Merge branches 'MAGETWO-34695-Admin-Login' and 'develop' of github.scm.corp.ebay.com:magento-api/magento2ce into develop

Conflicts:
	app/code/Magento/Backend/etc/di.xml

Author: Cari Spruiell

app/code/Magento/Backend/App/Action/Plugin/Authentication.php

@@ -45,25 +45,49 @@ class Authentication
      */
     protected $messageManager;
 
+    /**
+     * @var \Magento\Backend\Model\UrlInterface
+     */
+    protected $backendUrl;
+
+    /**
+     * @var \Magento\Backend\App\BackendAppList
+     */
+    protected $backendAppList;
+
+    /**
+     * @var \Magento\Framework\Controller\Result\RedirectFactory
+     */
+    protected $resultRedirectFactory;
+
     /**
      * @param \Magento\Backend\Model\Auth $auth
      * @param \Magento\Backend\Model\UrlInterface $url
      * @param \Magento\Framework\App\ResponseInterface $response
      * @param \Magento\Framework\App\ActionFlag $actionFlag
      * @param \Magento\Framework\Message\ManagerInterface $messageManager
+     * @param \Magento\Backend\Model\UrlInterface $backendUrl
+     * @param \Magento\Framework\Controller\Result\RedirectFactory $resultRedirectFactory
+     * @param \Magento\Backend\App\BackendAppList $backendAppList
      */
     public function __construct(
         \Magento\Backend\Model\Auth $auth,
         \Magento\Backend\Model\UrlInterface $url,
         \Magento\Framework\App\ResponseInterface $response,
         \Magento\Framework\App\ActionFlag $actionFlag,
-        \Magento\Framework\Message\ManagerInterface $messageManager
+        \Magento\Framework\Message\ManagerInterface $messageManager,
+        \Magento\Backend\Model\UrlInterface $backendUrl,
+        \Magento\Framework\Controller\Result\RedirectFactory $resultRedirectFactory,
+        \Magento\Backend\App\BackendAppList $backendAppList
     ) {
         $this->_auth = $auth;
         $this->_url = $url;
         $this->_response = $response;
         $this->_actionFlag = $actionFlag;
         $this->messageManager = $messageManager;
+        $this->backendUrl = $backendUrl;
+        $this->resultRedirectFactory = $resultRedirectFactory;
+        $this->backendAppList = $backendAppList;
     }
 
     /**
@@ -90,6 +114,18 @@ public function aroundDispatch(
                 $this->_processNotLoggedInUser($request);
             } else {
                 $this->_auth->getAuthStorage()->prolong();
+
+                $backendApp = null;
+                if ($request->getParam('app')) {
+                    $backendApp = $this->backendAppList->getCurrentApp();
+                }
+
+                if ($backendApp) {
+                    $resultRedirect = $this->resultRedirectFactory->create();
+                    $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($this->backendUrl->getBaseUrl());
+                    $baseUrl = $baseUrl . $backendApp->getStartupPage();
+                    return $resultRedirect->setUrl($baseUrl);
+                }
             }
         }
         $this->_auth->getAuthStorage()->refreshAcl();

app/code/Magento/Backend/App/BackendApp.php

@@ -0,0 +1,73 @@
+<?php
+/**
+ * Copyright © 2015 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\App;
+
+/**
+ * Backend Application which uses Magento Backend authentication process
+ */
+class BackendApp
+{
+    /**
+     * @var null
+     */
+    private $cookiePath;
+
+    /**
+     * @var null
+     */
+    private $startupPage;
+
+    /**
+     * @var null
+     */
+    private $aclResourceName;
+
+    /**
+     * @param string $cookiePath
+     * @param string $startupPage
+     * @param string $aclResourceName
+     */
+    public function __construct(
+        $cookiePath,
+        $startupPage,
+        $aclResourceName
+    ) {
+        $this->cookiePath = $cookiePath;
+        $this->startupPage = $startupPage;
+        $this->aclResourceName = $aclResourceName;
+    }
+
+    /**
+     * Cookie path for the application to set cookie to
+     *
+     * @return string
+     */
+    public function getCookiePath()
+    {
+        return $this->cookiePath;
+    }
+
+    /**
+     * Startup Page of the application to redirect after login
+     *
+     * @return string
+     */
+    public function getStartupPage()
+    {
+        return $this->startupPage;
+    }
+
+    /**
+     * ACL resource name to authorize access to
+     *
+     * @return string
+     */
+    public function getAclResource()
+    {
+        return $this->aclResourceName;
+    }
+}

