Merge remote-tracking branch 'mainline/2.3-develop' into MAGETWO-99402

Author: adifucan

app/code/Magento/AdminNotification/view/adminhtml/layout/adminhtml_notification_block.xml

@@ -11,7 +11,7 @@
             <block class="Magento\Backend\Block\Widget\Grid" name="adminhtml.notification.container.grid" as="grid">
                 <arguments>
                     <argument name="id" xsi:type="string">notificationGrid</argument>
-                    <argument name="dataSource" xsi:type="object">Magento\AdminNotification\Model\ResourceModel\Grid\Collection</argument>
+                    <argument name="dataSource" xsi:type="object" shared="false">Magento\AdminNotification\Model\ResourceModel\Grid\Collection</argument>
                     <argument name="default_dir" xsi:type="string">DESC</argument>
                     <argument name="default_sort" xsi:type="string">date_added</argument>
                     <argument name="save_parameters_in_session" xsi:type="string">1</argument>

app/code/Magento/AdvancedSearch/view/adminhtml/layout/catalog_search_block.xml

@@ -11,7 +11,7 @@
             <block class="Magento\AdvancedSearch\Block\Adminhtml\Search\Grid" name="search.edit.grid" as="grid">
                 <arguments>
                     <argument name="id" xsi:type="string">catalog_search_grid</argument>
-                    <argument name="dataSource" xsi:type="object">Magento\AdvancedSearch\Model\ResourceModel\Search\Grid\Collection</argument>
+                    <argument name="dataSource" xsi:type="object" shared="false">Magento\AdvancedSearch\Model\ResourceModel\Search\Grid\Collection</argument>
                     <argument name="default_sort" xsi:type="string">name</argument>
                     <argument name="default_dir" xsi:type="string">ASC</argument>
                     <argument name="save_parameters_in_session" xsi:type="string">1</argument>

app/code/Magento/Authorization/Model/Role.php

@@ -51,19 +51,29 @@ public function __construct(
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritDoc
+     *
+     * @SuppressWarnings(PHPMD.SerializationAware)
+     * @deprecated Do not use PHP serialization.
      */
     public function __sleep()
     {
+        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
+
         $properties = parent::__sleep();
         return array_diff($properties, ['_resource', '_resourceCollection']);
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritDoc
+     *
+     * @SuppressWarnings(PHPMD.SerializationAware)
+     * @deprecated Do not use PHP serialization.
      */
     public function __wakeup()
     {
+        trigger_error('Using PHP serialization is deprecated', E_USER_DEPRECATED);
+
         parent::__wakeup();
         $objectManager = \Magento\Framework\App\ObjectManager::getInstance();
         $this->_resource = $objectManager->get(\Magento\Authorization\Model\ResourceModel\Role::class);

app/code/Magento/AuthorizenetAcceptjs/Gateway/Validator/TransactionResponseValidator.php

@@ -54,15 +54,15 @@ public function validate(array $validationSubject): ResultInterface
             if (isset($transactionResponse['messages']['message']['code'])) {
                 $errorCodes[] = $transactionResponse['messages']['message']['code'];
                 $errorMessages[] = $transactionResponse['messages']['message']['text'];
-            } elseif ($transactionResponse['messages']['message']) {
+            } elseif (isset($transactionResponse['messages']['message'])) {
                 foreach ($transactionResponse['messages']['message'] as $message) {
                     $errorCodes[] = $message['code'];
                     $errorMessages[] = $message['description'];
                 }
             } elseif (isset($transactionResponse['errors'])) {
                 foreach ($transactionResponse['errors'] as $message) {
                     $errorCodes[] = $message['errorCode'];
-                    $errorMessages[] = $message['errorCode'];
+                    $errorMessages[] = $message['errorText'];
                 }
             }
 
@@ -85,8 +85,10 @@ private function isResponseCodeAnError(array $transactionResponse): bool
             ?? $transactionResponse['errors'][0]['errorCode']
             ?? null;
 
-        return in_array($transactionResponse['responseCode'], [self::RESPONSE_CODE_APPROVED, self::RESPONSE_CODE_HELD])
-            && $code
+        return !in_array($transactionResponse['responseCode'], [
+                self::RESPONSE_CODE_APPROVED, self::RESPONSE_CODE_HELD
+            ])
+            || $code
             && !in_array(
                 $code,
                 [

app/code/Magento/AuthorizenetAcceptjs/Test/Unit/Gateway/Validator/TransactionResponseValidatorTest.php

