Merge remote-tracking branch 'remotes/github/2.3-develop' into EPAM-PR-27

Author: VeronikaYarats

README.md

@@ -39,17 +39,17 @@ Magento is thankful for any contribution that can improve our code base, documen
     <img src="https://raw.githubusercontent.com/wiki/magento/magento2/images/contributors.png"/>
 </a>
 
-<h3>Labels applied by the Magento team</h3>
-We apply labels to public Pull Requests and Issues to help other participants retrieve additional information about current progress, component assignments, Magento release lines, and much more. 
-Please review the <a href="https://devdocs.magento.com/guides/v2.3/contributor-guide/contributing.html#labels">Code Contributions guide</a> for detailed information on labels used in Magento 2 repositories.
+### Labels applied by the Magento team
+We apply labels to public Pull Requests and Issues to help other participants retrieve additional information about current progress, component assignments, Magento release lines, and much more.
+Please review the [Code Contributions guide](https://devdocs.magento.com/guides/v2.3/contributor-guide/contributing.html#labels) for detailed information on labels used in Magento 2 repositories.
 
-<h2>Reporting security issues</h2>
+## Reporting security issues
 
-To report security vulnerabilities in Magento software or web sites, please create a Bugcrowd researcher account <a href="https://bugcrowd.com/magento">there</a> to submit and follow-up your issue. Learn more about reporting security issues <a href="https://magento.com/security/reporting-magento-security-issue">here</a>.
+To report security vulnerabilities in Magento software or web sites, please create a Bugcrowd researcher account [there](https://bugcrowd.com/magento) to submit and follow-up your issue. Learn more about reporting security issues [here](https://magento.com/security/reporting-magento-security-issue).
 
-Stay up-to-date on the latest security news and patches for Magento by signing up for <a href="https://magento.com/security/sign-up">Security Alert Notifications</a>.
+Stay up-to-date on the latest security news and patches for Magento by signing up for [Security Alert Notifications](https://magento.com/security/sign-up).
 
-<h2>License</h2>
+## License
 
 Each Magento source file included in this distribution is licensed under OSL 3.0 or the Magento Enterprise Edition (MEE) license.
 
@@ -59,3 +59,13 @@ Please see [LICENSE.txt](https://github.com/magento/magento2/blob/2.3-develop/LI
 Subject to Licensee's payment of fees and compliance with the terms and conditions of the MEE License, the MEE License supersedes the OSL 3.0 license for each source file.
 Please see LICENSE_EE.txt for the full text of the MEE License or visit https://magento.com/legal/terms/enterprise.
 
+## Community Engineering Slack
+
+To connect with Magento and the Community, join us on the [Magento Community Engineering Slack](https://magentocommeng.slack.com). If you are interested in joining Slack, or a specific channel, send us request at [engcom@adobe.com](mailto:engcom@adobe.com) or [self signup](https://tinyurl.com/engcom-slack).
+
+
+We have channels for each project. These channels are recommended for new members:
+
+- [general](https://magentocommeng.slack.com/messages/C4YS78WE6): Open chat for introductions and Magento 2 questions
+- [github](https://magentocommeng.slack.com/messages/C7KB93M32): Support for GitHub issues, pull requests, and processes
+- [public-backlog](https://magentocommeng.slack.com/messages/CCV3J3RV5): Discussions of the Magento 2 backlog

app/code/Magento/AdminNotification/Model/ResourceModel/Inbox.php

@@ -6,6 +6,8 @@
 namespace Magento\AdminNotification\Model\ResourceModel;
 
 /**
+ * Inbox resource model
+ *
  * @api
  * @since 100.0.2
  */
@@ -77,8 +79,7 @@ public function getNoticeStatus(\Magento\AdminNotification\Model\Inbox $object)
             'is_read=?',
             0
         );
-        $return = $connection->fetchPairs($select);
-        return $return;
+        return $connection->fetchPairs($select);
     }
 
