Merge branch '2.4-develop' into add-logic-check-imports-less-for-enabled-modules

Author: engcom-Charlie

.editorconfig

@@ -14,7 +14,7 @@ trim_trailing_whitespace = false
 [*.{yml,yaml,json}]
 indent_size = 2
 
-[{composer, auth}.json]
+[{composer,auth}.json]
 indent_size = 4
 
 [db_schema_whitelist.json]

app/code/Magento/AdminAnalytics/ViewModel/Metadata.php

@@ -9,7 +9,9 @@
 namespace Magento\AdminAnalytics\ViewModel;
 
 use Magento\Config\Model\Config\Backend\Admin\Custom;
+use Magento\Csp\Helper\CspNonceProvider;
 use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\App\ObjectManager;
 use Magento\Framework\App\ProductMetadataInterface;
 use Magento\Backend\Model\Auth\Session;
 use Magento\Framework\App\State;
@@ -21,6 +23,11 @@
  */
 class Metadata implements ArgumentInterface
 {
+    /**
+     * @var string
+     */
+    private $nonce;
+
     /**
      * @var State
      */
@@ -41,22 +48,33 @@ class Metadata implements ArgumentInterface
      */
     private $config;
 
+    /**
+     * @var CspNonceProvider
+     */
+    private $nonceProvider;
+
     /**
      * @param ProductMetadataInterface $productMetadata
      * @param Session $authSession
      * @param State $appState
      * @param ScopeConfigInterface $config
+     * @param CspNonceProvider|null $nonceProvider
      */
     public function __construct(
         ProductMetadataInterface $productMetadata,
         Session $authSession,
         State $appState,
-        ScopeConfigInterface $config
+        ScopeConfigInterface $config,
+        CspNonceProvider $nonceProvider = null
     ) {
         $this->productMetadata = $productMetadata;
         $this->authSession = $authSession;
         $this->appState = $appState;
         $this->config = $config;
+
+        $this->nonceProvider = $nonceProvider ?: ObjectManager::getInstance()->get(CspNonceProvider::class);
+
+        $this->nonce = $this->nonceProvider->generateNonce();
     }
 
     /**
@@ -156,4 +174,14 @@ public function getCurrentUserRoleName(): string
     {
         return $this->authSession->getUser()->getRole()->getRoleName();
     }
+
+    /**
+     * Get a random nonce for each request.
+     *
+     * @return string
+     */
+    public function getNonce(): string
+    {
+        return $this->nonce;
+    }
 }

app/code/Magento/AdminAnalytics/composer.json

@@ -11,7 +11,8 @@
         "magento/module-config": "*",
         "magento/module-store": "*",
         "magento/module-ui": "*",
-        "magento/module-release-notification": "*"
+        "magento/module-release-notification": "*",
+        "magento/module-csp": "*"
     },
     "type": "magento2-module",
     "license": [

app/code/Magento/AdminAnalytics/view/adminhtml/templates/tracking.phtml

@@ -6,6 +6,7 @@
 
 /**
  * @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
+ * @var \Magento\Framework\Escaper $escaper
  */
 ?>
 