@@ -15,13 +15,18 @@
 use PHPUnit\Framework\MockObject\MockObject;
 use PHPUnit\Framework\TestCase;
 
+/**
+ * Tests for the transaction response validator
+ */
 class TransactionResponseValidatorTest extends TestCase
 {
     private const RESPONSE_CODE_APPROVED = 1;
     private const RESPONSE_CODE_HELD = 4;
+    private const RESPONSE_CODE_DENIED = 2;
     private const RESPONSE_REASON_CODE_APPROVED = 1;
     private const RESPONSE_REASON_CODE_PENDING_REVIEW_AUTHORIZED = 252;
     private const RESPONSE_REASON_CODE_PENDING_REVIEW = 253;
+    private const ERROR_CODE_AVS_MISMATCH = 27;
 
     /**
      * @var ResultInterfaceFactory|MockObject
@@ -86,16 +91,6 @@ public function testValidateScenarios($transactionResponse, $isValid, $errorCode
     public function scenarioProvider()
     {
         return [
-            // This validator only cares about successful edge cases so test for default behavior
-            [
-                [
-                    'responseCode' => 'foo',
-                ],
-                true,
-                [],
-                []
-            ],
-
             // Test for acceptable reason codes
             [
                 [
@@ -208,6 +203,29 @@ public function scenarioProvider()
                 ['foo'],
                 ['bar']
             ],
+            [
+                [
+                    'responseCode' => self::RESPONSE_CODE_DENIED,
+                    'errors' => [
+                        [
+                            'errorCode' => self::ERROR_CODE_AVS_MISMATCH,
+                            'errorText' => 'bar'
+                        ]
+                    ]
+                ],
+                false,
+                [self::ERROR_CODE_AVS_MISMATCH],
+                ['bar']
+            ],
+            // This validator only cares about successful edge cases so test for default behavior
+            [
+                [
+                    'responseCode' => 'foo',
+                ],
+                false,
+                [],
+                []
+            ],
         ];
     }
 }

app/code/Magento/Backend/Model/Auth/Session.php

@@ -5,21 +5,25 @@
  */
 namespace Magento\Backend\Model\Auth;
 
+use Magento\Framework\Acl;
+use Magento\Framework\AclFactory;
+use Magento\Framework\App\ObjectManager;
 use Magento\Framework\Stdlib\Cookie\CookieMetadataFactory;
 use Magento\Framework\Stdlib\CookieManagerInterface;
+use Magento\Backend\Spi\SessionUserHydratorInterface;
+use Magento\Backend\Spi\SessionAclHydratorInterface;
+use Magento\User\Model\User;
+use Magento\User\Model\UserFactory;
 
 /**
  * Backend Auth session model
  *
  * @api
- * @method \Magento\User\Model\User|null getUser()
- * @method \Magento\Backend\Model\Auth\Session setUser(\Magento\User\Model\User $value)
- * @method \Magento\Framework\Acl|null getAcl()
- * @method \Magento\Backend\Model\Auth\Session setAcl(\Magento\Framework\Acl $value)
  * @method int getUpdatedAt()
  * @method \Magento\Backend\Model\Auth\Session setUpdatedAt(int $value)
  *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
+ * @SuppressWarnings(PHPMD.CookieAndSessionMisuse)
  * @todo implement solution that keeps is_first_visit flag in session during redirects
  * @api
  * @since 100.0.2
@@ -55,6 +59,36 @@ class Session extends \Magento\Framework\Session\SessionManager implements \Mage
      */
     protected $_config;
 
