Merge branch '2.4-develop' into bugfix/36947_orders_graphql_date_timezone

# Conflicts:
#	app/code/Magento/SalesGraphQl/Model/Formatter/Order.php

Author: Bartlomiejsz

.editorconfig

@@ -14,7 +14,7 @@ trim_trailing_whitespace = false
 [*.{yml,yaml,json}]
 indent_size = 2
 
-[{composer, auth}.json]
+[{composer,auth}.json]
 indent_size = 4
 
 [db_schema_whitelist.json]

app/code/Magento/AdminAnalytics/Controller/Adminhtml/Config/EnableAdminUsage.php

@@ -89,7 +89,7 @@ private function markUserNotified(): ResultInterface
     public function execute()
     {
         $this->enableAdminUsage();
-        $this->markUserNotified();
+        return $this->markUserNotified();
     }
 
     /**

app/code/Magento/AdminAnalytics/Test/Mftf/class-file-naming-allowlist

@@ -0,0 +1,2 @@
+CloseAllDialogBoxes
+SelectAdminUsageSetting

app/code/Magento/AdminAnalytics/Test/Unit/Condition/CanViewNotificationTest.php

@@ -75,7 +75,7 @@ public function testIsVisibleLoadDataFromLog($expected, $cacheResponse, $logExis
     /**
      * @return array
      */
-    public function isVisibleProvider()
+    public static function isVisibleProvider()
     {
         return [
             [true, false, false],

app/code/Magento/AdminAnalytics/Test/Unit/Controller/Adminhtml/Config/EnableAdminUsageTest.php

@@ -0,0 +1,128 @@
+<?php
+
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminAnalytics\Test\Unit\Controller\Adminhtml\Config;
+
+use Magento\AdminAnalytics\Controller\Adminhtml\Config\EnableAdminUsage;
+use Magento\AdminAnalytics\Model\ResourceModel\Viewer\Logger as NotificationLogger;
+use Magento\Config\Model\Config;
+use Magento\Config\Model\Config\Factory as ConfigFactory;
+use Magento\Framework\App\ProductMetadataInterface;
+use Magento\Framework\Controller\Result\Json as JsonResult;
+use Magento\Framework\Controller\ResultFactory;
+use Magento\Framework\Controller\ResultInterface;
+use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
+use PHPUnit\Framework\MockObject\MockObject;
+
+/**
+ * @covers \Magento\AdminAnalytics\Controller\Adminhtml\Config\EnableAdminUsage
+ */
+class EnableAdminUsageTest extends \PHPUnit\Framework\TestCase
+{
+    private const STUB_PRODUCT_VERSION = 'Product Version';
+
+    /** @var EnableAdminUsage */
+    private $controller;
+
+    /** @var MockObject|Config */
+    private $configMock;
+
+    /** @var MockObject|ProductMetadataInterface */
+    private $productMetadataMock;
+
+    /** @var MockObject|NotificationLogger */
+    private $notificationLoggerMock;
+
+    /** @var MockObject|ResultFactory */
+    private $resultFactoryMock;
+
+    /** @var JsonResult|MockObject */
+    private $resultMock;
+
+    protected function setUp(): void
+    {
+        $objectManager = new ObjectManager($this);
+
+        $this->configMock = $this->getMockBuilder(Config::class)
+            ->disableOriginalConstructor()
+            ->onlyMethods(['setDataByPath', 'save'])
+            ->getMock();
+
+        $configFactory = $this->getMockBuilder(ConfigFactory::class)
+            ->disableOriginalConstructor()
+            ->onlyMethods(['create'])
+            ->getMock();
+
+        $configFactory->method('create')
+            ->willReturn($this->configMock);
+
+        $this->productMetadataMock = $this->getMockBuilder(ProductMetadataInterface::class)
+            ->onlyMethods(['getVersion'])
+            ->getMockForAbstractClass();
+
+        $this->productMetadataMock->method('getVersion')
+            ->willReturn(self::STUB_PRODUCT_VERSION);
+
+        $this->notificationLoggerMock = $this->getMockBuilder(NotificationLogger::class)
+            ->disableOriginalConstructor()
+            ->onlyMethods(['log'])
+            ->getMock();
+
+        $this->resultFactoryMock = $this->getMockBuilder(ResultFactory::class)
+            ->disableOriginalConstructor()
+            ->onlyMethods(['create'])
+            ->getMock();
+
+        $this->resultMock = $this->getMockBuilder(JsonResult::class)
+            ->disableOriginalConstructor()
+            ->onlyMethods(['setData'])
+            ->getMock();
+
+        $this->resultFactoryMock->method('create')
+            ->with(ResultFactory::TYPE_JSON)
+            ->willReturn($this->resultMock);
+
+        $this->controller = $objectManager->getObject(EnableAdminUsage::class, [
+            'configFactory' => $configFactory,
+            'productMetadata' => $this->productMetadataMock,
+            'notificationLogger' => $this->notificationLoggerMock,
+            'resultFactory' => $this->resultFactoryMock
+        ]);
+    }
+
+    /**
+     * If Controller returns `null`, no data is passed to the browser
+     */
+    public function testResponseAfterAdminUsageChange()
+    {
+        // Given
+        $this->resultMock->method('setData')->willReturnSelf();
+
+        // When
+        $response = $this->controller->execute();
+
+        // Then
+        $this->assertInstanceOf(ResultInterface::class, $response);
+    }
+
+    public function testResponseWhenExceptionThrown()
+    {
+        $this->markTestSkipped('magento/magento2#31393 Lack of exception handling');
+
+        $this->configMock->method('setDataByPath')
+            ->willThrowException(
+                new \Exception('System Exception')
+            );
+
+        // When
+        $response = $this->controller->execute();
+
+        // Then
+        $this->assertInstanceOf(ResultInterface::class, $response);
+    }
+}

