Merge pull request #834 from magento-troll/MAGETWO-62334

MAGETWO-62334: Remove uses of unserialize in \Magento\Swatches\Helper\Data attribute additional_data
MAGETWO-58599: Remove uses of unserialize in Magento_User
MAGETWO-62333: Remove uses of unserialize in \Magento\Sales\Model\Order\Creditmemo\Item attribute tax_ratio
MAGETWO-64587: getRelativePath issue in \Magento\Catalog\Model\View\Asset\Image

Author: rganin

app/bootstrap.php

@@ -58,3 +58,7 @@
 }
 
 date_default_timezone_set('UTC');
+
+/*  Adjustment of precision value for several versions of PHP */
+ini_set('precision', 17);
+ini_set('serialize_precision', 17);

app/code/Magento/Catalog/Model/View/Asset/Image.php

@@ -95,7 +95,7 @@ public function getContentType()
      */
     public function getPath()
     {
-        return $this->getRelativePath($this->context->getPath());
+        return $this->getAbsolutePath($this->context->getPath());
     }
 
     /**
@@ -175,6 +175,21 @@ private function getMiscPath()
         return $this->encryptor->hash(implode('_', $this->miscParams), Encryptor::HASH_VERSION_MD5);
     }
 
+    /**
+     * Generate absolute path
+     *
+     * @param string $result
+     * @return string
+     */
+    private function getAbsolutePath($result)
+    {
+        $prefix = (substr($result, 0, 1) == DIRECTORY_SEPARATOR) ? DIRECTORY_SEPARATOR : '';
+        $result = $this->join($result, $this->getModule());
+        $result = $this->join($result, $this->getMiscPath());
+        $result = $this->join($result, $this->getFilePath());
+        return $prefix . $result;
+    }
+
     /**
      * Generate relative path
      *

app/code/Magento/Catalog/Test/Unit/Model/View/Asset/ImageTest.php

@@ -97,6 +97,30 @@ public function testGetPath($filePath, $miscParams)
         );
     }
 
+    /**
+     * @param string $filePath
+     * @param array $miscParams
+     * @dataProvider getPathDataProvider
+     */
+    public function testGetNotUnixPath($filePath, $miscParams)
+    {
+        $imageModel = new Image(
+            $this->mediaConfig,
+            $this->imageContext,
+            $this->encryptor,
+            $filePath,
+            $miscParams
+        );
+        $absolutePath = 'C:\www\magento2ce\pub\media\catalog\product';
+        $hashPath = md5(implode('_', $miscParams));
+        $this->imageContext->expects($this->once())->method('getPath')->willReturn($absolutePath);
+        $this->encryptor->expects($this->once())->method('hash')->willReturn($hashPath);
+        $this->assertEquals(
+            $absolutePath . DIRECTORY_SEPARATOR . 'cache' . DIRECTORY_SEPARATOR . $hashPath . $filePath,
+            $imageModel->getPath()
+        );
+    }
+
     /**
      * @param string $filePath
      * @param array $miscParams

app/code/Magento/Sales/Setup/UpgradeData.php

@@ -5,6 +5,10 @@
  */
 namespace Magento\Sales\Setup;
 
+use Magento\Framework\App\ObjectManager;
+use Magento\Framework\DB\FieldDataConverterFactory;
+use Magento\Framework\DB\DataConverter\SerializedToJson;
+
 /**
  * Data upgrade script
  */
@@ -27,21 +31,30 @@ class UpgradeData implements \Magento\Framework\Setup\UpgradeDataInterface
      */
     private $convertSerializedDataToJsonFactory;
 
+    /**
+     * @var FieldDataConverterFactory
+     */
+    private $fieldDataConverterFactory;
+
     /**
      * Constructor
      *
      * @param \Magento\Sales\Setup\SalesSetupFactory $salesSetupFactory
      * @param \Magento\Sales\Setup\ConvertSerializedDataToJsonFactory $convertSerializedDataToJsonFactory
      * @param \Magento\Eav\Model\Config $eavConfig
+     * @param FieldDataConverterFactory $fieldDataConverterFactory
      */
     public function __construct(
         \Magento\Sales\Setup\SalesSetupFactory $salesSetupFactory,
         \Magento\Sales\Setup\ConvertSerializedDataToJsonFactory $convertSerializedDataToJsonFactory,
-        \Magento\Eav\Model\Config $eavConfig
+        \Magento\Eav\Model\Config $eavConfig,
+        FieldDataConverterFactory $fieldDataConverterFactory = null
     ) {
         $this->salesSetupFactory = $salesSetupFactory;
         $this->convertSerializedDataToJsonFactory = $convertSerializedDataToJsonFactory;
         $this->eavConfig = $eavConfig;
+        $this->fieldDataConverterFactory = $fieldDataConverterFactory ?: ObjectManager::getInstance()
+            ->get(FieldDataConverterFactory::class);
     }
 
