Merge branch '2.4-develop' into cache-clean-remove

Author: engcom-Hotel

app/code/Magento/AdminAnalytics/Test/Mftf/Test/AdminCheckAnalyticsTrackingTest.xml

@@ -31,5 +31,46 @@
 
         <waitForPageLoad stepKey="waitForPageReloaded"/>
         <seeInPageSource html="var adminAnalyticsMetadata =" stepKey="seeInPageSource"/>
+        <grabPageSource stepKey="pageSource"/>
+        <assertRegExp message="adminAnalyticsMetadata object is invalid" stepKey="validateadminAnalyticsMetadata">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?("[\w_]+":\s+"[^"]*?"\s+)};#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect user ID" stepKey="validateUserId">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"user":\s+"[\w\d]{64}"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect secure base URL" stepKey="validateSecureBaseURL">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"secure_base_url":\s+"http(s)?\\\\u003A\\\\u002F\\\\u002F.+?\\\\u002F"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect product version" stepKey="validateProductVersion">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"version":\s+"[^\s]+"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect product edition" stepKey="validateProductEdition">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"product_edition":\s+"(Community|Enterprise|B2B)"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect application mode" stepKey="validateApplicationMode">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"mode":\s+"default|developer|production"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect store name" stepKey="validateStoreName">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"store_name_default":\s+".*?"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect admin user created date" stepKey="validateAdminUserCreatedDate">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"admin_user_created":\s+".+?"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect admin user log date" stepKey="validateAdminUserLogDate">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"admin_user_logdate":\s+".+?"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
+        <assertRegExp message="adminAnalyticsMetadata object contains incorrect admin user role name" stepKey="validateAdminUserRoleName">
+            <expectedResult type="string">#var\s+adminAnalyticsMetadata\s+=\s+{\s+("[\w_]+":\s+"[^"]*?",\s+)*?"admin_user_role_name":\s+".+?"#s</expectedResult>
+            <actualResult type="variable">$pageSource</actualResult>
+        </assertRegExp>
     </test>
 </tests>

app/code/Magento/AdminAnalytics/ViewModel/Metadata.php

@@ -3,12 +3,18 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
+declare(strict_types=1);
+
 namespace Magento\AdminAnalytics\ViewModel;
 
+use Magento\Config\Model\Config\Backend\Admin\Custom;
+use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\Framework\App\ProductMetadataInterface;
 use Magento\Backend\Model\Auth\Session;
 use Magento\Framework\App\State;
 use Magento\Framework\View\Element\Block\ArgumentInterface;
+use Magento\Store\Model\Information;
 
 /**
  * Gets user version and mode
@@ -30,19 +36,27 @@ class Metadata implements ArgumentInterface
      */
     private $productMetadata;
 
+    /**
+     * @var ScopeConfigInterface
+     */
+    private $config;
+
     /**
      * @param ProductMetadataInterface $productMetadata
      * @param Session $authSession
      * @param State $appState
+     * @param ScopeConfigInterface $config
      */
     public function __construct(
         ProductMetadataInterface $productMetadata,
         Session $authSession,
-        State $appState
+        State $appState,
+        ScopeConfigInterface $config
     ) {
         $this->productMetadata = $productMetadata;
         $this->authSession = $authSession;
         $this->appState = $appState;
+        $this->config = $config;
     }
 
     /**
@@ -55,15 +69,26 @@ public function getMagentoVersion() :string
         return $this->productMetadata->getVersion();
     }
 
+    /**
+     * Get product edition
+     *
+     * @return string
+     */
+    public function getProductEdition(): string
+    {
+        return $this->productMetadata->getEdition();
+    }
+
     /**
      * Get current user id (hash generated from email)
      *
      * @return string
      */
     public function getCurrentUser() :string
     {
-        return hash('sha512', 'ADMIN_USER' . $this->authSession->getUser()->getEmail());
+        return hash('sha256', 'ADMIN_USER' . $this->authSession->getUser()->getEmail());
     }
+
     /**
      * Get Magento mode that the user is using
      *
@@ -73,4 +98,62 @@ public function getMode() :string
     {
         return $this->appState->getMode();
     }
+
+    /**
+     * Get created date for current user
+     *
+     * @return string
+     */
+    public function getCurrentUserCreatedDate(): string
+    {
+        return $this->authSession->getUser()->getCreated();
+    }
+
+    /**
+     * Get log date for current user
+     *
+     * @return string|null
+     */
+    public function getCurrentUserLogDate(): ?string
+    {
+        return $this->authSession->getUser()->getLogdate();
+    }
+
+    /**
+     * Get secure base URL
+     *
+     * @param string $scope
+     * @param string|null $scopeCode
+     * @return string|null
+     */
+    public function getSecureBaseUrlForScope(
+        string $scope = ScopeConfigInterface::SCOPE_TYPE_DEFAULT,
+        ?string $scopeCode = null
+    ): ?string {
+        return $this->config->getValue(Custom::XML_PATH_SECURE_BASE_URL, $scope, $scopeCode);
+    }
+
+    /**
+     * Get store name
+     *
+     * @param string $scope
+     * @param string|null $scopeCode
+     * @return string|null
+     */
+    public function getStoreNameForScope(
+        string $scope = ScopeConfigInterface::SCOPE_TYPE_DEFAULT,
+        ?string $scopeCode = null
+    ): ?string {
+        return $this->config->getValue(Information::XML_PATH_STORE_INFO_NAME, $scope, $scopeCode);
+    }
+
+    /**
+     * Get current user role name
+     *
+     * @return string
+     */
+    public function getCurrentUserRoleName(): string
+    {
+        return $this->authSession->getUser()->getRole()->getRoleName();
+    }
 }

