AC-10686: SRI enabled on payment pages.

Static fixes and added unit test.

Author: admanesachin

app/code/Magento/Csp/Model/SubresourceIntegrityCollector.php

@@ -20,7 +20,8 @@ class SubresourceIntegrityCollector
     /**
      * @param array $data
      */
-    public function __construct(array $data = []) {
+    public function __construct(array $data = [])
+    {
         $this->data = $data;
     }
 

app/code/Magento/Csp/Plugin/RemoveAllAssetIntegrityHashes.php

@@ -32,8 +32,7 @@ public function __construct(
     }
 
     /**
-     * Removes existing integrity hashes for all assets
-     * before static content deploy.
+     * Removes existing integrity hashes before static content deploy
      *
      * @param DeployStaticContent $subject
      * @param array $options

app/code/Magento/Csp/Plugin/StoreAssetIntegrityHashes.php

@@ -39,8 +39,7 @@ public function __construct(
     }
 
     /**
-     * Stores generated integrity hashes for all assets
-     * after static content deploy.
+     * Stores generated integrity hashes after static content deploy
      *
      * @param DeployStaticContent $subject
      * @param mixed $result

app/code/Magento/Csp/Test/Unit/Model/SubresourceIntegrityRepositoryTest.php

@@ -79,18 +79,50 @@ public function testSave(): void
         $data = new SubresourceIntegrity(
             [
                 'hash' => 'testhash',
-                'url' => 'http://magento.test'
+                'path' => 'js/jquery.js'
             ]
         );
 
-        $expected[$data->getUrl()] = [
-            'url' => $data->getUrl(),
-            'hash' => $data->getHash()
-        ];
+        $expected[$data->getPath()] = $data->getHash();
         $serialized = json_encode($expected);
         $this->cacheMock->expects($this->once())->method('load')->willReturn(false);
         $this->serializerMock->expects($this->once())->method('serialize')->with($expected)->willReturn($serialized);
         $this->cacheMock->expects($this->once())->method('save')->willReturn(true);
         $this->assertTrue($this->subresourceIntegrityRepository->save($data));
     }
+
+    /** Test that cache saves in bunch
+     *
+     *
+     * @return void
+     */
+    public function testSaveBunch(): void
+    {
+        $bunch1 = new SubresourceIntegrity(
+            [
+                'hash' => 'testhash',
+                'path' => 'js/jquery.js'
+            ]
+        );
+
+        $bunch2 = new SubresourceIntegrity(
+            [
+                'hash' => 'testhash2',
+                'path' => 'js/test.js'
+            ]
+        );
+
+        $bunches = [$bunch1, $bunch2];
+
+         $expected = [];
+
+         foreach($bunches as $bunch){
+             $expected[$bunch->getPath()] = $bunch->getHash();
+         }
+        $serializedBunch = json_encode($expected);
+        $this->cacheMock->expects($this->once())->method('load')->willReturn(false);
+        $this->serializerMock->expects($this->once())->method('serialize')->with($expected)->willReturn($serializedBunch);
+        $this->cacheMock->expects($this->once())->method('save')->willReturn(true);
+        $this->assertTrue($this->subresourceIntegrityRepository->saveBunch($bunches));
+    }
 }

app/code/Magento/Csp/Test/Unit/Plugin/AddDefaultPropertiesToGroupPluginTest.php

@@ -39,11 +39,6 @@ class AddDefaultPropertiesToGroupPluginTest extends TestCase
      */
     private MockObject $stateMock;
 
-    /**
-     * @var array $controllerActions
-     */
-    private array $controllerActions;
-
     /**
      * @var AddDefaultPropertiesToGroupPlugin
      */
@@ -63,7 +58,7 @@ protected function setUp(): void
             ->getMock();
         $this->assetInterfaceMock = $this->getMockBuilder(File::class)
             ->disableOriginalConstructor()
-            ->onlyMethods(['getUrl', 'getContentType'])
+            ->onlyMethods(['getPath'])
             ->getMockForAbstractClass();
         $this->stateMock = $this->getMockBuilder(State::class)
             ->disableOriginalConstructor()
@@ -84,29 +79,34 @@ public function testBeforeGetFilteredProperties(): void
     {
         $integrityRepositoryMock = $this->getMockBuilder(SubresourceIntegrityRepository::class)
             ->disableOriginalConstructor()
-            ->onlyMethods(['getByUrl'])
+            ->onlyMethods(['getByPath'])
             ->getMock();
         $groupedCollectionMock = $this->getMockBuilder(GroupedCollection::class)
             ->disableOriginalConstructor()
             ->getMock();
-        $url = 'https://magento.test/static/version1708401324/frontend/Magento/luma/en_US/jquery.js';
+        $path = 'jquery.js';
         $area = 'frontend';
 
