9393
}
9494

9595
/**
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
CloseAllDialogBoxes
2+
SelectAdminUsageSetting

app/code/Magento/AdminAnalytics/Test/Unit/Condition/CanViewNotificationTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ public function testIsVisibleLoadDataFromLog($expected, $cacheResponse, $logExis
7575
/**
7676
* @return array
7777
*/
78-
public function isVisibleProvider()
78+
public static function isVisibleProvider()
7979
{
8080
return [
8181
[true, false, false],
Lines changed: 128 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,128 @@
1+
<?php
2+
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
declare(strict_types=1);
8+
9+
namespace Magento\AdminAnalytics\Test\Unit\Controller\Adminhtml\Config;
10+
11+
use Magento\AdminAnalytics\Controller\Adminhtml\Config\EnableAdminUsage;
12+
use Magento\AdminAnalytics\Model\ResourceModel\Viewer\Logger as NotificationLogger;
13+
use Magento\Config\Model\Config;
14+
use Magento\Config\Model\Config\Factory as ConfigFactory;
15+
use Magento\Framework\App\ProductMetadataInterface;
16+
use Magento\Framework\Controller\Result\Json as JsonResult;
17+
use Magento\Framework\Controller\ResultFactory;
18+
use Magento\Framework\Controller\ResultInterface;
19+
use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
20+
use PHPUnit\Framework\MockObject\MockObject;
21+
22+
/**
23+
* @covers \Magento\AdminAnalytics\Controller\Adminhtml\Config\EnableAdminUsage
24+
*/
25+
class EnableAdminUsageTest extends \PHPUnit\Framework\TestCase
26+
{
27+
private const STUB_PRODUCT_VERSION = 'Product Version';
28+
29+
/** @var EnableAdminUsage */
30+
private $controller;
31+
32+
/** @var MockObject|Config */
33+
private $configMock;
34+
35+
/** @var MockObject|ProductMetadataInterface */
36+
private $productMetadataMock;
37+
38+
/** @var MockObject|NotificationLogger */
39+
private $notificationLoggerMock;
40+
41+
/** @var MockObject|ResultFactory */
42+
private $resultFactoryMock;
43+
44+
/** @var JsonResult|MockObject */
45+
private $resultMock;
46+
47+
protected function setUp(): void
48+
{
49+
$objectManager = new ObjectManager($this);
50+
51+
$this->configMock = $this->getMockBuilder(Config::class)
52+
->disableOriginalConstructor()
53+
->onlyMethods(['setDataByPath', 'save'])
54+
->getMock();
55+
56+
$configFactory = $this->getMockBuilder(ConfigFactory::class)
57+
->disableOriginalConstructor()
58+
->onlyMethods(['create'])
59+
->getMock();
60+
61+
$configFactory->method('create')
62+
->willReturn($this->configMock);
63+
64+
$this->productMetadataMock = $this->getMockBuilder(ProductMetadataInterface::class)
65+
->onlyMethods(['getVersion'])
66+
->getMockForAbstractClass();
67+
68+
$this->productMetadataMock->method('getVersion')
69+
->willReturn(self::STUB_PRODUCT_VERSION);
70+
71+
$this->notificationLoggerMock = $this->getMockBuilder(NotificationLogger::class)
72+
->disableOriginalConstructor()
73+
->onlyMethods(['log'])
74+
->getMock();
75+
76+
$this->resultFactoryMock = $this->getMockBuilder(ResultFactory::class)
77+
->disableOriginalConstructor()
78+
->onlyMethods(['create'])
79+
->getMock();
80+
81+
$this->resultMock = $this->getMockBuilder(JsonResult::class)
82+
->disableOriginalConstructor()
83+
->onlyMethods(['setData'])
84+
->getMock();
85+
86+
$this->resultFactoryMock->method('create')
87+
->with(ResultFactory::TYPE_JSON)
88+
->willReturn($this->resultMock);
89+
90+
$this->controller = $objectManager->getObject(EnableAdminUsage::class, [
91+
'configFactory' => $configFactory,
92+
'productMetadata' => $this->productMetadataMock,
93+
'notificationLogger' => $this->notificationLoggerMock,
94+
'resultFactory' => $this->resultFactoryMock
95+
]);
96+
}
97+
98+
/**
99+
* If Controller returns `null`, no data is passed to the browser
100+
*/
101+
public function testResponseAfterAdminUsageChange()
102+
{
103+
// Given
104+
$this->resultMock->method('setData')->willReturnSelf();
105+
106+
// When
107+
$response = $this->controller->execute();
108+
109+
// Then
110+
$this->assertInstanceOf(ResultInterface::class, $response);
111+
}
112+
113+
public function testResponseWhenExceptionThrown()
114+
{
115+
$this->markTestSkipped('magento/magento2#31393 Lack of exception handling');
116+
117+
$this->configMock->method('setDataByPath')
118+
->willThrowException(
119+
new \Exception('System Exception')
120+
);
121+
122+
// When
123+
$response = $this->controller->execute();
124+
125+
// Then
126+
$this->assertInstanceOf(ResultInterface::class, $response);
127+
}
128+
}

