Merge commit 'refs/pull/49/head' of https://github.com/magento/magento2ce into MAGETWO-38635-prs

Author: Joan He

app/code/Magento/Security/Helper/SecurityCookie.php

@@ -0,0 +1,116 @@
+<?php
+/**
+ * Copyright © 2015 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Security\Helper;
+
+use Magento\Framework\Stdlib\Cookie\CookieReaderInterface;
+
+/**
+ * Security cookie helper
+ */
+class SecurityCookie extends \Magento\Framework\App\Helper\AbstractHelper
+{
+    /**
+     * Cookie name
+     */
+    const LOGOUT_REASON_CODE_COOKIE_NAME = 'loggedOutReasonCode';
+
+    /**
+     * @var \Magento\Framework\Stdlib\Cookie\PhpCookieManager
+     */
+    protected $phpCookieManager;
+
+    /**
+     * @var \Magento\Backend\Helper\Data
+     */
+    protected $backendData;
+
+    /**
+     * @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory
+     */
+    protected $cookieMetadataFactory;
+
+    /**
+     * @var CookieReaderInterface
+     */
+    protected $cookieReader;
+
+    /**
+     * @param \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager
+     * @param \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory
+     * @param CookieReaderInterface $cookieReader
+     * @param \Magento\Backend\Helper\Data $backendData
+     */
+    public function __construct(
+        \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager,
+        \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory,
+        CookieReaderInterface $cookieReader,
+        \Magento\Backend\Helper\Data $backendData
+    ) {
+        $this->phpCookieManager = $phpCookieManager;
+        $this->cookieMetadataFactory = $cookieMetadataFactory;
+        $this->cookieReader = $cookieReader;
+        $this->backendData = $backendData;
+    }
+
+    /**
+     * Get cookie with logout reason code
+     *
+     * @return string|int
+     */
+    public function getLogoutReasonCookie()
+    {
+        return (int) $this->cookieReader->getCookie(self::LOGOUT_REASON_CODE_COOKIE_NAME, -1);
+    }
+
+    /**
+     * Set logout reason cookie
+     *
+     * @param int $status
+     * @return $this
+     */
+    public function setLogoutReasonCookie($status)
+    {
+        $metaData = $this->createCookieMetaData();
+        $metaData->setPath('/' . $this->backendData->getAreaFrontName());
+
+        $this->phpCookieManager->setPublicCookie(
+            self::LOGOUT_REASON_CODE_COOKIE_NAME,
+            (int) $status,
+            $metaData
+        );
+
+        return $this;
+    }
+
+    /**
+     * Delete cookie with reason of logout
+     *
+     * @return $this
+     */
+    public function deleteLogoutReasonCookie()
+    {
+        $metaData = $this->createCookieMetaData();
+        $metaData->setPath('/' . $this->backendData->getAreaFrontName())->setDuration(-1);
+
+        $this->phpCookieManager->setPublicCookie(
+            self::LOGOUT_REASON_CODE_COOKIE_NAME,
+            '',
+            $metaData
+        );
+
+        return $this;
+    }
+
+    /**
+     * Create Cookie Metadata instance
+     *
+     * @return \Magento\Framework\Stdlib\Cookie\PublicCookieMetadata
+     */
+    protected function createCookieMetaData()
+    {
+        return $this->cookieMetadataFactory->create();
+    }
+}

app/code/Magento/Security/Model/AdminSessionsManager.php

@@ -17,6 +17,11 @@ class AdminSessionsManager
      */
     const ADMIN_SESSION_LIFETIME = 86400;
 
+    /**
+     * Logout reason when current user has been locked out
+     */
+    const LOGOUT_REASON_USER_LOCKED = 10;
+
     /**
      * @var \Magento\Security\Helper\SecurityConfig
      */
@@ -155,6 +160,11 @@ public function getLogoutReasonMessageByStatus($statusCode)
                     'Your current session is terminated by another user of this account.'
                 );
                 break;
+            case self::LOGOUT_REASON_USER_LOCKED:
+                $reasonMessage = __(
+                    'Your account is temporarily disabled.'
+                );
+                break;
             default:
                 $reasonMessage = __('Your current session has been expired.');
                 break;

app/code/Magento/Security/Model/Plugin/AuthSession.php

@@ -14,11 +14,6 @@
  */
 class AuthSession
 {
-    /**
-     * Cookie name
-     */
-    const LOGOUT_REASON_CODE_COOKIE_NAME = 'loggedOutReasonCode';
-
     /**
      * @var \Magento\Framework\App\RequestInterface
      */
@@ -35,50 +30,26 @@ class AuthSession
     protected $sessionsManager;
 
     /**
-     * @var \Magento\Framework\Stdlib\Cookie\PhpCookieManager
-     */
-    protected $phpCookieManager;
-
-    /**
-     * @var CookieReaderInterface
-     */
-    protected $cookieReader;
-
-    /**
-     * @var \Magento\Backend\Helper\Data
-     */
-    protected $backendData;
-
-    /**
-     * @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory
+     * @var \Magento\Security\Helper\SecurityCookie
      */
-    protected $cookieMetadataFactory;
+    protected $securityCookieHelper;
 