     /**

app/code/Magento/Captcha/CustomerData/Captcha.php

@@ -0,0 +1,61 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Captcha\CustomerData;
+
+use Magento\Customer\CustomerData\SectionSourceInterface;
+
+/**
+ * Captcha section
+ */
+class Captcha extends \Magento\Framework\DataObject implements SectionSourceInterface
+{
+    /**
+     * @var array
+     */
+    private $formIds;
+
+    /**
+     * @var \Magento\Captcha\Helper\Data
+     */
+    private $helper;
+
+    /**
+     * @param \Magento\Captcha\Helper\Data $helper
+     * @param array $formIds
+     * @param array $data
+     * @codeCoverageIgnore
+     */
+    public function __construct(
+        \Magento\Captcha\Helper\Data $helper,
+        array $formIds,
+        array $data = []
+    ) {
+        parent::__construct($data);
+        $this->helper = $helper;
+        $this->formIds = $formIds;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function getSectionData() :array
+    {
+        $data = [];
+
+        foreach ($this->formIds as $formId) {
+            $captchaModel = $this->helper->getCaptcha($formId);
+            $data[$formId] = [
+                'isRequired' => $captchaModel->isRequired(),
+                'timestamp' => time()
+            ];
+        }
+
+        return $data;
+    }
+}

app/code/Magento/Captcha/Model/Checkout/ConfigProvider.php

@@ -5,6 +5,9 @@
  */
 namespace Magento\Captcha\Model\Checkout;
 
+/**
+ * Configuration provider for Captcha rendering.
+ */
 class ConfigProvider implements \Magento\Checkout\Model\ConfigProviderInterface
 {
     /**
@@ -38,7 +41,7 @@ public function __construct(
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritdoc
      */
     public function getConfig()
     {
@@ -49,7 +52,8 @@ public function getConfig()
                 'imageHeight' => $this->getImageHeight($formId),
                 'imageSrc' => $this->getImageSrc($formId),
                 'refreshUrl' => $this->getRefreshUrl(),
-                'isRequired' => $this->isRequired($formId)
+                'isRequired' => $this->isRequired($formId),
+                'timestamp' => time()
             ];
         }
         return $config;

app/code/Magento/Captcha/Model/Customer/Plugin/AjaxLogin.php

@@ -3,18 +3,15 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
-declare(strict_types=1);
 
 namespace Magento\Captcha\Model\Customer\Plugin;
 
 use Magento\Captcha\Helper\Data as CaptchaHelper;
-use Magento\Customer\Controller\Ajax\Login;
-use Magento\Framework\Controller\Result\Json;
-use Magento\Framework\Controller\Result\JsonFactory;
 use Magento\Framework\Session\SessionManagerInterface;
+use Magento\Framework\Controller\Result\JsonFactory;
 
 /**
- * The plugin for ajax login controller.
+ * Around plugin for login action.
  */
 class AjaxLogin
 {
@@ -67,14 +64,16 @@ public function __construct(
     }
 
     /**
-     * Validates captcha during request execution.
+     * Check captcha data on login action.
      *
-     * @param Login $subject
+     * @param \Magento\Customer\Controller\Ajax\Login $subject
      * @param \Closure $proceed
      * @return $this
+     * @SuppressWarnings(PHPMD.NPathComplexity)
+     * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      */
     public function aroundExecute(
-        Login $subject,
+        \Magento\Customer\Controller\Ajax\Login $subject,
         \Closure $proceed
     ) {
         $captchaFormIdField = 'captcha_form_id';
@@ -99,31 +98,28 @@ public function aroundExecute(
         foreach ($this->formIds as $formId) {
             if ($formId === $loginFormId) {
                 $captchaModel = $this->helper->getCaptcha($formId);
-
                 if ($captchaModel->isRequired($username)) {
                     if (!$captchaModel->isCorrect($captchaString)) {
                         $this->sessionManager->setUsername($username);
                         $captchaModel->logAttempt($username);
-                        return $this->returnJsonError(__('Incorrect CAPTCHA'), true);
+                        return $this->returnJsonError(__('Incorrect CAPTCHA'));
                     }
                 }
-
                 $captchaModel->logAttempt($username);
             }
         }
         return $proceed();
     }
 