app/code/Magento/AdminAnalytics/ViewModel/Metadata.php

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,9 @@
99
namespace Magento\AdminAnalytics\ViewModel;
1010

1111
use Magento\Config\Model\Config\Backend\Admin\Custom;
12+
use Magento\Csp\Helper\CspNonceProvider;
1213
use Magento\Framework\App\Config\ScopeConfigInterface;
14+
use Magento\Framework\App\ObjectManager;
1315
use Magento\Framework\App\ProductMetadataInterface;
1416
use Magento\Backend\Model\Auth\Session;
1517
use Magento\Framework\App\State;
@@ -21,6 +23,11 @@
2123
*/
2224
class Metadata implements ArgumentInterface
2325
{
26+
/**
27+
* @var string
28+
*/
29+
private $nonce;
30+
2431
/**
2532
* @var State
2633
*/
@@ -41,22 +48,33 @@ class Metadata implements ArgumentInterface
4148
*/
4249
private $config;
4350

51+
/**
52+
* @var CspNonceProvider
53+
*/
54+
private $nonceProvider;
55+
4456
/**
4557
* @param ProductMetadataInterface $productMetadata
4658
* @param Session $authSession
4759
* @param State $appState
4860
* @param ScopeConfigInterface $config
61+
* @param CspNonceProvider|null $nonceProvider
4962
*/
5063
public function __construct(
5164
ProductMetadataInterface $productMetadata,
5265
Session $authSession,
5366
State $appState,
54-
ScopeConfigInterface $config
67+
ScopeConfigInterface $config,
68+
CspNonceProvider $nonceProvider = null
5569
) {
5670
$this->productMetadata = $productMetadata;
5771
$this->authSession = $authSession;
5872
$this->appState = $appState;
5973
$this->config = $config;
74+
75+
$this->nonceProvider = $nonceProvider ?: ObjectManager::getInstance()->get(CspNonceProvider::class);
76+
77+
$this->nonce = $this->nonceProvider->generateNonce();
6078
}
6179

6280
/**
@@ -156,4 +174,14 @@ public function getCurrentUserRoleName(): string
156174
{
157175
return $this->authSession->getUser()->getRole()->getRoleName();
158176
}
177+
178+
/**
179+
* Get a random nonce for each request.
180+
*
181+
* @return string
182+
*/
183+
public function getNonce(): string
184+
{
185+
return $this->nonce;
186+
}
159187
}

app/code/Magento/AdminAnalytics/composer.json

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,14 @@
55
"sort-packages": true
66
},
77
"require": {
8-
"php": "~8.1.0||~8.2.0",
8+
"php": "~8.2.0||~8.3.0",
99
"magento/framework": "*",
1010
"magento/module-backend": "*",
1111
"magento/module-config": "*",
1212
"magento/module-store": "*",
1313
"magento/module-ui": "*",
14-
"magento/module-release-notification": "*"
14+
"magento/module-release-notification": "*",
15+
"magento/module-csp": "*"
1516
},
1617
"type": "magento2-module",
1718
"license": [

app/code/Magento/AdminAnalytics/view/adminhtml/templates/tracking.phtml

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66

77
/**
88
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
9+
* @var \Magento\Framework\Escaper $escaper
910
*/
1011
?>
1112