     /**
@@ -59,6 +72,21 @@ public function upgrade(
             $this->convertSerializedDataToJsonFactory->create(['salesSetup' => $salesSetup])
                 ->convert();
         }
+        if (version_compare($context->getVersion(), '2.0.6', '<')) {
+            $fieldDataConverter = $this->fieldDataConverterFactory->create(SerializedToJson::class);
+            $fieldDataConverter->convert(
+                $salesSetup->getConnection(),
+                $salesSetup->getTable('sales_invoice_item'),
+                'entity_id',
+                'tax_ratio'
+            );
+            $fieldDataConverter->convert(
+                $salesSetup->getConnection(),
+                $salesSetup->getTable('sales_creditmemo_item'),
+                'entity_id',
+                'tax_ratio'
+            );
+        }
         $this->eavConfig->clear();
     }
 

app/code/Magento/Sales/etc/module.xml

@@ -6,7 +6,7 @@
  */
 -->
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Module/etc/module.xsd">
-    <module name="Magento_Sales" setup_version="2.0.5">
+    <module name="Magento_Sales" setup_version="2.0.6">
         <sequence>
             <module name="Magento_Rule"/>
             <module name="Magento_Catalog"/>

app/code/Magento/Swatches/Block/Adminhtml/Product/Attribute/Edit/Form.php

@@ -6,13 +6,45 @@
 
 namespace Magento\Swatches\Block\Adminhtml\Product\Attribute\Edit;
 
+use Magento\Framework\Data\Form\Element\CollectionFactory as ElementCollectionFactory;
+use Magento\Framework\Data\Form\Element\Factory;
+use Magento\Framework\Data\Form\FormKey;
 use Magento\Swatches\Model\Swatch;
+use Magento\Framework\Serialize\Serializer\Json;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * Class Form
  */
 class Form extends \Magento\Framework\Data\Form
 {
+    /**
+     * Serializer that allow convert arrays to string.
+     *
+     * @var Json
+     */
+    private $serializer;
+
+    /**
+     * Form constructor.
+     *
+     * @param Factory $factoryElement
+     * @param ElementCollectionFactory $factoryCollection
+     * @param FormKey $formKey
+     * @param array $data
+     * @param Json|null $serializer
+     */
+    public function __construct(
+        Factory $factoryElement,
+        ElementCollectionFactory $factoryCollection,
+        FormKey $formKey,
+        array $data = [],
+        Json $serializer = null
+    ) {
+        parent::__construct($factoryElement, $factoryCollection, $formKey, $data);
+        $this->serializer = $serializer ?: ObjectManager::getInstance()->get(Json::class);
+    }
+
     /**
      * @param array $values
      * @return $this
@@ -43,7 +75,7 @@ protected function getAdditionalData(array $values)
     {
         $additionalData = [];
         if (isset($values['additional_data'])) {
-            $additionalData = unserialize($values['additional_data']);
+            $additionalData = $this->serializer->unserialize($values['additional_data']);
             if (!is_array($additionalData)) {
                 $additionalData = [];
             }

app/code/Magento/Swatches/Helper/Data.php

@@ -8,16 +8,16 @@
 use Magento\Catalog\Helper\Image;
 use Magento\Catalog\Model\ResourceModel\Product\CollectionFactory;
 use Magento\ConfigurableProduct\Model\Product\Type\Configurable;
-use Magento\Framework\App\Helper\Context;
 use Magento\Catalog\Api\Data\ProductInterface as Product;
 use Magento\Catalog\Model\Product as ModelProduct;
 use Magento\Store\Model\StoreManagerInterface;
 use Magento\Swatches\Model\ResourceModel\Swatch\CollectionFactory as SwatchCollectionFactory;
 use Magento\Swatches\Model\Swatch;
 use Magento\Catalog\Model\ResourceModel\Eav\Attribute;
-use Magento\Framework\Exception\InputException;
 use Magento\Catalog\Api\ProductRepositoryInterface;
 use Magento\Catalog\Model\ResourceModel\Product\Collection as ProductCollection;
+use Magento\Framework\Serialize\Serializer\Json;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * Class Helper Data
@@ -81,25 +81,35 @@ class Data
         'use_product_image_for_swatch'
     ];
 
