Skip to content

Commit 6f689b9

Browse files
author
Natalia Momotenko
committed
Merge remote-tracking branch 'origin/develop' into MAGETWO-38852-2
2 parents 24c4fe4 + 980f658 commit 6f689b9

File tree

201 files changed

+4712
-1596
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

201 files changed

+4712
-1596
lines changed

app/code/Magento/Authorizenet/Model/Authorizenet.php

Lines changed: 49 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@
55
*/
66
namespace Magento\Authorizenet\Model;
77

8+
use Magento\Payment\Model\Method\Logger;
9+
810
/**
911
* @SuppressWarnings(PHPMD.TooManyFields)
1012
* @SuppressWarnings(PHPMD.ExcessiveClassComplexity)
@@ -54,6 +56,8 @@ abstract class Authorizenet extends \Magento\Payment\Model\Method\Cc
5456

5557
const RESPONSE_REASON_CODE_PENDING_REVIEW_DECLINED = 254;
5658

59+
const PAYMENT_UPDATE_STATUS_CODE_SUCCESS = 'Ok';
60+
5761
/**
5862
* Transaction fraud state key
5963
*/
@@ -95,6 +99,11 @@ abstract class Authorizenet extends \Magento\Payment\Model\Method\Cc
9599
*/
96100
protected $transactionDetails = [];
97101

102+
/**
103+
* {@inheritdoc}
104+
*/
105+
protected $_debugReplacePrivateDataKeys = ['merchantAuthentication', 'x_login'];
106+
98107
/**
99108
* @param \Magento\Framework\Model\Context $context
100109
* @param \Magento\Framework\Registry $registry
@@ -364,11 +373,11 @@ protected function buildRequest(\Magento\Framework\DataObject $payment)
364373
*/
365374
protected function postRequest(\Magento\Authorizenet\Model\Request $request)
366375
{
367-
$debugData = ['request' => $request->getData()];
368376
$result = $this->responseFactory->create();
369377
$client = new \Magento\Framework\HTTP\ZendClient();
370-
$uri = $this->getConfigData('cgi_url');
371-
$client->setUri($uri ? $uri : self::CGI_URL);
378+
$url = $this->getConfigData('cgi_url') ?: self::CGI_URL;
379+
$debugData = ['url' => $url, 'request' => $request->getData()];
380+
$client->setUri($url);
372381
$client->setConfig(['maxredirects' => 0, 'timeout' => 30]);
373382

374383
foreach ($request->getData() as $key => $value) {
@@ -381,21 +390,21 @@ protected function postRequest(\Magento\Authorizenet\Model\Request $request)
381390

382391
try {
383392
$response = $client->request();
393+
$responseBody = $response->getBody();
394+
$debugData['response'] = $responseBody;
384395
} catch (\Exception $e) {
385396
$result->setXResponseCode(-1)
386397
->setXResponseReasonCode($e->getCode())
387398
->setXResponseReasonText($e->getMessage());
388399

389-
$debugData['result'] = $result->getData();
390-
$this->_debug($debugData);
391400
throw new \Magento\Framework\Exception\LocalizedException(
392401
$this->dataHelper->wrapGatewayError($e->getMessage())
393402
);
403+
} finally {
404+
$this->_debug($debugData);
394405
}
395406

396-
$responseBody = $response->getBody();
397407
$r = explode(self::RESPONSE_DELIM_CHAR, $responseBody);
398-
399408
if ($r) {
400409
$result->setXResponseCode((int)str_replace('"', '', $r[0]))
401410
->setXResponseReasonCode((int)str_replace('"', '', $r[2]))
@@ -413,10 +422,6 @@ protected function postRequest(\Magento\Authorizenet\Model\Request $request)
413422
__('Something went wrong in the payment gateway.')
414423
);
415424
}
416-
417-
$debugData['result'] = $result->getData();
418-
$this->_debug($debugData);
419-
420425
return $result;
421426
}
422427

@@ -473,24 +478,35 @@ protected function loadTransactionDetails($transactionId)
473478
);
474479

475480
$client = new \Magento\Framework\HTTP\ZendClient();
476-
$uri = $this->getConfigData('cgi_url_td');
477-
$client->setUri($uri ? $uri : self::CGI_URL_TD);
481+
$url = $this->getConfigData('cgi_url_td') ?: self::CGI_URL_TD;
482+
$client->setUri($url);
478483
$client->setConfig(['timeout' => 45]);
479484
$client->setHeaders(['Content-Type: text/xml']);
480485
$client->setMethod(\Zend_Http_Client::POST);
481486
$client->setRawData($requestBody);
482487

483-
$debugData = ['request' => $requestBody];
488+
$debugData = ['url' => $url, 'request' => $this->removePrivateDataFromXml($requestBody)];
484489