     /**
-     * Gets Json response.
+     * Format JSON response.
      *
      * @param \Magento\Framework\Phrase $phrase
-     * @param bool $isCaptchaRequired
-     * @return Json
+     * @return \Magento\Framework\Controller\Result\Json
      */
-    private function returnJsonError(\Magento\Framework\Phrase $phrase, bool $isCaptchaRequired = false): Json
+    private function returnJsonError(\Magento\Framework\Phrase $phrase): \Magento\Framework\Controller\Result\Json
     {
         $resultJson = $this->resultJsonFactory->create();
-        return $resultJson->setData(['errors' => true, 'message' => $phrase, 'captcha' => $isCaptchaRequired]);
+        return $resultJson->setData(['errors' => true, 'message' => $phrase]);
     }
 }

app/code/Magento/Captcha/Model/DefaultModel.php

@@ -78,6 +78,11 @@ class DefaultModel extends \Zend\Captcha\Image implements \Magento\Captcha\Model
      */
     protected $session;
 
+    /**
+     * @var string
+     */
+    private $words;
+
     /**
      * @param \Magento\Framework\Session\SessionManagerInterface $session
      * @param \Magento\Captcha\Helper\Data $captchaData
@@ -311,18 +316,18 @@ public function getImgUrl()
      */
     public function isCorrect($word)
     {
-        $storedWord = $this->getWord();
+        $storedWords = $this->getWords();
         $this->clearWord();
 
-        if (!$word || !$storedWord) {
+        if (!$word || !$storedWords) {
             return false;
         }
 
         if (!$this->isCaseSensitive()) {
-            $storedWord = strtolower($storedWord);
+            $storedWords = strtolower($storedWords);
             $word = strtolower($word);
         }
-        return $word === $storedWord;
+        return in_array($word, explode(',', $storedWords));
     }
 
     /**
@@ -481,14 +486,25 @@ private function getTargetForms()
     /**
      * Get captcha word
      *
-     * @return string
+     * @return string|null
      */
     public function getWord()
     {
         $sessionData = $this->session->getData($this->getFormIdKey(self::SESSION_WORD));
         return time() < $sessionData['expires'] ? $sessionData['data'] : null;
     }
 
+    /**
+     * Get captcha words
+     *
+     * @return string|null
+     */
+    private function getWords()
+    {
+        $sessionData = $this->session->getData($this->getFormIdKey(self::SESSION_WORD));
+        return time() < $sessionData['expires'] ? $sessionData['words'] : null;
+    }
+
     /**
      * Set captcha word
      *
@@ -498,9 +514,10 @@ public function getWord()
      */
     protected function setWord($word)
     {
+        $this->words = $this->words ? $this->words . ',' . $word : $word;
         $this->session->setData(
             $this->getFormIdKey(self::SESSION_WORD),
-            ['data' => $word, 'expires' => time() + $this->getTimeout()]
+            ['data' => $word, 'words' => $this->words, 'expires' => time() + $this->getTimeout()]
         );
         $this->word = $word;
         return $this;

app/code/Magento/Captcha/Test/Mftf/Section/StorefrontCustomerSignInFormSection.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
+    <section name="StorefrontCustomerSignInPopupFormSection">
+        <element name="captchaField" type="input" selector="#captcha_user_login"/>
+        <element name="captchaImg" type="block" selector=".captcha-img"/>
+        <element name="captchaReload" type="block" selector=".captcha-reload"/>
+    </section>
+</sections>

