Merge pull request #5633 from magento-borg/MC-22963

[CIA] Identify and Refactor GET requests which modify data

Author: dvoskoboinikov

app/code/Magento/Multishipping/Controller/Checkout/RemoveItem.php

@@ -6,7 +6,14 @@
  */
 namespace Magento\Multishipping\Controller\Checkout;
 
-class RemoveItem extends \Magento\Multishipping\Controller\Checkout
+use Magento\Framework\App\Action\HttpPostActionInterface;
+
+/**
+ * Class RemoveItem
+ *
+ * Removes multishipping items
+ */
+class RemoveItem extends \Magento\Multishipping\Controller\Checkout implements HttpPostActionInterface
 {
     /**
      * Multishipping checkout remove item action

app/code/Magento/Multishipping/view/frontend/templates/checkout/addresses.phtml

@@ -4,8 +4,8 @@
  * See COPYING.txt for license details.
  */
 
-// phpcs:disable Magento2.Files.LineLength
-
+// phpcs:disable Generic.Files.LineLength
+// phpcs:disable Magento2.Templates.ThisInTemplate.FoundHelper
 ?>
 <?php
 /**
@@ -43,8 +43,8 @@
             </tr>
             </thead>
             <tbody>
-            <?php foreach ($block->getItems() as $_index => $_item) : ?>
-                <?php if ($_item->getQuoteItem()) : ?>
+            <?php foreach ($block->getItems() as $_index => $_item): ?>
+                <?php if ($_item->getQuoteItem()): ?>
                     <tr>
                         <td class="col product" data-th="<?= $block->escapeHtml(__('Product')) ?>">
                             <?= $block->getItemHtml($_item->getQuoteItem()) ?>
@@ -69,11 +69,11 @@
                             </div>
                         </td>
                         <td class="col address" data-th="<?= $block->escapeHtml(__('Send To')) ?>">
-                            <?php if ($_item->getProduct()->getIsVirtual()) : ?>
+                            <?php if ($_item->getProduct()->getIsVirtual()): ?>
                                 <div class="applicable">
                                     <?= $block->escapeHtml(__('A shipping selection is not applicable.')) ?>
                                 </div>
-                            <?php else : ?>
+                            <?php else: ?>
                                 <div class="field address">
                                     <label for="ship_<?= $block->escapeHtml($_index) ?>_<?= $block->escapeHtml($_item->getQuoteItemId()) ?>_address"
                                            class="label">
@@ -86,8 +86,12 @@
                             <?php endif; ?>
                         </td>
                         <td class="col actions" data-th="<?= $block->escapeHtml(__('Actions')) ?>">
-                            <a href="<?= $block->escapeUrl($block->getItemDeleteUrl($_item)) ?>"
+                            <a href="#"
                                title="<?= $block->escapeHtml(__('Remove Item')) ?>"
+                               data-post='<?= /* @noEscape */
+                                $this->helper(\Magento\Framework\Data\Helper\PostHelper::class)
+                                   ->getPostData($block->getItemDeleteUrl($_item))
+                                ?>'
                                class="action delete"
                                data-multiship-item-remove="">
                                 <span><?= $block->escapeHtml(__('Remove item')) ?></span>
@@ -106,7 +110,7 @@
                     class="action primary continue<?= $block->isContinueDisabled() ? ' disabled' : '' ?>"
                     data-role="can-continue"
                     data-flag="1"
-                <?php if ($block->isContinueDisabled()) : ?>
+                <?php if ($block->isContinueDisabled()): ?>
                     disabled="disabled"
                 <?php endif; ?>>
                 <span><?= $block->escapeHtml(__('Go to Shipping Information')) ?></span>

app/code/Magento/Search/Block/Adminhtml/Synonyms/Edit/DeleteButton.php

@@ -8,11 +8,13 @@
 use Magento\Framework\View\Element\UiComponent\Control\ButtonProviderInterface;
 