485490
try {
486491
$responseBody = $client->request()->getBody();
487-
$debugData['result'] = $responseBody;
488-
$this->_debug($debugData);
492+
$debugData['response'] = $responseBody;
489493
libxml_use_internal_errors(true);
490494
$responseXmlDocument = new \Magento\Framework\Simplexml\Element($responseBody);
491495
libxml_use_internal_errors(false);
492496
} catch (\Exception $e) {
493-
throw new \Magento\Framework\Exception\LocalizedException(__('Payment updating error.'));
497+
throw new \Magento\Framework\Exception\LocalizedException(
498+
__('Unable to get transaction details. Try again later.')
499+
);
500+
} finally {
501+
$this->_debug($debugData);
502+
}
503+
504+
if (!isset($responseXmlDocument->messages->resultCode)
505+
|| $responseXmlDocument->messages->resultCode != static::PAYMENT_UPDATE_STATUS_CODE_SUCCESS
506+
) {
507+
throw new \Magento\Framework\Exception\LocalizedException(
508+
__('Unable to get transaction details. Try again later.')
509+
);
494510
}
495511

496512
$this->transactionDetails[$transactionId] = $responseXmlDocument;
@@ -509,4 +525,20 @@ protected function getTransactionDetails($transactionId)
509525
? $this->transactionDetails[$transactionId]
510526
: $this->loadTransactionDetails($transactionId);
511527
}
528+
529+
/**
530+
* Remove nodes with private data from XML string
531+
*
532+
* Uses values from $_debugReplacePrivateDataKeys property
533+
*
534+
* @param string $xml
535+
* @return string
536+
*/
537+
protected function removePrivateDataFromXml($xml)
538+
{
539+
foreach ($this->getDebugReplacePrivateDataKeys() as $key) {
540+
$xml = preg_replace(sprintf('~(?<=<%s>).*?(?=</%s>)~', $key, $key), Logger::DEBUG_KEYS_MASK, $xml);
541+
}
542+
return $xml;
543+
}
512544
}

app/code/Magento/Authorizenet/Model/Directpost.php

Lines changed: 34 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -726,17 +726,21 @@ protected function processOrder(\Magento\Sales\Model\Order $order)
726726
*/
727727
protected function processPaymentFraudStatus(\Magento\Sales\Model\Order\Payment $payment)
728728
{
729-
$fraudDetailsResponse = $payment->getMethodInstance()
730-
->fetchTransactionFraudDetails($this->getResponse()->getXTransId());
731-
$fraudData = $fraudDetailsResponse->getData();
729+
try {
730+
$fraudDetailsResponse = $payment->getMethodInstance()
731+
->fetchTransactionFraudDetails($this->getResponse()->getXTransId());
732+
$fraudData = $fraudDetailsResponse->getData();
732733

733-
if (empty($fraudData)) {
734-
$payment->setIsFraudDetected(false);
735-
return $this;
736-
}
734+
if (empty($fraudData)) {
735+
$payment->setIsFraudDetected(false);
736+
return $this;
737+
}
737738

738-
$payment->setIsFraudDetected(true);
739-
$payment->setAdditionalInformation('fraud_details', $fraudData);
739+
$payment->setIsFraudDetected(true);
740+
$payment->setAdditionalInformation('fraud_details', $fraudData);
741+
} catch (\Exception $e) {
742+
//this request is optional
743+
}
740744

741745
return $this;
742746
}
@@ -749,23 +753,27 @@ protected function processPaymentFraudStatus(\Magento\Sales\Model\Order\Payment
749753
*/
750754
protected function addStatusComment(\Magento\Sales\Model\Order\Payment $payment)
751755
{
752-
$transactionId = $this->getResponse()->getXTransId();
753-
$data = $payment->getMethodInstance()->getTransactionDetails($transactionId);
754-
$transactionStatus = (string)$data->transaction->transactionStatus;
755-
$fdsFilterAction = (string)$data->transaction->FDSFilterAction;
756-
757-
if ($payment->getIsTransactionPending()) {
758-
$message = 'Amount of %1 is pending approval on the gateway.<br/>'
759-
. 'Transaction "%2" status is "%3".<br/>'
760-
. 'Transaction FDS Filter Action is "%4"';
761-
$message = __(
762-
$message,
763-
$payment->getOrder()->getBaseCurrency()->formatTxt($this->getResponse()->getXAmount()),
764-
$transactionId,
765-
$this->dataHelper->getTransactionStatusLabel($transactionStatus),
766-
$this->dataHelper->getFdsFilterActionLabel($fdsFilterAction)
767-
);
768-
$payment->getOrder()->addStatusHistoryComment($message);
756+
try {
757+
$transactionId = $this->getResponse()->getXTransId();
758+
$data = $payment->getMethodInstance()->getTransactionDetails($transactionId);
759+
$transactionStatus = (string)$data->transaction->transactionStatus;
760+
$fdsFilterAction = (string)$data->transaction->FDSFilterAction;
761+
762+
if ($payment->getIsTransactionPending()) {
763+
$message = 'Amount of %1 is pending approval on the gateway.<br/>'
764+
. 'Transaction "%2" status is "%3".<br/>'
765+
. 'Transaction FDS Filter Action is "%4"';
766+
$message = __(
767+
$message,
768+
$payment->getOrder()->getBaseCurrency()->formatTxt($this->getResponse()->getXAmount()),
769+
$transactionId,
770+
$this->dataHelper->getTransactionStatusLabel($transactionStatus),
771+
$this->dataHelper->getFdsFilterActionLabel($fdsFilterAction)
772+
);
773+
$payment->getOrder()->addStatusHistoryComment($message);
774+
}
775+
} catch (\Exception $e) {
776+
//this request is optional
769777
}
770778
return $this;
771779
}