app/code/Magento/AdminAnalytics/ViewModel/Metadata.php

@@ -9,7 +9,9 @@
 namespace Magento\AdminAnalytics\ViewModel;
 
 use Magento\Config\Model\Config\Backend\Admin\Custom;
+use Magento\Csp\Helper\CspNonceProvider;
 use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\App\ObjectManager;
 use Magento\Framework\App\ProductMetadataInterface;
 use Magento\Backend\Model\Auth\Session;
 use Magento\Framework\App\State;
@@ -21,6 +23,11 @@
  */
 class Metadata implements ArgumentInterface
 {
+    /**
+     * @var string
+     */
+    private $nonce;
+
     /**
      * @var State
      */
@@ -41,22 +48,33 @@ class Metadata implements ArgumentInterface
      */
     private $config;
 
+    /**
+     * @var CspNonceProvider
+     */
+    private $nonceProvider;
+
     /**
      * @param ProductMetadataInterface $productMetadata
      * @param Session $authSession
      * @param State $appState
      * @param ScopeConfigInterface $config
+     * @param CspNonceProvider|null $nonceProvider
      */
     public function __construct(
         ProductMetadataInterface $productMetadata,
         Session $authSession,
         State $appState,
-        ScopeConfigInterface $config
+        ScopeConfigInterface $config,
+        CspNonceProvider $nonceProvider = null
     ) {
         $this->productMetadata = $productMetadata;
         $this->authSession = $authSession;
         $this->appState = $appState;
         $this->config = $config;
+
+        $this->nonceProvider = $nonceProvider ?: ObjectManager::getInstance()->get(CspNonceProvider::class);
+
+        $this->nonce = $this->nonceProvider->generateNonce();
     }
 
     /**
@@ -156,4 +174,14 @@ public function getCurrentUserRoleName(): string
     {
         return $this->authSession->getUser()->getRole()->getRoleName();
     }
+
+    /**
+     * Get a random nonce for each request.
+     *
+     * @return string
+     */
+    public function getNonce(): string
+    {
+        return $this->nonce;
+    }
 }

app/code/Magento/AdminAnalytics/composer.json

@@ -5,13 +5,14 @@
         "sort-packages": true
     },
     "require": {
-        "php": "~8.1.0||~8.2.0",
+        "php": "~8.2.0||~8.3.0",
         "magento/framework": "*",
         "magento/module-backend": "*",
         "magento/module-config": "*",
         "magento/module-store": "*",
         "magento/module-ui": "*",
-        "magento/module-release-notification": "*"
+        "magento/module-release-notification": "*",
+        "magento/module-csp": "*"
     },
     "type": "magento2-module",
     "license": [