 /**
- * Class DeleteButton
+ * Delete Synonyms Group Button Class
  */
 class DeleteButton extends GenericButton implements ButtonProviderInterface
 {
     /**
+     * Delete Button Data
+     *
      * @return array
      */
     public function getButtonData()
@@ -24,14 +26,16 @@ public function getButtonData()
                 'class' => 'delete',
                 'on_click' => 'deleteConfirm(\''
                     . __('Are you sure you want to delete this synonym group?')
-                    . '\', \'' . $this->getDeleteUrl() . '\')',
+                    . '\', \'' . $this->getDeleteUrl() . '\', {data: {}})',
                 'sort_order' => 20,
             ];
         }
         return $data;
     }
 
     /**
+     * Delete Url
+     *
      * @return string
      */
     public function getDeleteUrl()

app/code/Magento/Search/Controller/Adminhtml/Synonyms/Delete.php

@@ -6,10 +6,12 @@
 
 namespace Magento\Search\Controller\Adminhtml\Synonyms;
 
+use Magento\Framework\App\Action\HttpPostActionInterface;
+
 /**
  * Delete Controller
  */
-class Delete extends \Magento\Backend\App\Action
+class Delete extends \Magento\Backend\App\Action implements HttpPostActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Search/Test/Unit/Ui/Component/Listing/Column/SynonymActionsTest.php

@@ -112,6 +112,7 @@ public function testPrepareDataSourceWithItems()
                                         self::STUB_SYNONYM_GROUP_ID
                                     )
                                 ],
+                                'post' => true
                             ],
                             'edit' => [
                                 'href' => sprintf(

app/code/Magento/Search/Ui/Component/Listing/Column/SynonymActions.php

@@ -64,6 +64,7 @@ public function prepareDataSource(array $dataSource)
                         'title' => __('Delete'),
                         'message' => __('Are you sure you want to delete synonym group with id: %1?', $item['group_id'])
                     ],
+                    'post' => true
                 ];
                 $item[$name]['edit'] = [
                     'href' => $this->urlBuilder->getUrl(self::SYNONYM_URL_PATH_EDIT, ['group_id' => $item['group_id']]),

app/code/Magento/Tax/Block/Adminhtml/Rate/Toolbar/Save.php

@@ -133,7 +133,7 @@ protected function _prepareLayout()
                     ) . '\', \'' . $this->getUrl(
                         'tax/*/delete',
                         ['rate' => $rate]
-                    ) . '\')',
+                    ) . '\', {data: {}})',
                     'class' => 'delete'
                 ]
             );

app/code/Magento/Tax/Controller/Adminhtml/Rate/Delete.php

@@ -8,8 +8,9 @@
 
 use Magento\Framework\Exception\NoSuchEntityException;
 use Magento\Framework\Controller\ResultFactory;
+use Magento\Framework\App\Action\HttpPostActionInterface;
 
-class Delete extends \Magento\Tax\Controller\Adminhtml\Rate
+class Delete extends \Magento\Tax\Controller\Adminhtml\Rate implements HttpPostActionInterface
 {
     /**
      * Delete Rate and Data

dev/tests/integration/testsuite/Magento/Search/Controller/Adminhtml/Synonyms/DeleteTest.php

@@ -0,0 +1,62 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Search\Controller\Adminhtml\Synonyms;
+
+use Magento\Framework\App\Request\Http as HttpRequest;
+use Magento\Search\Model\SynonymGroup;
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\TestFramework\TestCase\AbstractBackendController;
+use Magento\Search\Model\ResourceModel\SynonymGroup\Collection;
+
+/**
+ * Test for class \Magento\Search\Controller\Adminhtml\Synonyms\Delete
+ *
+ * @magentoAppArea adminhtml
+ */
+class DeleteTest extends AbstractBackendController
+{
+
+    /** Test Delete Synonyms
+     * @magentoAppIsolation enabled
+     * @magentoDbIsolation enabled
+     * @magentoDataFixture Magento/Search/_files/synonym_group.php
+     * @return void
+     */
+    public function testExecute(): void
+    {
+        $synonymGroupModel=$this->getTestFixture();
+        $this->getRequest()->setMethod(HttpRequest::METHOD_POST);
+        $this->getRequest()->setPostValue(['group_id' => $synonymGroupModel->getGroupId()]);
+        $this->dispatch('backend/search/synonyms/delete');
+        $this->assertSessionMessages($this->equalTo([(string)__('The synonym group has been deleted.')]));
+    }
+
+    /**
+     * Test execute with no params
+     *
+     * @return void
+     */
+    public function testExecuteNoId(): void
+    {
+        $this->getRequest()->setMethod(HttpRequest::METHOD_POST);
+        $this->dispatch('backend/search/synonyms/delete');
+        $this->assertSessionMessages($this->equalTo([(string)__('We can&#039;t find a synonym group to delete.')]));
+    }
+
+    /**
+     * Gets synonym group Fixture.
+     *
+     * @return SynonymGroup
+     */
+    private function getTestFixture(): SynonymGroup
+    {
+        /** @var Collection */
+        $synonymGroupCollection = Bootstrap::getObjectManager()->get(Collection::class);
+        return $synonymGroupCollection->getLastItem();
+    }
+}

