Merge remote-tracking branch 'mainline/develop' into bug-fixes

Author: Oleksii Korshenko

app/bootstrap.php

@@ -9,7 +9,6 @@
  */
 error_reporting(E_ALL);
 #ini_set('display_errors', 1);
-umask(0);
 
 /* PHP version validation */
 if (version_compare(phpversion(), '5.5.0', '<') === true) {

app/code/Magento/Authorizenet/view/frontend/layout/checkout_index_index.xml

@@ -5,7 +5,7 @@
  * See COPYING.txt for license details.
  */
 -->
-<page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" layout="1column" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
+<page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
     <body>
         <referenceBlock name="checkout.root">
             <arguments>

app/code/Magento/Backend/Controller/Adminhtml/System/Account/Save.php

@@ -10,24 +10,28 @@
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Exception\State\UserLockedException;
+use Magento\Security\Model\SecurityCookie;
 
 class Save extends \Magento\Backend\Controller\Adminhtml\System\Account
 {
     /**
-     * @var \Magento\Security\Helper\SecurityCookie
+     * @var SecurityCookie
      */
-    protected $securityCookieHelper;
+    private $securityCookie;
 
     /**
-     * @param \Magento\Backend\App\Action\Context $context
-     * @param \Magento\Security\Helper\SecurityCookie $securityCookieHelper
+     * Get security cookie
+     *
+     * @return SecurityCookie
+     * @deprecated
      */
-    public function __construct(
-        \Magento\Backend\App\Action\Context $context,
-        \Magento\Security\Helper\SecurityCookie $securityCookieHelper
-    ) {
-        parent::__construct($context);
-        $this->securityCookieHelper = $securityCookieHelper;
+    private function getSecurityCookie()
+    {
+        if (!($this->securityCookie instanceof SecurityCookie)) {
+            return \Magento\Framework\App\ObjectManager::getInstance()->get(SecurityCookie::class);
+        } else {
+            return $this->securityCookie;
+        }
     }
 
     /**
@@ -79,7 +83,7 @@ public function execute()
             }
         } catch (UserLockedException $e) {
             $this->_auth->logout();
-            $this->securityCookieHelper->setLogoutReasonCookie(
+            $this->getSecurityCookie()->setLogoutReasonCookie(
                 \Magento\Security\Model\AdminSessionsManager::LOGOUT_REASON_USER_LOCKED
             );
         } catch (ValidatorException $e) {

app/code/Magento/Backend/i18n/en_US.csv

@@ -206,6 +206,8 @@ YTD,YTD
 "Authentication storage is incorrect.","Authentication storage is incorrect."
 "You did not sign in correctly or your account is temporarily disabled.","You did not sign in correctly or your account is temporarily disabled."
 "Authentication error occurred.","Authentication error occurred."
+"Admin session lifetime must be less than or equal to 31536000 seconds (one year)","Admin session lifetime must be less than or equal to 31536000 seconds (one year)"
+"Admin session lifetime must be greater than or equal to 60 seconds","Admin session lifetime must be greater than or equal to 60 seconds"
 Order,Order
 "Order #%1","Order #%1"
 "Access denied","Access denied"
@@ -391,7 +393,7 @@ Security,Security
 "Add Secret Key to URLs","Add Secret Key to URLs"
 "Login is Case Sensitive","Login is Case Sensitive"
 "Admin Session Lifetime (seconds)","Admin Session Lifetime (seconds)"
-"Values less than 60 are ignored.","Values less than 60 are ignored."
+"Please enter at least 60 and at most 31536000 (one year).","Please enter at least 60 and at most 31536000 (one year)."
 "Enable Charts","Enable Charts"
 Web,Web
 "Url Options","Url Options"

app/code/Magento/Backend/view/adminhtml/web/template/dynamic-rows/grid.html

@@ -72,4 +72,15 @@
             </table>
         </div>
     </div>
-</div>
+</div>
+
+<div class="messages">
+    <div class="message message-notice notice">
+        <span
+            translate="'Search strings are either normal strings or regular exceptions (PCRE). They are matched in the same order as entered.'"></span>
+        <br>
+        <span
+            translate="'Examples'"></span>:
+        <span class="code-sample">Firefox: /^mozilla/i</span>
+    </div>
+</div>

app/code/Magento/Backup/Model/Fs/Collection.php

@@ -91,7 +91,6 @@ protected function _hideBackupsForApache()
         $filename = '.htaccess';
         if (!$this->_varDirectory->isFile($filename)) {
             $this->_varDirectory->writeFile($filename, 'deny from all');
-            $this->_varDirectory->changePermissions($filename, 0640);
         }
     }
 

app/code/Magento/Braintree/Gateway/Command/CaptureStrategyCommand.php

@@ -5,6 +5,9 @@
  */
 namespace Magento\Braintree\Gateway\Command;
 