app/code/Magento/Captcha/Test/Mftf/Test/CaptchaFormsDisplayingTest.xml

@@ -64,6 +64,52 @@
         <!--Roll back configuration-->
         <scrollToTopOfPage stepKey="ScrollToTop"/>
         <click selector="{{CaptchaFormsDisplayingSection.captcha}}" stepKey="ClickToCloseCaptcha"/>
-
+    </test>
+    <test name="CaptchaWithDisabledGuestCheckout">
+        <annotations>
+            <features value="Captcha"/>
+            <stories value="MC-5602 - CAPTCHA doesn't appear in login popup after refreshing page."/>
+            <title value="Captcha is displaying on login form with disabled guest checkout"/>
+            <description value="Captcha is displaying on login form with disabled guest checkout"/>
+            <severity value="MAJOR"/>
+            <testCaseId value="MAGETWO-96691"/>
+            <group value="captcha"/>
+        </annotations>
+        <before>
+            <magentoCLI command="config:set checkout/options/guest_checkout 0" stepKey="disableGuestCheckout"/>
+            <magentoCLI command="config:set customer/captcha/failed_attempts_login 1" stepKey="decreaseLoginAttempt"/>
+            <createData entity="ApiCategory" stepKey="createCategory"/>
+            <createData entity="ApiSimpleProduct" stepKey="createSimpleProduct">
+                <requiredEntity createDataKey="createCategory"/>
+            </createData>
+        </before>
+        <after>
+            <magentoCLI command="config:set checkout/options/guest_checkout 1" stepKey="enableGuestCheckout"/>
+            <magentoCLI command="config:set customer/captcha/failed_attempts_login 3" stepKey="increaseLoginAttempt"/>
+            <deleteData createDataKey="createCategory" stepKey="deleteCategory"/>
+            <deleteData createDataKey="createSimpleProduct" stepKey="deleteSimpleProduct1"/>
+        </after>
+        <amOnPage url="{{StorefrontProductPage.url($$createSimpleProduct.sku$$)}}" stepKey="openProductPage"/>
+        <waitForPageLoad stepKey="waitForPageLoad"/>
+        <click selector="{{StorefrontProductActionSection.addToCart}}" stepKey="addToCart" />
+        <waitForText userInput="You added $$createSimpleProduct.name$$ to your shopping cart." stepKey="waitForText"/>
+        <click selector="{{StorefrontMinicartSection.showCart}}" stepKey="clickCart"/>
+        <click selector="{{StorefrontMinicartSection.goToCheckout}}" stepKey="goToCheckout"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.email}}" stepKey="waitEmailFieldVisible"/>
+        <fillField selector="{{StorefrontCustomerSignInPopupFormSection.email}}" userInput="{{Simple_US_Customer.email}}" stepKey="fillCustomerEmail"/>
+        <fillField selector="{{StorefrontCustomerSignInPopupFormSection.password}}" userInput="incorrectPassword" stepKey="fillIncorrectCustomerPassword"/>
+        <click selector="{{StorefrontCustomerSignInPopupFormSection.signIn}}" stepKey="clickSignIn"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.errorMessage}}" stepKey="seeErrorMessage"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaField}}" stepKey="seeCaptchaField"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaImg}}" stepKey="seeCaptchaImage"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaReload}}" stepKey="seeCaptchaReloadButton"/>
+        <reloadPage stepKey="refreshPage"/>
+        <waitForPageLoad stepKey="waitForPageLoad2"/>
+        <click selector="{{StorefrontMinicartSection.showCart}}" stepKey="clickCart2"/>
+        <click selector="{{StorefrontMinicartSection.goToCheckout}}" stepKey="goToCheckout2"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.email}}" stepKey="waitEmailFieldVisible2"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaField}}" stepKey="seeCaptchaField2"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaImg}}" stepKey="seeCaptchaImage2"/>
+        <waitForElementVisible selector="{{StorefrontCustomerSignInPopupFormSection.captchaReload}}" stepKey="seeCaptchaReloadButton2"/>
     </test>
 </tests>

app/code/Magento/Captcha/Test/Unit/Model/Checkout/ConfigProviderTest.php

@@ -77,6 +77,7 @@ public function testGetConfig($isRequired, $captchaGenerations, $expectedConfig)
             ->will($this->returnValue('https://magento.com/captcha'));
 
         $config = $this->model->getConfig();
+        unset($config['captcha'][$this->formId]['timestamp']);
         $this->assertEquals($config, $expectedConfig);
     }
 

app/code/Magento/Captcha/Test/Unit/Model/Customer/Plugin/AjaxLoginTest.php

@@ -158,7 +158,7 @@ public function testAroundExecuteIncorrectCaptcha()
         $this->resultJsonMock
             ->expects($this->once())
             ->method('setData')
-            ->with(['errors' => true, 'message' => __('Incorrect CAPTCHA'), 'captcha' => true])
+            ->with(['errors' => true, 'message' => __('Incorrect CAPTCHA')])
             ->will($this->returnSelf());
 
         $closure = function () {