app/code/Magento/Backend/Block/Widget/Grid.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -760,7 +760,7 @@ public function setSaveParametersInSession($flag)
760760
*/
761761
public function getJsObjectName()
762762
{
763-
return $this->getId() . 'JsObject';
763+
return preg_replace("~[^a-z0-9_]*~i", '', $this->getId()) . 'JsObject';
764764
}
765765

766766
/**

app/code/Magento/Backend/Block/Widget/Grid/Column/Filter/AbstractFilter.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ public function getColumn()
6767
*/
6868
protected function _getHtmlName()
6969
{
70-
return $this->getColumn()->getId();
70+
return $this->escapeHtml($this->getColumn()->getId());
7171
}
7272

7373
/**
@@ -77,7 +77,7 @@ protected function _getHtmlName()
7777
*/
7878
protected function _getHtmlId()
7979
{
80-
return $this->getColumn()->getHtmlId();
80+
return $this->escapeHtml($this->getColumn()->getHtmlId());
8181
}
8282

8383
/**
@@ -88,7 +88,7 @@ protected function _getHtmlId()
8888
*/
8989
public function getEscapedValue($index = null)
9090
{
91-
return htmlspecialchars((string)$this->getValue($index));
91+
return $this->escapeHtml((string)$this->getValue($index));
9292
}
9393

9494
/**
Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
<?php
2+
/**
3+
* Copyright © 2015 Magento. All rights reserved.
4+
* See COPYING.txt for license details.
5+
*/
6+
7+
namespace Magento\Backend\Test\Unit\Block\Widget\Grid\Column\Filter;
8+
9+
use Magento\Framework\TestFramework\Unit\Helper\ObjectManager as ObjectManagerHelper;
10+
11+
class TextTest extends \PHPUnit_Framework_TestCase
12+
{
13+
/** @var \Magento\Backend\Block\Widget\Grid\Column\Filter\Text*/
14+
protected $block;
15+
16+
/** @var ObjectManagerHelper */
17+
protected $objectManagerHelper;
18+
19+
/** @var \Magento\Backend\Block\Context|\PHPUnit_Framework_MockObject_MockObject */
20+
protected $context;
21+
22+
/** @var \Magento\Framework\DB\Helper|\PHPUnit_Framework_MockObject_MockObject */
23+
protected $helper;
24+
25+
/** @var \Magento\Framework\Escaper|\PHPUnit_Framework_MockObject_MockObject */
26+
protected $escaper;
27+
28+
protected function setUp()
29+
{
30+
$this->context = $this->getMockBuilder('Magento\Backend\Block\Context')
31+
->setMethods(['getEscaper'])
32+
->disableOriginalConstructor()
33+
->getMock();
34+
$this->escaper = $this->getMock('Magento\Framework\Escaper', ['escapeHtml'], [], '', false);
35+
$this->helper = $this->getMock('Magento\Framework\DB\Helper', [], [], '', false);
36+
37+
$this->context->expects($this->once())->method('getEscaper')->willReturn($this->escaper);
38+
39+
$this->objectManagerHelper = new ObjectManagerHelper($this);
40+
$this->block = $this->objectManagerHelper->getObject(
41+
'Magento\Backend\Block\Widget\Grid\Column\Filter\Text',
42+
[
43+
'context' => $this->context,
44+
'resourceHelper' => $this->helper
45+
]
46+
);
47+
}
48+
49+
public function testGetHtml()
50+
{
51+
$resultHtml = '<input type="text" name="escapedHtml" ' .
52+
'id="escapedHtml" value="escapedHtml" ' .
53+
'class="input-text admin__control-text no-changes" data-ui-id="filter-escapedhtml" />';
54+
55+
$column = $this->getMockBuilder('Magento\Backend\Block\Widget\Grid\Column')
56+
->setMethods(['getId', 'getHtmlId'])
57+
->disableOriginalConstructor()
58+
->getMock();
59+
60+
$this->block->setColumn($column);
61+
62+
$this->escaper->expects($this->any())->method('escapeHtml')->willReturn('escapedHtml');
63+
$column->expects($this->any())->method('getId')->willReturn('id');
64+
$column->expects($this->once())->method('getHtmlId')->willReturn('htmlId');
65+
66+
$this->assertEquals($resultHtml, $this->block->getHtml());
67+
}
68+
}

0 commit comments

Comments
 (0)