     /**
      * @param \Magento\Framework\App\RequestInterface $request
      * @param \Magento\Framework\Message\ManagerInterface $messageManager
      * @param AdminSessionsManager $sessionsManager
-     * @param \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager
-     * @param CookieReaderInterface $cookieReader
-     * @param \Magento\Backend\Helper\Data $backendData
-     * @param \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory
+     * @param \Magento\Security\Helper\SecurityCookie $securityCookieHelper
      */
     public function __construct(
         \Magento\Framework\App\RequestInterface $request,
         \Magento\Framework\Message\ManagerInterface $messageManager,
         AdminSessionsManager $sessionsManager,
-        \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager,
-        CookieReaderInterface $cookieReader,
-        \Magento\Backend\Helper\Data $backendData,
-        \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory
+        \Magento\Security\Helper\SecurityCookie $securityCookieHelper
     ) {
         $this->request = $request;
         $this->messageManager = $messageManager;
         $this->sessionsManager = $sessionsManager;
-        $this->phpCookieManager = $phpCookieManager;
-        $this->cookieReader = $cookieReader;
-        $this->backendData = $backendData;
-        $this->cookieMetadataFactory = $cookieMetadataFactory;
+        $this->securityCookieHelper = $securityCookieHelper;
     }
 
     /**
@@ -110,7 +81,7 @@ public function aroundProlong(Session $session, \Closure $proceed)
     protected function addUserLogoutNotification()
     {
         if ($this->isAjaxRequest()) {
-            $this->setLogoutReasonCookie(
+            $this->securityCookieHelper->setLogoutReasonCookie(
                 $this->sessionsManager->getCurrentSession()->getStatus()
             );
         } else {
@@ -122,27 +93,6 @@ protected function addUserLogoutNotification()
         return $this;
     }
 
-    /**
-     * Set logout reason cookie
-     *
-     * @param int $status
-     * @return $this
-     */
-    protected function setLogoutReasonCookie($status)
-    {
-        /** @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadata $metaData */
-        $metaData = $this->cookieMetadataFactory->create();
-        $metaData->setPath('/' . $this->backendData->getAreaFrontName());
-
-        $this->phpCookieManager->setPublicCookie(
-            self::LOGOUT_REASON_CODE_COOKIE_NAME,
-            (int) $status,
-            $metaData
-        );
-
-        return $this;
-    }
-
     /**
      * Check if a request is session check
      *

app/code/Magento/Security/Model/Plugin/LoginController.php

@@ -6,7 +6,6 @@
 namespace Magento\Security\Model\Plugin;
 
 use Magento\Security\Model\AdminSessionsManager;
-use Magento\Framework\Stdlib\Cookie\CookieReaderInterface;
 use Magento\Backend\Controller\Adminhtml\Auth\Login;
 
 /**
@@ -25,47 +24,23 @@ class LoginController
     protected $sessionsManager;
 
     /**
-     * @var \Magento\Framework\Stdlib\Cookie\PhpCookieManager
+     * @var \Magento\Security\Helper\SecurityCookie
      */
-    protected $phpCookieManager;
-
-    /**
-     * @var CookieReaderInterface
-     */
-    protected $cookieReader;
-
-    /**
-     * @var \Magento\Backend\Helper\Data
-     */
-    protected $backendData;
-
-    /**
-     * @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory
-     */
-    protected $cookieMetadataFactory;
+    protected $securityCookieHelper;
 
     /**
      * @param \Magento\Framework\Message\ManagerInterface $messageManager
      * @param AdminSessionsManager $sessionsManager
-     * @param \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager
-     * @param CookieReaderInterface $cookieReader
-     * @param \Magento\Backend\Helper\Data $backendData
-     * @param \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory
+     * @param \Magento\Security\Helper\SecurityCookie $securityCookieHelper
      */
     public function __construct(
         \Magento\Framework\Message\ManagerInterface $messageManager,
         AdminSessionsManager $sessionsManager,
-        \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager,
-        CookieReaderInterface $cookieReader,
-        \Magento\Backend\Helper\Data $backendData,
-        \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory
+        \Magento\Security\Helper\SecurityCookie $securityCookieHelper
     ) {
         $this->messageManager = $messageManager;
         $this->sessionsManager = $sessionsManager;
-        $this->phpCookieManager = $phpCookieManager;
-        $this->cookieReader = $cookieReader;
-        $this->backendData = $backendData;
-        $this->cookieMetadataFactory = $cookieMetadataFactory;
+        $this->securityCookieHelper = $securityCookieHelper;
     }
 
     /**
@@ -76,12 +51,12 @@ public function __construct(
      */
     public function beforeExecute(Login $login)
     {
-        $logoutReasonCode = $this->cookieReader->getCookie(AuthSession::LOGOUT_REASON_CODE_COOKIE_NAME, -1);
+        $logoutReasonCode = $this->securityCookieHelper->getLogoutReasonCookie();
         if ($this->isLoginForm($login) && $logoutReasonCode >= 0) {
             $this->messageManager->addError(
                 $this->sessionsManager->getLogoutReasonMessageByStatus($logoutReasonCode)
             );
-            $this->deleteLogoutReasonCookie();
+            $this->securityCookieHelper->deleteLogoutReasonCookie();
         }
     }
 
@@ -95,24 +70,4 @@ protected function isLoginForm(Login $login)
     {
         return $login->getRequest()->getUri() == $login->getUrl('*');
     }
-
-    /**
-     * Delete cookie with reason of logout
-     *
-     * @return $this
-     */
-    protected function deleteLogoutReasonCookie()
-    {
-        /** @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadata $metaData */
-        $metaData = $this->cookieMetadataFactory->create();
-        $metaData->setPath('/' . $this->backendData->getAreaFrontName())->setDuration(-1);
-
-        $this->phpCookieManager->setPublicCookie(
-            AuthSession::LOGOUT_REASON_CODE_COOKIE_NAME,
-            '',
-            $metaData
-        );
-
-        return $this;
-    }
 }