Merge remote-tracking branch 'origin/develop' into PR2

Author: Ihor Melnychenko

app/code/Magento/Catalog/Controller/Adminhtml/Product/Save.php

@@ -124,7 +124,7 @@ public function execute()
                 }
                 $this->_eventManager->dispatch(
                     'controller_action_catalog_product_save_entity_after',
-                    ['controller' => $this]
+                    ['controller' => $this, 'product' => $product]
                 );
 
                 if ($redirectBack === 'duplicate') {

app/code/Magento/EncryptionKey/Model/ResourceModel/Key/Change.php

@@ -44,12 +44,20 @@ class Change extends \Magento\Framework\Model\ResourceModel\Db\AbstractDb
      */
     protected $writer;
 
+    /**
+     * Random
+     *
+     * @var \Magento\Framework\Math\Random
+     */
+    protected $random;
+
     /**
      * @param \Magento\Framework\Model\ResourceModel\Db\Context $context
      * @param \Magento\Framework\Filesystem $filesystem
      * @param \Magento\Config\Model\Config\Structure $structure
      * @param \Magento\Framework\Encryption\EncryptorInterface $encryptor
      * @param \Magento\Framework\App\DeploymentConfig\Writer $writer
+     * @param \Magento\Framework\Math\Random $random
      * @param string $connectionName
      */
     public function __construct(
@@ -58,13 +66,15 @@ public function __construct(
         \Magento\Config\Model\Config\Structure $structure,
         \Magento\Framework\Encryption\EncryptorInterface $encryptor,
         \Magento\Framework\App\DeploymentConfig\Writer $writer,
+        \Magento\Framework\Math\Random $random,
         $connectionName = null
     ) {
         $this->encryptor = clone $encryptor;
         parent::__construct($context, $connectionName);
         $this->directory = $filesystem->getDirectoryWrite(DirectoryList::CONFIG);
         $this->structure = $structure;
         $this->writer = $writer;
+        $this->random = $random;
     }
 
     /**
@@ -92,7 +102,7 @@ public function changeEncryptionKey($key = null)
         }
 
         if (null === $key) {
-            $key = md5(time());
+            $key = md5($this->random->getRandomString(ConfigOptionsListConstants::STORE_KEY_RANDOM_STRING_SIZE));
         }
         $this->encryptor->setNewKey($key);
 

app/code/Magento/EncryptionKey/Test/Unit/Model/ResourceModel/Key/ChangeTest.php

@@ -29,6 +29,8 @@ class ChangeTest extends \PHPUnit_Framework_TestCase
     protected $tansactionMock;
     /** @var |\PHPUnit_Framework_MockObject_MockObject */
     protected $objRelationMock;
+    /** @var \Magento\Framework\Math\Random|\PHPUnit_Framework_MockObject_MockObject */
+    protected $randomMock;
     /** @var \Magento\EncryptionKey\Model\ResourceModel\Key\Change */
     protected $model;
 
@@ -72,6 +74,7 @@ public function setUp()
             ->disableOriginalConstructor()
             ->setMethods([])
             ->getMock();
+        $this->randomMock = $this->getMock('Magento\Framework\Math\Random', [], [], '', false);
 
         $helper = new \Magento\Framework\TestFramework\Unit\Helper\ObjectManager($this);
 
@@ -85,20 +88,20 @@ public function setUp()
                 'adapterInterface' => $this->adapterMock,
                 'resource' => $this->resourceMock,
                 'transactionManager' => $this->tansactionMock,
-                'relationProcessor' => $this->objRelationMock
+                'relationProcessor' => $this->objRelationMock,
+                'random' => $this->randomMock
             ]
         );
     }
 
-    public function testChangeEncryptionKey()
+    private function setUpChangeEncryptionKey()
     {
         $paths = ['path1', 'path2'];
         $table = ['item1', 'item2'];
         $values = [
             'key1' => 'value1',
             'key2' => 'value2'
         ];
-        $key = 'key';
 
         $this->writerMock->expects($this->once())->method('checkIfWritable')->willReturn(true);
         $this->resourceMock->expects($this->atLeastOnce())->method('getConnection')->willReturn($this->adapterMock);
@@ -112,10 +115,23 @@ public function testChangeEncryptionKey()
         $this->selectMock->expects($this->any())->method('update')->willReturnSelf();
         $this->writerMock->expects($this->once())->method('saveConfig');
         $this->adapterMock->expects($this->once())->method('getTransactionLevel')->willReturn(1);
+    }
 
+    public function testChangeEncryptionKey()
+    {
+        $this->setUpChangeEncryptionKey();
+        $this->randomMock->expects($this->never())->method('getRandomString');
+        $key = 'key';
         $this->assertEquals($key, $this->model->changeEncryptionKey($key));
     }
 