app/code/Magento/Backend/App/BackendAppList.php

@@ -0,0 +1,62 @@
+<?php
+/**
+ * Copyright © 2015 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\App;
+
+/**
+ * List of Backend Applications to allow injection of them through the DI
+ */
+class BackendAppList
+{
+    /**
+     * @var BackendApp[]
+     */
+    private $backendApps = [];
+
+    /**
+     * @var \Magento\Framework\App\RequestInterface
+     */
+    private $request;
+
+    /**
+     * @param \Magento\Framework\App\Request\Http $request
+     * @param array $backendApps
+     */
+    public function __construct(
+        \Magento\Framework\App\Request\Http $request,
+        array $backendApps = []
+    ) {
+        $this->backendApps = $backendApps;
+        $this->request = $request;
+    }
+
+    /**
+     * Get Backend app based on its name
+     *
+     * @return BackendApp|null
+     */
+    public function getCurrentApp()
+    {
+        $appName = $this->request->getQuery('app');
+        if ($appName && isset($this->backendApps[$appName])) {
+            return $this->backendApps[$appName];
+        }
+    }
+
+    /**
+     * Retrieve backend application by name
+     *
+     * @param string $appName
+     * @return BackendApp|null
+     */
+    public function getBackendApp($appName)
+    {
+        if (isset($this->backendApps[$appName])) {
+            return $this->backendApps[$appName];
+        }
+        return null;
+    }
+}

app/code/Magento/Backend/Controller/Adminhtml/BackendApp/Redirect.php

@@ -0,0 +1,65 @@
+<?php
+/**
+ * Copyright © 2015 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Backend\Controller\Adminhtml\BackendApp;
+
+use Magento\Backend\App\AbstractAction;
+
+/**
+ * Controller which handles authentication of backend app and redirects back to set cookie with backend app path
+ */
+class Redirect extends AbstractAction
+{
+    /**
+     * Array of actions which can be processed without secret key validation
+     *
+     * @var array
+     */
+    protected $_publicActions = ['redirect'];
+
+    /**
+     * @var \Magento\Backend\App\BackendAppList|null
+     */
+    private $backendAppList;
+
+    /**
+     * @param \Magento\Backend\App\Action\Context $context
+     * @param \Magento\Backend\App\BackendAppList $backendAppList
+     */
+    public function __construct(
+        \Magento\Backend\App\Action\Context $context,
+        \Magento\Backend\App\BackendAppList $backendAppList
+    ) {
+        parent::__construct($context);
+        $this->backendAppList = $backendAppList;
+    }
+
+    /**
+     * @return \Magento\Framework\Controller\ResultInterface
+     */
+    public function execute()
+    {
+        $resultRedirect = $this->resultRedirectFactory->create();
+        if ($this->getRequest()->getParam('app')) {
+            $url = $this->getUrl('*/*/*', []) . '?app=' . $this->getRequest()->getParam('app');
+            return $resultRedirect->setUrl($url);
+        }
+        return $resultRedirect->setUrl($this->getUrl('*/index/index'));
+    }
+
+    /**
+     * @return bool
+     */
+    protected function _isAllowed()
+    {
+        $backendApp = $this->backendAppList->getBackendApp(
+            $this->getRequest()->getParam('app')
+        );
+        if ($backendApp) {
+            return $this->_authorization->isAllowed($backendApp->getAclResource());
+        }
+        return true;
+    }
+}

app/code/Magento/Backend/Model/Session/AdminConfig.php

@@ -34,11 +34,17 @@ class AdminConfig extends Config
      */
     protected $_storeManager;
 