         $data = new SubresourceIntegrity(
             [
                 'hash' => 'testhash',
-                'url' => $url
+                'path' => $path
             ]
         );
         $properties['attributes']['integrity'] = $data->getHash();
         $properties['attributes']['crossorigin'] = 'anonymous';
         $expected = [$this->assetInterfaceMock, $properties];
         $this->stateMock->expects($this->once())->method('getAreaCode')->willReturn($area);
-        $this->integrityRepositoryPoolMock->expects($this->once())->method('get')->with($area)->willReturn($integrityRepositoryMock);
-        $this->assetInterfaceMock->expects($this->once())->method('getUrl')->willReturn($url);
-        $integrityRepositoryMock->expects($this->once())->method('getByUrl')->with($url)->willReturn($data);
-        $this->assertEquals($expected,
-            $this->plugin->beforeGetFilteredProperties($groupedCollectionMock, $this->assetInterfaceMock
+        $this->integrityRepositoryPoolMock->expects($this->once())->method('get')->with($area)
+            ->willReturn(
+                $integrityRepositoryMock
+            );
+        $this->assetInterfaceMock->expects($this->once())->method('getPath')->willReturn($path);
+        $integrityRepositoryMock->expects($this->once())->method('getByPath')->with($path)->willReturn($data);
+        $this->assertEquals(
+            $expected,
+            $this->plugin->beforeGetFilteredProperties(
+                $groupedCollectionMock, $this->assetInterfaceMock
             )
         );
     }

app/code/Magento/Csp/Test/Unit/Plugin/StoreAssetIntegrityHashesTest.php

@@ -0,0 +1,98 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Csp\Test\Unit\Plugin;
+
+use Magento\Csp\Model\SubresourceIntegrity;
+use Magento\Csp\Model\SubresourceIntegrityRepository;
+use Magento\Csp\Model\SubresourceIntegrityRepositoryPool;
+use Magento\Deploy\Service\DeployStaticContent;
+use PHPUnit\Framework\MockObject\MockObject;
+use Magento\Csp\Plugin\StoreAssetIntegrityHashes;
+use Magento\Csp\Model\SubresourceIntegrityCollector;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Plugin that removes existing integrity hashes for all assets.
+ */
+class StoreAssetIntegrityHashesTest extends TestCase
+{
+    /**
+     * @var MockObject
+     */
+    private MockObject $integrityRepositoryPoolMock;
+
+    /**
+     * @var MockObject
+     */
+    private MockObject $integrityCollectorMock;
+
+    /**
+     * @var StoreAssetIntegrityHashes
+     */
+    private StoreAssetIntegrityHashes $plugin;
+
+    /**
+     * Initialize Dependencies
+     *
+     * @return void
+     */
+    protected function setUp(): void
+   {
+       parent::setUp();
+       $this->integrityRepositoryPoolMock = $this->getMockBuilder(SubresourceIntegrityRepositoryPool::class)
+           ->disableOriginalConstructor()
+           ->onlyMethods(['get'])
+           ->getMock();
+       $this->integrityCollectorMock = $this->getMockBuilder(SubresourceIntegrityCollector::class)
+           ->disableOriginalConstructor()
+           ->onlyMethods(['release'])
+           ->getMock();
+       $this->plugin = new StoreAssetIntegrityHashes(
+           $this->integrityCollectorMock,
+           $this->integrityRepositoryPoolMock,
+       );
+   }
+
+    /**
+     * Test After Deploy method of plugin
+     *
+     * @return void
+     * @doesNotPerformAssertions
+     */
+    public function testAfterDeploy(): void
+   {
+       $bunch1 = new SubresourceIntegrity(
+           [
+               'hash' => 'testhash',
+               'path' => 'adminhtml/js/jquery.js'
+           ]
+       );
+
+       $bunch2 = new SubresourceIntegrity(
+           [
+               'hash' => 'testhash2',
+               'path' => 'frontend/js/test.js'
+           ]
+       );
+
+       $bunches = [$bunch1, $bunch2];
+       $deployStaticContentMock = $this->getMockBuilder(DeployStaticContent::class)
+           ->disableOriginalConstructor()
+           ->getMock();
+       $subResourceIntegrityMock = $this->getMockBuilder(SubresourceIntegrityRepository::class)
+           ->disableOriginalConstructor()
+           ->onlyMethods(['saveBunch'])
+           ->getMock();
+       $this->integrityCollectorMock->expects($this->once())->method('release')->willReturn($bunches);
+       $this->integrityRepositoryPoolMock->expects($this->any())->method('get')->willReturn($subResourceIntegrityMock);
+       $subResourceIntegrityMock->expects($this->any())->method('saveBunch')->willReturn(true);
+       $this->plugin->afterDeploy($deployStaticContentMock, null, []);
+   }
+}
+
+

app/code/Magento/Csp/composer.json

@@ -8,7 +8,8 @@
         "php": "~8.1.0||~8.2.0||~8.3.0",
         "magento/framework": "*",
         "magento/module-store": "*",
-        "magento/module-require-js": "*"
+        "magento/module-require-js": "*",
+        "magento/module-deploy": "*"
     },
     "type": "magento2-module",
     "license": [

app/code/Magento/Csp/view/base/templates/sri/hashes.phtml

@@ -6,12 +6,15 @@
 
 /** @var \Magento\Csp\Block\Sri\Hashes $block */
 /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */
+//phpcs:ignore Magento2.GraphQL
 ?>
 
 <?php $sriHashes = /* @noEscape */ $block->getSerialized();
+//@codingStandardsIgnoreStart
 $scriptString = <<<script
         window.sriHashes = {$sriHashes};
 script;
+//@codingStandardsIgnoreStart
 ?>
 
 <?= /* @noEscape */ $secureRenderer->renderTag('script', [], $scriptString, false) ?>