app/code/Magento/AdminAnalytics/composer.json

@@ -9,6 +9,7 @@
         "magento/framework": "*",
         "magento/module-backend": "*",
         "magento/module-config": "*",
+        "magento/module-store": "*",
         "magento/module-ui": "*",
         "magento/module-release-notification": "*"
     },

app/code/Magento/AdminAnalytics/etc/adminhtml/csp_whitelist.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+-->
+<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp:etc/csp_whitelist.xsd">
+        <policies>
+            <policy id="script-src">
+                <values>
+                    <value id="aptrinsic" type="host">*.aptrinsic.com</value>
+                </values>
+            </policy>
+            <policy id="style-src">
+                <values>
+                    <value id="aptrinsic" type="host">*.aptrinsic.com</value>
+                    <value id="fonts_googleapis" type="host">fonts.googleapis.com</value>
+                </values>
+            </policy>
+            <policy id="img-src">
+                <values>
+                    <value id="aptrinsic" type="host">*.aptrinsic.com</value>
+                    <value id="storage_googleapis" type="host">storage.googleapis.com</value>
+                </values>
+            </policy>
+            <policy id="connect-src">
+                <values>
+                    <value id="aptrinsic" type="host">*.aptrinsic.com</value>
+                </values>
+            </policy>
+            <policy id="font-src">
+                <values>
+                    <value id="fonts_gstatic" type="host">fonts.gstatic.com</value>
+                </values>
+            </policy>
+        </policies>
+</csp_whitelist>

app/code/Magento/AdminAnalytics/view/adminhtml/layout/default.xml

@@ -10,7 +10,7 @@
         <referenceContainer name="header">
             <block name="tracking" as="tracking" template="Magento_AdminAnalytics::tracking.phtml" ifconfig="admin/usage/enabled">
                 <arguments>
-                    <argument name="tracking_url" xsi:type="string">//assets.adobedtm.com/launch-EN30eb7ffa064444f1b8b0368ef38fd3a9.min.js</argument>
+                    <argument name="tracking_url" xsi:type="string">//assets.adobedtm.com/a7d65461e54e/37baabec1b6e/launch-177bc126c8e6.min.js</argument>
                     <argument name="metadata" xsi:type="object">Magento\AdminAnalytics\ViewModel\Metadata</argument>
                 </arguments>
             </block>

app/code/Magento/AdminAnalytics/view/adminhtml/templates/tracking.phtml

@@ -19,11 +19,20 @@
     false
 ) ?>
 
-<?php $scriptString = '
+<?php
+/** @var \Magento\AdminAnalytics\ViewModel\Metadata $metadata */
+$metadata = $block->getMetadata();
+$scriptString = '
     var adminAnalyticsMetadata = {
-        "version": "' . $block->escapeJs($block->getMetadata()->getMagentoVersion()) . '",
-        "user": "' . $block->escapeJs($block->getMetadata()->getCurrentUser()) . '",
-        "mode": "' . $block->escapeJs($block->getMetadata()->getMode()) . '"
+        "secure_base_url": "' . $block->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
+        "version": "' . $block->escapeJs($metadata->getMagentoVersion()) . '",
+        "product_edition": "' . $block->escapeJs($metadata->getProductEdition()) . '",
+        "user": "' . $block->escapeJs($metadata->getCurrentUser()) . '",
+        "mode": "' . $block->escapeJs($metadata->getMode()) . '",
+        "store_name_default": "' . $block->escapeJs($metadata->getStoreNameForScope()) . '",
+        "admin_user_created": "' . $block->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
+        "admin_user_logdate": "' . $block->escapeJs($metadata->getCurrentUserLogDate()) . '",
+        "admin_user_role_name": "' . $block->escapeJs($metadata->getCurrentUserRoleName()) . '"
     };
 ';
 ?>