@@ -22,18 +23,25 @@
2223
<?php
2324
/** @var \Magento\AdminAnalytics\ViewModel\Metadata $metadata */
2425
$metadata = $block->getMetadata();
26+
$nonce = $escaper->escapeJs($metadata->getNonce());
2527
$scriptString = '
2628
var adminAnalyticsMetadata = {
27-
"secure_base_url": "' . $block->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
28-
"version": "' . $block->escapeJs($metadata->getMagentoVersion()) . '",
29-
"product_edition": "' . $block->escapeJs($metadata->getProductEdition()) . '",
30-
"user": "' . $block->escapeJs($metadata->getCurrentUser()) . '",
31-
"mode": "' . $block->escapeJs($metadata->getMode()) . '",
32-
"store_name_default": "' . $block->escapeJs($metadata->getStoreNameForScope()) . '",
33-
"admin_user_created": "' . $block->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
34-
"admin_user_logdate": "' . $block->escapeJs($metadata->getCurrentUserLogDate()) . '",
35-
"admin_user_role_name": "' . $block->escapeJs($metadata->getCurrentUserRoleName()) . '"
29+
"secure_base_url": "' . $escaper->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
30+
"version": "' . $escaper->escapeJs($metadata->getMagentoVersion()) . '",
31+
"product_edition": "' . $escaper->escapeJs($metadata->getProductEdition()) . '",
32+
"user": "' . $escaper->escapeJs($metadata->getCurrentUser()) . '",
33+
"mode": "' . $escaper->escapeJs($metadata->getMode()) . '",
34+
"store_name_default": "' . $escaper->escapeJs($metadata->getStoreNameForScope()) . '",
35+
"admin_user_created": "' . $escaper->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
36+
"admin_user_logdate": "' . $escaper->escapeJs($metadata->getCurrentUserLogDate()) . '",
37+
"admin_user_role_name": "' . $escaper->escapeJs($metadata->getCurrentUserRoleName()) . '"
3638
};
39+
40+
var digitalData = {
41+
"nonce": "' . $nonce . '"
42+
};
43+
44+
var cspNonce = "' . $nonce . '";
3745
';
3846
?>
3947
<?= /* @noEscape */ $secureRenderer->renderTag('script', [], $scriptString, false); ?>
Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<?php
2+
/**
3+
* Copyright © Magento, Inc. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
declare(strict_types=1);
7+
8+
namespace Magento\AdminNotification\Block\Grid\MassAction;
9+
10+
use Magento\AdminNotification\Controller\Adminhtml\Notification\MarkAsRead;
11+
use Magento\Backend\Block\Widget\Grid\Massaction\VisibilityCheckerInterface;
12+
use Magento\Framework\AuthorizationInterface;
13+
14+
/**
15+
* Class checks if mark as read action can be displayed on massaction list
16+
*/
17+
class MarkAsReadVisibility implements VisibilityCheckerInterface
18+
{
19+
/**
20+
* @var AuthorizationInterface
21+
*/
22+
private $authorization;
23+
24+
/**
25+
* @param AuthorizationInterface $authorizationInterface
26+
*/
27+
public function __construct(AuthorizationInterface $authorizationInterface)
28+
{
29+
$this->authorization = $authorizationInterface;
30+
}
31+
32+
/**
33+
* @inheritdoc
34+
*/
35+
public function isVisible()
36+
{
37+
return $this->authorization->isAllowed(MarkAsRead::ADMIN_RESOURCE);
38+
}
39+
}
Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<?php
2+
/**
3+
* Copyright © Magento, Inc. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
declare(strict_types=1);
7+
8+
namespace Magento\AdminNotification\Block\Grid\MassAction;
9+
10+
use Magento\AdminNotification\Controller\Adminhtml\Notification\Remove;
11+
use Magento\Backend\Block\Widget\Grid\Massaction\VisibilityCheckerInterface;
12+
use Magento\Framework\AuthorizationInterface;
13+
14+
/**
15+
* Class checks if remove action can be displayed on massaction list
16+
*/
17+
class RemoveVisibility implements VisibilityCheckerInterface
18+
{
19+
/**
20+
* @var AuthorizationInterface
21+
*/
22+
private $authorization;
23+
24+
/**
25+
* @param AuthorizationInterface $authorizationInterface
26+
*/
27+
public function __construct(AuthorizationInterface $authorizationInterface)
28+
{
29+
$this->authorization = $authorizationInterface;
30+
}
31+
32+
/**
33+
* @inheritdoc
34+
*/
35+
public function isVisible()
36+
{
37+
return $this->authorization->isAllowed(Remove::ADMIN_RESOURCE);
38+
}
39+
}

0 commit comments

Comments
 (0)