dev/tests/integration/testsuite/Magento/Search/Model/ResourceModel/SynonymGroupTest.php

@@ -5,8 +5,16 @@
  */
 namespace Magento\Search\Model\ResourceModel;
 
+/**
+ * Test for class \Magento\Search\Model\ResourceModel\SynonymGroup
+ */
 class SynonymGroupTest extends \PHPUnit\Framework\TestCase
 {
+    /**
+     * Test Get By Scope
+     *
+     * @return void
+     */
     public function testGetByScope()
     {
         $objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager();
@@ -16,32 +24,36 @@ public function testGetByScope()
         $synonymGroupModel1->setStoreId(0);
         $synonymGroupModel1->setSynonymGroup('a,b,c');
         $synonymGroupModel1->save();
+        $group1 = $synonymGroupModel1->getGroupId();
         /** @var \Magento\Search\Model\SynonymGroup $synonymGroupModel2 */
         $synonymGroupModel2 = $objectManager->create(\Magento\Search\Model\SynonymGroup::class);
         $synonymGroupModel2->setWebsiteId(0);
         $synonymGroupModel2->setStoreId(1);
         $synonymGroupModel2->setSynonymGroup('d,e,f');
         $synonymGroupModel2->save();
+        $group2 = $synonymGroupModel2->getGroupId();
         /** @var \Magento\Search\Model\SynonymGroup $synonymGroupModel3 */
         $synonymGroupModel3 = $objectManager->create(\Magento\Search\Model\SynonymGroup::class);
         $synonymGroupModel3->setWebsiteId(1);
         $synonymGroupModel3->setStoreId(0);
         $synonymGroupModel3->setSynonymGroup('g,h,i');
         $synonymGroupModel3->save();
+        $group3 = $synonymGroupModel3->getGroupId();
         /** @var \Magento\Search\Model\SynonymGroup $synonymGroupModel4 */
         $synonymGroupModel4 = $objectManager->create(\Magento\Search\Model\SynonymGroup::class);
         $synonymGroupModel4->setWebsiteId(0);
         $synonymGroupModel4->setStoreId(0);
         $synonymGroupModel4->setSynonymGroup('d,e,f');
         $synonymGroupModel4->save();
+        $group4 = $synonymGroupModel4->getGroupId();
 
         /** @var \Magento\Search\Model\ResourceModel\SynonymGroup $resourceModel */
         $resourceModel = $objectManager->create(\Magento\Search\Model\ResourceModel\SynonymGroup::class);
         $this->assertEquals(
-            [['group_id' => 1, 'synonyms' => 'a,b,c'], ['group_id' => 4, 'synonyms' => 'd,e,f']],
+            [['group_id' => $group1, 'synonyms' => 'a,b,c'], ['group_id' => $group4, 'synonyms' => 'd,e,f']],
             $resourceModel->getByScope(0, 0)
         );
-        $this->assertEquals([['group_id' => 2, 'synonyms' => 'd,e,f']], $resourceModel->getByScope(0, 1));
-        $this->assertEquals([['group_id' => 3, 'synonyms' => 'g,h,i']], $resourceModel->getByScope(1, 0));
+        $this->assertEquals([['group_id' => $group2, 'synonyms' => 'd,e,f']], $resourceModel->getByScope(0, 1));
+        $this->assertEquals([['group_id' => $group3, 'synonyms' => 'g,h,i']], $resourceModel->getByScope(1, 0));
     }
 }