app/code/Magento/Csp/Model/Collector/CspWhitelistXml/Converter.php

@@ -36,13 +36,12 @@ public function convert($source)
             /** @var \DOMElement $value */
             foreach ($policy->getElementsByTagName('value') as $value) {
                 if ($value->attributes->getNamedItem('type')->nodeValue === 'host') {
-                    $policyConfig[$id]['hosts'][] = $value->nodeValue;
+                    $policyConfig[$id]['hosts'][$value->attributes->getNamedItem('id')->nodeValue] = $value->nodeValue;
                 } else {
                     $policyConfig[$id]['hashes'][$value->nodeValue]
                         = $value->attributes->getNamedItem('algorithm')->nodeValue;
                 }
             }
-            $policyConfig[$id]['hosts'] = array_unique($policyConfig[$id]['hosts']);
         }
 
         return $policyConfig;

app/code/Magento/Csp/Model/Collector/FetchPolicyMerger.php

@@ -25,12 +25,12 @@ public function merge(PolicyInterface $policy1, PolicyInterface $policy2): Polic
         return new FetchPolicy(
             $policy1->getId(),
             $policy1->isNoneAllowed() || $policy2->isNoneAllowed(),
-            array_unique(array_merge($policy1->getHostSources(), $policy2->getHostSources())),
-            array_unique(array_merge($policy1->getSchemeSources(), $policy2->getSchemeSources())),
+            array_merge($policy1->getHostSources(), $policy2->getHostSources()),
+            array_merge($policy1->getSchemeSources(), $policy2->getSchemeSources()),
             $policy1->isSelfAllowed() || $policy2->isSelfAllowed(),
             $policy1->isInlineAllowed() || $policy2->isInlineAllowed(),
             $policy1->isEvalAllowed() || $policy2->isEvalAllowed(),
-            array_unique(array_merge($policy1->getNonceValues(), $policy2->getNonceValues())),
+            array_merge($policy1->getNonceValues(), $policy2->getNonceValues()),
             array_merge($policy1->getHashes(), $policy2->getHashes()),
             $policy1->isDynamicAllowed() || $policy2->isDynamicAllowed(),
             $policy1->areEventHandlersAllowed() || $policy2->areEventHandlersAllowed()

app/code/Magento/Csp/Model/Collector/PluginTypesPolicyMerger.php

@@ -22,7 +22,7 @@ public function merge(PolicyInterface $policy1, PolicyInterface $policy2): Polic
     {
         /** @var PluginTypesPolicy $policy1 */
         /** @var PluginTypesPolicy $policy2 */
-        return new PluginTypesPolicy(array_unique(array_merge($policy1->getTypes(), $policy2->getTypes())));
+        return new PluginTypesPolicy(array_merge($policy1->getTypes(), $policy2->getTypes()));
     }
 
     /**

app/code/Magento/Csp/Model/Policy/FetchPolicy.php

@@ -116,12 +116,12 @@ public function __construct(
     ) {
         $this->id = $id;
         $this->noneAllowed = $noneAllowed;
-        $this->hostSources = array_unique($hostSources);
-        $this->schemeSources = array_unique($schemeSources);
+        $this->hostSources = array_values(array_unique($hostSources));
+        $this->schemeSources = array_values(array_unique($schemeSources));
         $this->selfAllowed = $selfAllowed;
         $this->inlineAllowed = $inlineAllowed;
         $this->evalAllowed = $evalAllowed;
-        $this->nonceValues = array_unique($nonceValues);
+        $this->nonceValues = array_values(array_unique($nonceValues));
         $this->hashes = $hashValues;
         $this->dynamicAllowed = $dynamicAllowed;
         $this->eventHandlersAllowed = $eventHandlersAllowed;

app/code/Magento/Csp/Model/Policy/PluginTypesPolicy.php

@@ -25,7 +25,7 @@ public function __construct(array $types)
         if (!$types) {
             throw new \RuntimeException('PluginTypePolicy must be given at least 1 type.');
         }
-        $this->types = array_unique($types);
+        $this->types = array_values(array_unique($types));
     }
 
     /**

dev/tests/integration/_files/Magento/TestModuleCspConfig/etc/adminhtml/csp_whitelist.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+-->
+<csp_whitelist xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Csp/etc/csp_whitelist.xsd">
+    <policies>
+        <policy id="object-src">
+            <values>
+                <value id="example-base" type="host">example.magento.com</value>
+                <value id="mage-base" type="host">https://admin.magento.com</value>
+            </values>
+        </policy>
+        <policy id="media-src">
+            <values>
+                <value id="example-base" type="host">example.magento.com</value>
+                <value id="mage-base" type="host">https://admin.magento.com</value>
+            </values>
+        </policy>
+    </policies>
+</csp_whitelist>