@@ -22,18 +23,25 @@
 <?php
 /** @var \Magento\AdminAnalytics\ViewModel\Metadata $metadata */
 $metadata = $block->getMetadata();
+$nonce = $escaper->escapeJs($metadata->getNonce());
 $scriptString = '
     var adminAnalyticsMetadata = {
-        "secure_base_url": "' . $block->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
-        "version": "' . $block->escapeJs($metadata->getMagentoVersion()) . '",
-        "product_edition": "' . $block->escapeJs($metadata->getProductEdition()) . '",
-        "user": "' . $block->escapeJs($metadata->getCurrentUser()) . '",
-        "mode": "' . $block->escapeJs($metadata->getMode()) . '",
-        "store_name_default": "' . $block->escapeJs($metadata->getStoreNameForScope()) . '",
-        "admin_user_created": "' . $block->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
-        "admin_user_logdate": "' . $block->escapeJs($metadata->getCurrentUserLogDate()) . '",
-        "admin_user_role_name": "' . $block->escapeJs($metadata->getCurrentUserRoleName()) . '"
+        "secure_base_url": "' . $escaper->escapeJs($metadata->getSecureBaseUrlForScope()) . '",
+        "version": "' . $escaper->escapeJs($metadata->getMagentoVersion()) . '",
+        "product_edition": "' . $escaper->escapeJs($metadata->getProductEdition()) . '",
+        "user": "' . $escaper->escapeJs($metadata->getCurrentUser()) . '",
+        "mode": "' . $escaper->escapeJs($metadata->getMode()) . '",
+        "store_name_default": "' . $escaper->escapeJs($metadata->getStoreNameForScope()) . '",
+        "admin_user_created": "' . $escaper->escapeJs($metadata->getCurrentUserCreatedDate()) . '",
+        "admin_user_logdate": "' . $escaper->escapeJs($metadata->getCurrentUserLogDate()) . '",
+        "admin_user_role_name": "' . $escaper->escapeJs($metadata->getCurrentUserRoleName()) . '"
     };
+
+    var digitalData = {
+        "nonce": "' . $nonce . '"
+    };
+
+    var cspNonce = "' . $nonce . '";
 ';
 ?>
 <?= /* @noEscape */ $secureRenderer->renderTag('script', [], $scriptString, false); ?>

app/code/Magento/AdvancedSearch/Model/DataProvider/AutocompleteSuggestions.php

@@ -1,18 +1,7 @@
 <?php
-/************************************************************************
- *
+/**
  * Copyright 2023 Adobe
  * All Rights Reserved.
- *
- * NOTICE: All information contained herein is, and remains
- * the property of Adobe and its suppliers, if any. The intellectual
- * and technical concepts contained herein are proprietary to Adobe
- * and its suppliers and are protected by all applicable intellectual
- * property laws, including trade secret and copyright laws.
- * Dissemination of this information or reproduction of this material
- * is strictly forbidden unless prior written permission is obtained
- * from Adobe.
- * ***********************************************************************
  */
 declare(strict_types=1);
 

app/code/Magento/AdvancedSearch/Test/Unit/Model/DataProvider/AutocompleteSuggestionsTest.php

@@ -1,18 +1,7 @@
 <?php
-/************************************************************************
- *
+/**
  * Copyright 2023 Adobe
  * All Rights Reserved.
- *
- * NOTICE: All information contained herein is, and remains
- * the property of Adobe and its suppliers, if any. The intellectual
- * and technical concepts contained herein are proprietary to Adobe
- * and its suppliers and are protected by all applicable intellectual
- * property laws, including trade secret and copyright laws.
- * Dissemination of this information or reproduction of this material
- * is strictly forbidden unless prior written permission is obtained
- * from Adobe.
- * ***********************************************************************
  */
 declare(strict_types=1);
 

app/code/Magento/Backend/Console/Command/MaintenanceStatusCommand.php

@@ -53,7 +53,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
     {
         $output->writeln(
             '<info>Status: maintenance mode is ' .
-            ($this->maintenanceMode->isOn() ? 'active' : 'not active') . '</info>'
+            ($this->maintenanceMode->isOn() ? 'enabled' : 'disabled') . '</info>'
         );
         $addressInfo = $this->maintenanceMode->getAddressInfo();
         $addresses = implode(' ', $addressInfo);

app/code/Magento/Backend/Model/Validator/IpValidator.php

@@ -1,10 +1,14 @@
 <?php
+
 /**
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
 namespace Magento\Backend\Model\Validator;
 
+use Magento\Framework\App\Utility\IPAddress;
+
 /**
  * Class to validate list of IPs for maintenance commands
  */
@@ -25,12 +29,22 @@ class IpValidator
      */
     private $invalidIps;
 