+    /**
+     * Serializer to/from JSON.
+     *
+     * @var Json
+     */
+    private $serializer;
+
     /**
      * @param CollectionFactory $productCollectionFactory
      * @param ProductRepositoryInterface $productRepository
      * @param StoreManagerInterface $storeManager
      * @param SwatchCollectionFactory $swatchCollectionFactory
      * @param Image $imageHelper
+     * @param Json|null $serializer
      */
     public function __construct(
         CollectionFactory $productCollectionFactory,
         ProductRepositoryInterface $productRepository,
         StoreManagerInterface $storeManager,
         SwatchCollectionFactory $swatchCollectionFactory,
-        Image $imageHelper
+        Image $imageHelper,
+        Json $serializer = null
     ) {
         $this->productCollectionFactory   = $productCollectionFactory;
         $this->productRepository = $productRepository;
         $this->storeManager = $storeManager;
         $this->swatchCollectionFactory = $swatchCollectionFactory;
         $this->imageHelper = $imageHelper;
+        $this->serializer = $serializer ?: ObjectManager::getInstance()->create(Json::class);
     }
 
     /**
@@ -111,7 +121,7 @@ public function assembleAdditionalDataEavAttribute(Attribute $attribute)
         $initialAdditionalData = [];
         $additionalData = (string) $attribute->getData('additional_data');
         if (!empty($additionalData)) {
-            $additionalData = unserialize($additionalData);
+            $additionalData = $this->serializer->unserialize($additionalData);
             if (is_array($additionalData)) {
                 $initialAdditionalData = $additionalData;
             }
@@ -125,7 +135,7 @@ public function assembleAdditionalDataEavAttribute(Attribute $attribute)
             }
         }
         $additionalData = array_merge($initialAdditionalData, $dataToAdd);
-        $attribute->setData('additional_data', serialize($additionalData));
+        $attribute->setData('additional_data', $this->serializer->serialize($additionalData));
         return $this;
     }
 
@@ -135,7 +145,7 @@ public function assembleAdditionalDataEavAttribute(Attribute $attribute)
      */
     private function populateAdditionalDataEavAttribute(Attribute $attribute)
     {
-        $additionalData = unserialize($attribute->getData('additional_data'));
+        $additionalData = $this->serializer->unserialize($attribute->getData('additional_data'));
         if (isset($additionalData) && is_array($additionalData)) {
             foreach ($this->eavAttributeAdditionalDataKeys as $key) {
                 if (isset($additionalData[$key])) {

app/code/Magento/Swatches/Model/Plugin/EavAttribute.php

@@ -8,6 +8,8 @@
 use Magento\Catalog\Model\ResourceModel\Eav\Attribute;
 use Magento\Swatches\Model\Swatch;
 use Magento\Framework\Exception\InputException;
+use Magento\Framework\Serialize\Serializer\Json;
+use Magento\Framework\App\ObjectManager;
 
 /**
  * Plugin model for Catalog Resource Attribute
@@ -50,19 +52,29 @@ class EavAttribute
      */
     protected $isSwatchExists;
 
+    /**
+     * Serializer from arrays to string.
+     *
+     * @var Json
+     */
+    private $serializer;
+
     /**
      * @param \Magento\Swatches\Model\ResourceModel\Swatch\CollectionFactory $collectionFactory
      * @param \Magento\Swatches\Model\SwatchFactory $swatchFactory
      * @param \Magento\Swatches\Helper\Data $swatchHelper
+     * @param Json|null $serializer
      */
     public function __construct(
         \Magento\Swatches\Model\ResourceModel\Swatch\CollectionFactory $collectionFactory,
         \Magento\Swatches\Model\SwatchFactory $swatchFactory,
-        \Magento\Swatches\Helper\Data $swatchHelper
+        \Magento\Swatches\Helper\Data $swatchHelper,
+        Json $serializer = null
     ) {
         $this->swatchCollectionFactory = $collectionFactory;
         $this->swatchFactory = $swatchFactory;
         $this->swatchHelper = $swatchHelper;
+        $this->serializer = $serializer ?: ObjectManager::getInstance()->create(Json::class);
     }
 
     /**
@@ -135,10 +147,10 @@ protected function convertSwatchToDropdown(Attribute $attribute)
         if ($attribute->getData(Swatch::SWATCH_INPUT_TYPE_KEY) == Swatch::SWATCH_INPUT_TYPE_DROPDOWN) {
             $additionalData = $attribute->getData('additional_data');
             if (!empty($additionalData)) {
-                $additionalData = unserialize($additionalData);
+                $additionalData = $this->serializer->unserialize($additionalData);
                 if (is_array($additionalData) && isset($additionalData[Swatch::SWATCH_INPUT_TYPE_KEY])) {
                     unset($additionalData[Swatch::SWATCH_INPUT_TYPE_KEY]);
-                    $attribute->setData('additional_data', serialize($additionalData));
+                    $attribute->setData('additional_data', $this->serializer->serialize($additionalData));
                 }
             }
         }