Skip to content

Commit 1e31242

Browse files
author
Alexander Akimov
authored
Merge pull request #3354 from magento-tsg/2.1.16-develop-pr58
[TSG] Backporting for 2.1 (pr58) (2.1.16)
2 parents 2d9c1e6 + d1413d1 commit 1e31242

File tree

21 files changed

+868
-39
lines changed

21 files changed

+868
-39
lines changed

app/code/Magento/AdminNotification/Block/Grid/Renderer/Actions.php

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@
1010

1111
namespace Magento\AdminNotification\Block\Grid\Renderer;
1212

13+
/**
14+
* Renderer class for action in the admin notifications grid
15+
*/
1316
class Actions extends \Magento\Backend\Block\Widget\Grid\Column\Renderer\AbstractRenderer
1417
{
1518
/**
@@ -39,9 +42,9 @@ public function __construct(
3942
*/
4043
public function render(\Magento\Framework\DataObject $row)
4144
{
42-
$readDetailsHtml = $row->getUrl() ? '<a class="action-details" target="_blank" href="' . $row->getUrl() . '">' . __(
43-
'Read Details'
44-
) . '</a> | ' : '';
45+
$readDetailsHtml = $row->getUrl() ? '<a class="action-details" target="_blank" href="' .
46+
$this->escapeUrl($row->getUrl()) . '">' .
47+
__('Read Details') . '</a> | ' : '';
4548

4649
$markAsReadHtml = !$row->getIsRead() ? '<a class="action-mark" href="' . $this->getUrl(
4750
'*/*/markAsRead/',

app/code/Magento/Braintree/Model/Adminhtml/System/Config/CountryCreditCard.php

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,11 +8,13 @@
88
use Magento\Framework\App\Cache\TypeListInterface;
99
use Magento\Framework\App\Config\ScopeConfigInterface;
1010
use Magento\Framework\App\Config\Value;
11+
use Magento\Framework\App\ObjectManager;
1112
use Magento\Framework\Data\Collection\AbstractDb;
1213
use Magento\Framework\Math\Random;
1314
use Magento\Framework\Model\Context;
1415
use Magento\Framework\Model\ResourceModel\AbstractResource;
1516
use Magento\Framework\Registry;
17+
use Magento\Framework\Unserialize\SecureUnserializer;
1618

1719
/**
1820
* Class CountryCreditCard
@@ -24,6 +26,11 @@ class CountryCreditCard extends Value
2426
*/
2527
protected $mathRandom;
2628

29+
/**
30+
* @var SecureUnserializer
31+
*/
32+
private $secureUnserializer;
33+
2734
/**
2835
* @param \Magento\Framework\Model\Context $context
2936
* @param \Magento\Framework\Registry $registry
@@ -33,6 +40,7 @@ class CountryCreditCard extends Value
3340
* @param \Magento\Framework\Model\ResourceModel\AbstractResource $resource
3441
* @param \Magento\Framework\Data\Collection\AbstractDb $resourceCollection
3542
* @param array $data
43+
* @param SecureUnserializer|null $secureUnserializer
3644
*/
3745
public function __construct(
3846
Context $context,
@@ -42,9 +50,11 @@ public function __construct(
4250
Random $mathRandom,
4351
AbstractResource $resource = null,
4452
AbstractDb $resourceCollection = null,
45-
array $data = []
53+
array $data = [],
54+
SecureUnserializer $secureUnserializer = null
4655
) {
4756
$this->mathRandom = $mathRandom;
57+
$this->secureUnserializer = $secureUnserializer ?: ObjectManager::getInstance()->get(SecureUnserializer::class);
4858
parent::__construct($context, $registry, $config, $cacheTypeList, $resource, $resourceCollection, $data);
4959
}
5060

@@ -58,7 +68,7 @@ public function beforeSave()
5868
$value = $this->getValue();
5969
if (!is_array($value)) {
6070
try {
61-
$value = unserialize($value);
71+
$value = $this->secureUnserializer->unserialize($value);
6272
} catch (\InvalidArgumentException $e) {
6373
$value = [];
6474
}

app/code/Magento/Widget/Block/Adminhtml/Widget.php

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
class Widget extends \Magento\Backend\Block\Widget\Form\Container
1717
{
1818
/**
19-
* @return void
19+
* @inheritdoc
2020
*/
2121
protected function _construct()
2222
{
@@ -36,12 +36,16 @@ protected function _construct()
3636
$this->buttonList->update('save', 'region', 'footer');
3737
$this->buttonList->update('save', 'data_attribute', []);
3838