+    public function testChangeEncryptionKeyAutogenerate()
+    {
+        $this->setUpChangeEncryptionKey();
+        $this->randomMock->expects($this->once())->method('getRandomString')->willReturn('abc');
+        $this->assertEquals(md5('abc'), $this->model->changeEncryptionKey());
+    }
+
     public function testChangeEncryptionKeyThrowsException()
     {
         $key = 'key';
@@ -127,6 +143,6 @@ public function testChangeEncryptionKeyThrowsException()
             return;
         }
 
-        $this->fail('An excpected exception was not signaled.');
+        $this->fail('An expected exception was not signaled.');
     }
 }

app/code/Magento/Paypal/Block/Iframe.php

@@ -89,10 +89,10 @@ public function __construct(
         $this->_hssHelper = $hssHelper;
         $this->_orderFactory = $orderFactory;
         $this->_checkoutSession = $checkoutSession;
-        parent::__construct($context, $data);
         $this->_isScopePrivate = true;
         $this->readFactory = $readFactory;
         $this->reader = $reader;
+        parent::__construct($context, $data);
     }
 
     /**

app/code/Magento/Paypal/Controller/Payflow.php

@@ -73,6 +73,8 @@ public function __construct(
      */
     protected function _cancelPayment($errorMsg = '')
     {
+        $errorMsg = trim(strip_tags($errorMsg));
+
         $gotoSection = false;
         $this->_checkoutHelper->cancelCurrentOrder($errorMsg);
         if ($this->_checkoutSession->restoreQuote()) {

app/code/Magento/Paypal/Controller/Payflow/ReturnUrl.php

@@ -7,6 +7,7 @@
 namespace Magento\Paypal\Controller\Payflow;
 
 use Magento\Paypal\Controller\Payflow;
+use Magento\Paypal\Model\Config;
 use Magento\Sales\Model\Order;
 
 class ReturnUrl extends Payflow
@@ -19,6 +20,15 @@ class ReturnUrl extends Payflow
         Order::STATE_COMPLETE,
     ];
 
+    /**
+     * Payment method code
+     * @var string
+     */
+    protected $allowedPaymentMethodCodes = [
+        Config::METHOD_PAYFLOWPRO,
+        Config::METHOD_PAYFLOWLINK
+    ];
+
     /**
      * When a customer return to website from payflow gateway.
      *
@@ -35,16 +45,44 @@ public function execute()
             $order = $this->_orderFactory->create()->loadByIncrementId($this->_checkoutSession->getLastRealOrderId());
 
             if ($order->getIncrementId()) {
-                if (in_array($order->getState(), $this->allowedOrderStates)) {
+                if ($this->checkOrderState($order)) {
                     $redirectBlock->setData('goto_success_page', true);
                 } else {
-                    $gotoSection = $this->_cancelPayment(strval($this->getRequest()->getParam('RESPMSG')));
-                    $redirectBlock->setData('goto_section', $gotoSection);
-                    $redirectBlock->setData('error_msg', __('Your payment has been declined. Please try again.'));
+                    if ($this->checkPaymentMethod($order)) {
+                        $gotoSection = $this->_cancelPayment(strval($this->getRequest()->getParam('RESPMSG')));
+                        $redirectBlock->setData('goto_section', $gotoSection);
+                        $redirectBlock->setData('error_msg', __('Your payment has been declined. Please try again.'));
+                    } else {
+                        $redirectBlock->setData('goto_section', false);
+                        $redirectBlock->setData('error_msg', __('Requested payment method does not match with order.'));
+                    }
                 }
             }
         }
 
         $this->_view->renderLayout();
     }
+
+    /**
+     * Check order state
+     *
+     * @param Order $order
+     * @return bool
+     */
+    protected function checkOrderState(Order $order)
+    {
+        return in_array($order->getState(), $this->allowedOrderStates);
+    }
+
+    /**
+     * Check requested payment method
+     *
+     * @param Order $order
+     * @return bool
+     */
+    protected function checkPaymentMethod(Order $order)
+    {
+        $payment = $order->getPayment();
+        return in_array($payment->getMethod(), $this->allowedPaymentMethodCodes);
+    }
 }

app/code/Magento/Paypal/Controller/Payflowadvanced/ReturnUrl.php

@@ -6,11 +6,21 @@
  */
 namespace Magento\Paypal\Controller\Payflowadvanced;
 
+use Magento\Paypal\Model\Config;
+
 class ReturnUrl extends \Magento\Paypal\Controller\Payflow\ReturnUrl
 {
     /**
      * Redirect block name
      * @var string
      */
     protected $_redirectBlockName = 'payflow.advanced.iframe';
+
+    /**
+     * Payment method code
+     * @var string
+     */
+    protected $allowedPaymentMethodCodes = [
+        Config::METHOD_PAYFLOWADVANCED
+    ];
 }