+use Braintree\Transaction;
+use Magento\Braintree\Model\Adapter\BraintreeAdapter;
+use Magento\Braintree\Model\Adapter\BraintreeSearchAdapter;
 use Magento\Framework\Api\FilterBuilder;
 use Magento\Framework\Api\SearchCriteriaBuilder;
 use Magento\Payment\Gateway\Command;
@@ -18,6 +21,7 @@
 
 /**
  * Class CaptureStrategyCommand
+ * @SuppressWarnings(PHPMD)
  */
 class CaptureStrategyCommand implements CommandInterface
 {
@@ -36,11 +40,6 @@ class CaptureStrategyCommand implements CommandInterface
      */
     const VAULT_CAPTURE = 'vault_capture';
 
-    /**
-     * Braintree clone transaction command
-     */
-    const CLONE_TRANSACTION = 'clone';
-
     /**
      * @var CommandPoolInterface
      */
@@ -66,6 +65,16 @@ class CaptureStrategyCommand implements CommandInterface
      */
     private $subjectReader;
 
+    /**
+     * @var BraintreeAdapter
+     */
+    private $braintreeAdapter;
+
+    /**
+     * @var BraintreeSearchAdapter
+     */
+    private $braintreeSearchAdapter;
+
     /**
      * Constructor
      *
@@ -74,19 +83,25 @@ class CaptureStrategyCommand implements CommandInterface
      * @param FilterBuilder $filterBuilder
      * @param SearchCriteriaBuilder $searchCriteriaBuilder
      * @param SubjectReader $subjectReader
+     * @param BraintreeAdapter $braintreeAdapter
+     * @param BraintreeSearchAdapter $braintreeSearchAdapter
      */
     public function __construct(
         CommandPoolInterface $commandPool,
         TransactionRepositoryInterface $repository,
         FilterBuilder $filterBuilder,
         SearchCriteriaBuilder $searchCriteriaBuilder,
-        SubjectReader $subjectReader
+        SubjectReader $subjectReader,
+        BraintreeAdapter $braintreeAdapter,
+        BraintreeSearchAdapter $braintreeSearchAdapter
     ) {
         $this->commandPool = $commandPool;
         $this->transactionRepository = $repository;
         $this->filterBuilder = $filterBuilder;
         $this->searchCriteriaBuilder = $searchCriteriaBuilder;
         $this->subjectReader = $subjectReader;
+        $this->braintreeAdapter = $braintreeAdapter;
+        $this->braintreeSearchAdapter = $braintreeSearchAdapter;
     }
 
     /**
@@ -102,7 +117,7 @@ public function execute(array $commandSubject)
         ContextHelper::assertOrderPayment($paymentInfo);
 
         $command = $this->getCommand($paymentInfo);
-        return $this->commandPool->get($command)->execute($commandSubject);
+        $this->commandPool->get($command)->execute($commandSubject);
     }
 
     /**
@@ -119,14 +134,30 @@ private function getCommand(OrderPaymentInterface $payment)
         }
 
         // do capture for authorization transaction
-        if (!$existsCapture) {
+        if (!$existsCapture && !$this->isExpiredAuthorization($payment)) {
             return self::CAPTURE;
         }
 
         // process capture for payment via Vault
         return self::VAULT_CAPTURE;
     }
 
+    /**
+     * @param OrderPaymentInterface $payment
+     * @return boolean
+     */
+    private function isExpiredAuthorization(OrderPaymentInterface $payment)
+    {
+        $collection = $this->braintreeAdapter->search(
+            [
+                $this->braintreeSearchAdapter->id()->is($payment->getLastTransId()),
+                $this->braintreeSearchAdapter->status()->is(Transaction::AUTHORIZATION_EXPIRED)
+            ]
+        );
+
+        return $collection->maximumCount() > 0;
+    }
+
     /**
      * Check if capture transaction already exists
      *