+    /**
+     * @var SessionUserHydratorInterface
+     */
+    private $userHydrator;
+
+    /**
+     * @var SessionAclHydratorInterface
+     */
+    private $aclHydrator;
+
+    /**
+     * @var UserFactory
+     */
+    private $userFactory;
+
+    /**
+     * @var AclFactory
+     */
+    private $aclFactory;
+
+    /**
+     * @var User|null
+     */
+    private $user;
+
+    /**
+     * @var Acl|null
+     */
+    private $acl;
+
     /**
      * @param \Magento\Framework\App\Request\Http $request
      * @param \Magento\Framework\Session\SidResolverInterface $sidResolver
@@ -69,6 +103,10 @@ class Session extends \Magento\Framework\Session\SessionManager implements \Mage
      * @param \Magento\Backend\Model\UrlInterface $backendUrl
      * @param \Magento\Backend\App\ConfigInterface $config
      * @throws \Magento\Framework\Exception\SessionException
+     * @param SessionUserHydratorInterface|null $userHydrator
+     * @param SessionAclHydratorInterface|null $aclHydrator
+     * @param UserFactory|null $userFactory
+     * @param AclFactory|null $aclFactory
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -83,11 +121,19 @@ public function __construct(
         \Magento\Framework\App\State $appState,
         \Magento\Framework\Acl\Builder $aclBuilder,
         \Magento\Backend\Model\UrlInterface $backendUrl,
-        \Magento\Backend\App\ConfigInterface $config
+        \Magento\Backend\App\ConfigInterface $config,
+        ?SessionUserHydratorInterface $userHydrator = null,
+        ?SessionAclHydratorInterface $aclHydrator = null,
+        ?UserFactory $userFactory = null,
+        ?AclFactory $aclFactory = null
     ) {
         $this->_config = $config;
         $this->_aclBuilder = $aclBuilder;
         $this->_backendUrl = $backendUrl;
+        $this->userHydrator = $userHydrator ?? ObjectManager::getInstance()->get(SessionUserHydratorInterface::class);
+        $this->aclHydrator = $aclHydrator ?? ObjectManager::getInstance()->get(SessionAclHydratorInterface::class);
+        $this->userFactory = $userFactory ?? ObjectManager::getInstance()->get(UserFactory::class);
+        $this->aclFactory = $aclFactory ?? ObjectManager::getInstance()->get(AclFactory::class);
         parent::__construct(
             $request,
             $sidResolver,
@@ -230,6 +276,16 @@ public function processLogin()
         return $this;
     }
 
+    /**
+     * @inheritDoc
+     */
+    public function destroy(array $options = null)
+    {
+        $this->user = null;
+        $this->acl = null;
+        parent::destroy($options);
+    }
+
     /**
      * Process of configuring of current auth storage when logout was performed
      *
@@ -253,4 +309,136 @@ public function isValidForPath($path)
     {
         return true;
     }
+
+    /**
+     * Logged-in user.
+     *
+     * @return User|null
+     */
+    public function getUser()
+    {
+        if (!$this->user) {
+            $userData = $this->getUserData();
+            if ($userData) {
+                /** @var User $user */
+                $user = $this->userFactory->create();
+                $this->userHydrator->hydrate($user, $userData);
+                $this->user = $user;
+            }
+        }
+
+        return $this->user;
+    }
+
+    /**
+     * Set logged-in user instance.
+     *
+     * @param User|null $user
+     * @return Session
+     */
+    public function setUser($user)
+    {
+        $this->setUserData(null);
+        if ($user) {
+            $this->setUserData($this->userHydrator->extract($user));
+        }
+        $this->user = $user;
+
+        return $this;
+    }
+
+    /**
+     * Is user logged in?
+     *
+     * @return bool
+     */
+    public function hasUser()
+    {
+        return $this->user || $this->hasUserData();
+    }
+
+    /**
+     * Remove logged-in user.
+     *
+     * @return Session
+     */
+    public function unsUser()
+    {
+        $this->user = null;
+        return $this->unsUserData();
+    }
+
+    /**
+     * Logged-in user's ACL data.
+     *
+     * @return Acl|null
+     */
+    public function getAcl()
+    {
+        if (!$this->acl) {
+            $aclData = $this->getUserAclData();
+            if ($aclData) {
+                /** @var Acl $acl */
+                $acl = $this->aclFactory->create();
+                $this->aclHydrator->hydrate($acl, $aclData);
+                $this->acl = $acl;
+            }
+        }
+
+        return $this->acl;
+    }
+
+    /**
+     * Set logged-in user's ACL data instance.
+     *
+     * @param Acl|null $acl
+     * @return Session
+     */
+    public function setAcl($acl)
+    {
+        $this->setUserAclData(null);
+        if ($acl) {
+            $this->setUserAclData($this->aclHydrator->extract($acl));
+        }
+        $this->acl = $acl;
+
+        return $this;
+    }
+
+    /**
+     * Whether ACL data is present.
+     *
+     * @return bool
+     */
+    public function hasAcl()
+    {
+        return $this->acl || $this->hasUserAclData();
+    }
+
+    /**
+     * Remove ACL data.
+     *
+     * @return Session
+     */
+    public function unsAcl()
+    {
+        $this->acl = null;
+        return $this->unsUserAclData();
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function writeClose()
+    {
+        //Updating data in session in case these objects has been changed.
+        if ($this->user) {
+            $this->setUser($this->user);
+        }
+        if ($this->acl) {
+            $this->setAcl($this->acl);
+        }
+
+        parent::writeClose();
+    }
 }