+    /**
+     * @var \Magento\Backend\App\BackendAppList
+     */
+    private $backendAppList;
+
     /**
      * @param \Magento\Framework\ValidatorFactory $validatorFactory
      * @param \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
      * @param \Magento\Framework\Stdlib\String $stringHelper
      * @param \Magento\Framework\App\RequestInterface $request
+     * @param \Magento\Backend\App\BackendAppList $backendAppList
      * @param Filesystem $filesystem
      * @param DeploymentConfig $deploymentConfig
      * @param string $scopeType
@@ -53,6 +59,7 @@ public function __construct(
         \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig,
         \Magento\Framework\Stdlib\String $stringHelper,
         \Magento\Framework\App\RequestInterface $request,
+        \Magento\Backend\App\BackendAppList $backendAppList,
         Filesystem $filesystem,
         DeploymentConfig $deploymentConfig,
         $scopeType,
@@ -71,9 +78,9 @@ public function __construct(
             $scopeType,
             $lifetimePath
         );
-
         $this->_frontNameResolver = $frontNameResolver;
         $this->_storeManager = $storeManager;
+        $this->backendAppList = $backendAppList;
         $adminPath = $this->extractAdminPath();
         $this->setCookiePath($adminPath);
         $this->setName($sessionName);
@@ -86,10 +93,17 @@ public function __construct(
      */
     private function extractAdminPath()
     {
-        $parsedUrl = parse_url($this->_storeManager->getStore()->getBaseUrl());
-        $baseUrl = $parsedUrl['path'];
-        $adminPath = $this->_frontNameResolver->getFrontName();
-
-        return $baseUrl . $adminPath;
+        $backendApp = $this->backendAppList->getCurrentApp();
+        $cookiePath = null;
+        $baseUrl = $parsedUrl = parse_url($this->_storeManager->getStore()->getBaseUrl(), PHP_URL_PATH);
+        if (!$backendApp) {
+            $cookiePath = $baseUrl . $this->_frontNameResolver->getFrontName();
+            return $cookiePath;
+        }
+        //In case of application authenticating through the admin login, the script name should be removed
+        //from the path, because application has own script.
+        $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($baseUrl);
+        $cookiePath = $baseUrl . $backendApp->getCookiePath();
+        return $cookiePath;
     }
 }

app/code/Magento/Backend/etc/acl.xml

@@ -38,6 +38,7 @@
                     </resource>
                     <resource id="Magento_Backend::tools" title="Tools" sortOrder="50">
                         <resource id="Magento_Backend::cache" title="Cache Management"  sortOrder="10" />
+                        <resource id="Magento_Backend::setup_wizard" title="Web Setup Wizard" sortOrder="20" />
                     </resource>
                     <resource id="Magento_Backend::system_other_settings" title="Other Settings"  sortOrder="80" />
                 </resource>

app/code/Magento/Backend/etc/adminhtml/menu.xml

@@ -27,5 +27,6 @@
         <add id="Magento_Backend::stores_attributes" title="Attributes" module="Magento_Backend" sortOrder="40" parent="Magento_Backend::stores" resource="Magento_Backend::stores_attributes"/>
         <add id="Magento_Backend::other_settings" title="Other Settings" module="Magento_Backend" sortOrder="50" parent="Magento_Backend::stores" resource="Magento_Backend::stores_other_settings"/>
         <add id="Magento_Backend::system_other_settings" title="Other Settings" module="Magento_Backend" sortOrder="80" parent="Magento_Backend::system" resource="Magento_Backend::system_other_settings"/>
+        <add id="Magento_Backend::setup_wizard" action="adminhtml/backendapp/redirect/app/setup" title="Web Setup Wizard" module="Magento_Backend" sortOrder="80" parent="Magento_Backend::system_tools" resource="Magento_Backend::setup_wizard"/>
     </menu>
 </config>

app/code/Magento/Backend/etc/di.xml

@@ -160,4 +160,18 @@
             </argument>
         </arguments>
     </type>
+    <virtualType name="Magento\Setup\BackendApp" type="Magento\Backend\App\BackendApp">
+        <arguments>
+            <argument name="cookiePath" xsi:type="string">setup</argument>
+            <argument name="startupPage" xsi:type="string">setup</argument>
+            <argument name="aclResourceName" xsi:type="string">Magento_Backend::setup_wizard</argument>
+        </arguments>
+    </virtualType>
+    <type name="Magento\Backend\App\BackendAppList">
+        <arguments>
+            <argument name="backendApps" xsi:type="array">
+                <item name="setup" xsi:type="object">Magento\Setup\BackendApp</item>
+            </argument>
+        </arguments>
+    </type>
 </config>

lib/internal/Magento/Framework/App/Request/Http.php

@@ -345,6 +345,25 @@ public static function getDistroBaseUrlPath($server)
         return $result;
     }
 
+    /**
+     * Return url with no script name
+     *
+     * @param  string $url
+     * @return string
+     */
+    public static function getUrlNoScript($url)
+    {
+        if (!isset($_SERVER['SCRIPT_NAME'])) {
+            return $url;
+        }
+
+        if (($pos = strripos($url, basename($_SERVER['SCRIPT_NAME']))) !== false) {
+            $url = substr($url, 0, $pos);
+        }
+
+        return $url;
+    }
+
     /**
      * Retrieve full action name
      *