app/code/Magento/AdminAnalytics/view/adminhtml/templates/tracking.phtml

@@ -6,6 +6,7 @@
 
 /**
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 
@@ -22,18 +23,25 @@
 <?php
 /** @var \Magento\AdminAnalytics\ViewModel\Metadata $metadata */
 $metadata = $block->getMetadata();
+$nonce = $escaper->escapeJs($metadata->getNonce());
 $scriptString = '
     var adminAnalyticsMetadata = {
-        "secure_base_url": "' . $block->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
-        "version": "' . $block->escapeJs($metadata->getMagentoVersion()) . '",
-        "product_edition": "' . $block->escapeJs($metadata->getProductEdition()) . '",
-        "user": "' . $block->escapeJs($metadata->getCurrentUser()) . '",
-        "mode": "' . $block->escapeJs($metadata->getMode()) . '",
-        "store_name_default": "' . $block->escapeJs($metadata->getStoreNameForScope()) . '",
-        "admin_user_created": "' . $block->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
-        "admin_user_logdate": "' . $block->escapeJs($metadata->getCurrentUserLogDate()) . '",
-        "admin_user_role_name": "' . $block->escapeJs($metadata->getCurrentUserRoleName()) . '"
+        "secure_base_url": "' . $escaper->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
+        "version": "' . $escaper->escapeJs($metadata->getMagentoVersion()) . '",
+        "product_edition": "' . $escaper->escapeJs($metadata->getProductEdition()) . '",
+        "user": "' . $escaper->escapeJs($metadata->getCurrentUser()) . '",
+        "mode": "' . $escaper->escapeJs($metadata->getMode()) . '",
+        "store_name_default": "' . $escaper->escapeJs($metadata->getStoreNameForScope()) . '",
+        "admin_user_created": "' . $escaper->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
+        "admin_user_logdate": "' . $escaper->escapeJs($metadata->getCurrentUserLogDate()) . '",
+        "admin_user_role_name": "' . $escaper->escapeJs($metadata->getCurrentUserRoleName()) . '"
     };
+
+    var digitalData = {
+        "nonce": "' . $nonce . '"
+    };
+
+    var cspNonce = "' . $nonce . '";
 ';
 ?>
 <?= /* @noEscape */ $secureRenderer->renderTag('script', [], $scriptString, false); ?>

app/code/Magento/AdminNotification/Block/Grid/MassAction/MarkAsReadVisibility.php

@@ -0,0 +1,39 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminNotification\Block\Grid\MassAction;
+
+use Magento\AdminNotification\Controller\Adminhtml\Notification\MarkAsRead;
+use Magento\Backend\Block\Widget\Grid\Massaction\VisibilityCheckerInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Class checks if mark as read action can be displayed on massaction list
+ */
+class MarkAsReadVisibility implements VisibilityCheckerInterface
+{
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * @param AuthorizationInterface $authorizationInterface
+     */
+    public function __construct(AuthorizationInterface $authorizationInterface)
+    {
+        $this->authorization = $authorizationInterface;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function isVisible()
+    {
+        return $this->authorization->isAllowed(MarkAsRead::ADMIN_RESOURCE);
+    }
+}

app/code/Magento/AdminNotification/Block/Grid/MassAction/RemoveVisibility.php

@@ -0,0 +1,39 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminNotification\Block\Grid\MassAction;
+
+use Magento\AdminNotification\Controller\Adminhtml\Notification\Remove;
+use Magento\Backend\Block\Widget\Grid\Massaction\VisibilityCheckerInterface;
+use Magento\Framework\AuthorizationInterface;
+
+/**
+ * Class checks if remove action can be displayed on massaction list
+ */
+class RemoveVisibility implements VisibilityCheckerInterface
+{
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
+    /**
+     * @param AuthorizationInterface $authorizationInterface
+     */
+    public function __construct(AuthorizationInterface $authorizationInterface)
+    {
+        $this->authorization = $authorizationInterface;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function isVisible()
+    {
+        return $this->authorization->isAllowed(Remove::ADMIN_RESOURCE);
+    }
+}