39-
$this->_formScripts[] = 'require(["mage/adminhtml/wysiwyg/widget"], function(){wWidget = new WysiwygWidget.Widget(' .
40-
'"widget_options_form", "select_widget_type", "widget_options", "' .
41-
$this->getUrl(
42-
'adminhtml/*/loadOptions'
43-
) . '", "' . $this->getRequest()->getParam(
44-
'widget_target_id'
45-
) . '");});';
39+
$this->_formScripts[] = <<<EOJS
40+
require(['mage/adminhtml/wysiwyg/widget'], function() {
41+
wWidget = new WysiwygWidget.Widget(
42+
'widget_options_form',
43+
'select_widget_type',
44+
'widget_options',
45+
'{$this->getUrl('adminhtml/*/loadOptions')}',
46+
'{$this->_escaper->escapeJs((string)$this->getRequest()->getParam('widget_target_id'))}'
47+
);
48+
});
49+
EOJS;
4650
}
4751
}

dev/tests/integration/testsuite/Magento/CatalogImportExport/Model/Import/UploaderTest.php

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ protected function setUp()
4646
$mediaPath = $appParams[DirectoryList::MEDIA][DirectoryList::PATH];
4747
$this->directory = $filesystem->getDirectoryWrite(DirectoryList::ROOT);
4848
$tmpDir = $this->directory->getRelativePath($mediaPath . '/import');
49+
$this->directory->create($tmpDir);
4950
$this->uploader->setTmpDir($tmpDir);
5051

5152
parent::setUp();
@@ -79,4 +80,16 @@ public function testMoveWithInvalidFile()
7980

8081
$this->assertFalse($this->directory->isExist($this->uploader->getTmpDir() . '/' . $fileName));
8182
}
83+
84+
/**
85+
* @inheritdoc
86+
*/
87+
public static function tearDownAfterClass()
88+
{
89+
$filesystem = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()
90+
->get(\Magento\Framework\Filesystem::class);
91+
/** @var \Magento\Framework\Filesystem\Directory\WriteInterface $directory */
92+
$directory = $filesystem->getDirectoryWrite(DirectoryList::MEDIA);
93+
$directory->delete('import');
94+
}
8295
}

dev/tests/integration/testsuite/Magento/Framework/App/Filesystem/DirectoryResolverTest.php

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66

77
namespace Magento\Framework\App\Filesystem;
88

9+
use Magento\Framework\App\Filesystem\DirectoryList;
910
use Magento\TestFramework\Helper\Bootstrap;
1011

1112
/**
@@ -24,9 +25,9 @@ class DirectoryResolverTest extends \PHPUnit_Framework_TestCase
2425
private $directoryResolver;
2526

2627
/**
27-
* @var \Magento\Framework\Filesystem\Directory\WriteInterface
28+
* @var \Magento\Framework\Filesystem
2829
*/
29-
private $directory;
30+
private $filesystem;
3031

3132
/**
3233
* @inheritdoc
@@ -36,9 +37,7 @@ protected function setUp()
3637
$this->objectManager = Bootstrap::getObjectManager();
3738
$this->directoryResolver = $this->objectManager
3839
->create(\Magento\Framework\App\Filesystem\DirectoryResolver::class);
39-
/** @var \Magento\Framework\Filesystem $filesystem */
40-
$filesystem = $this->objectManager->create(\Magento\Framework\Filesystem::class);
41-
$this->directory = $filesystem->getDirectoryWrite(\Magento\Framework\App\Filesystem\DirectoryList::MEDIA);
40+
$this->filesystem = $this->objectManager->create(\Magento\Framework\Filesystem::class);
4241
}
4342

4443
/**
@@ -47,10 +46,12 @@ protected function setUp()
4746
* @param bool $expectation
4847
* @dataProvider validatePathDataProvider
4948
* @magentoAppIsolation enabled
49+
* @return void
5050
*/
5151
public function testValidatePath($path, $directoryConfig, $expectation)
5252
{
53-
$path = $this->directory->getAbsolutePath($path);
53+
$directory = $this->filesystem->getDirectoryWrite(DirectoryList::MEDIA);
54+
$path = $directory->getAbsolutePath() .'/' .$path;
5455
$this->assertEquals($expectation, $this->directoryResolver->validatePath($path, $directoryConfig));
5556
}
5657

@@ -60,7 +61,8 @@ public function testValidatePath($path, $directoryConfig, $expectation)
6061
*/
6162
public function testValidatePathWithException()
6263
{
63-
$path = $this->directory->getAbsolutePath();
64+
$directory = $this->filesystem->getDirectoryWrite(DirectoryList::MEDIA);
65+
$path = $directory->getAbsolutePath();
6466
$this->directoryResolver->validatePath($path, 'wrong_dir');
6567
}
6668

@@ -76,7 +78,7 @@ public function validatePathDataProvider()
7678
true,
7779
],
7880
[
79-
'/../../pub/',
81+
'/../../pub/',
8082
DirectoryList::MEDIA,
8183
false,
8284
],

0 commit comments

Comments
 (0)