+    /**
+     * @param IPAddress $ipAddress
+     */
+    public function __construct(
+        private readonly IPAddress $ipAddress,
+    ) {
+    }
+
     /**
      * Validates list of ips
      *
      * @param string[] $ips
      * @param bool $noneAllowed
+     *
      * @return string[]
+     *
      * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      */
     public function validateIps(array $ips, $noneAllowed)
@@ -55,22 +69,26 @@ public function validateIps(array $ips, $noneAllowed)
                 $messages[] = "Invalid IP $invalidIp";
             }
         }
+
         return $messages;
     }
 
     /**
      * Filter ips into 'none', valid and invalid ips
      *
      * @param string[] $ips
+     *
      * @return void
      */
     private function filterIps(array $ips)
     {
         foreach ($ips as $ip) {
-            if (filter_var($ip, FILTER_VALIDATE_IP)) {
-                $this->validIps[] = $ip;
-            } elseif ($ip == 'none') {
+            if ($ip === 'none') {
                 $this->none[] = $ip;
+            } elseif ($this->ipAddress->isValidAddress($ip)) {
+                $this->validIps[] = $ip;
+            } elseif ($this->ipAddress->isValidRange($ip)) {
+                $this->validIps[] = $ip;
             } else {
                 $this->invalidIps[] = $ip;
             }

app/code/Magento/Backend/Test/Unit/Console/Command/MaintenanceStatusCommandTest.php

@@ -53,20 +53,20 @@ public function executeDataProvider()
         return [
             [
                 [true, ['127.0.0.1', '127.0.0.2']],
-                'Status: maintenance mode is active' . PHP_EOL .
+                'Status: maintenance mode is enabled' . PHP_EOL .
                 'List of exempt IP-addresses: 127.0.0.1 127.0.0.2' . PHP_EOL
             ],
             [
                 [true, []],
-                'Status: maintenance mode is active' . PHP_EOL . 'List of exempt IP-addresses: none' . PHP_EOL
+                'Status: maintenance mode is enabled' . PHP_EOL . 'List of exempt IP-addresses: none' . PHP_EOL
             ],
             [
                 [false, []],
-                'Status: maintenance mode is not active' . PHP_EOL . 'List of exempt IP-addresses: none' . PHP_EOL
+                'Status: maintenance mode is disabled' . PHP_EOL . 'List of exempt IP-addresses: none' . PHP_EOL
             ],
             [
                 [false, ['127.0.0.1', '127.0.0.2']],
-                'Status: maintenance mode is not active' . PHP_EOL .
+                'Status: maintenance mode is disabled' . PHP_EOL .
                 'List of exempt IP-addresses: 127.0.0.1 127.0.0.2' . PHP_EOL
             ],
         ];

app/code/Magento/Backend/Test/Unit/Model/Validator/IpValidatorTest.php

@@ -8,6 +8,7 @@
 namespace Magento\Backend\Test\Unit\Model\Validator;
 
 use Magento\Backend\Model\Validator\IpValidator;
+use Magento\Framework\App\Utility\IPAddress;
 use PHPUnit\Framework\TestCase;
 
 /**
@@ -25,7 +26,9 @@ class IpValidatorTest extends TestCase
      */
     protected function setUp(): void
     {
-        $this->ipValidator = new IpValidator();
+        $this->ipValidator = new IpValidator(
+            new IPAddress()
+        );
     }
 
     /**
@@ -45,6 +48,7 @@ public function validateIpsNoneAllowedDataProvider(): array
     {
         return [
             [['127.0.0.1', '127.0.0.2'], []],
+            [['127.0.0.0/24'], []],
             [['none'], []],
             [['none', '127.0.0.1'], ["Multiple values are not allowed when 'none' is used"]],
             [['127.0.0.1', 'none'], ["Multiple values are not allowed when 'none' is used"]],
@@ -72,6 +76,7 @@ public function validateIpsNoneNotAllowedDataProvider()
     {
         return [
             [['127.0.0.1', '127.0.0.2'], []],
+            [['127.0.0.0/24'], []],
             [['none'], ["'none' is not allowed"]],
             [['none', '127.0.0.1'], ["'none' is not allowed"]],
             [['127.0.0.1', 'none'], ["'none' is not allowed"]],