Skip to content

Commit 96d9bdd

Browse files
author
Roman Leshchenko
committed
MAGETWO-92725: Incorrect group actions behavior
1 parent e8f34de commit 96d9bdd

File tree

2 files changed

+33
-2
lines changed
  • app/code/Magento/Customer/Controller/Adminhtml/Group
  • dev/tests/integration/testsuite/Magento/Customer/Controller/Adminhtml

2 files changed

+33
-2
lines changed

app/code/Magento/Customer/Controller/Adminhtml/Group/Delete.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,16 +7,22 @@
77
namespace Magento\Customer\Controller\Adminhtml\Group;
88

99
use Magento\Framework\Exception\NoSuchEntityException;
10+
use Magento\Framework\Exception\NotFoundException;
1011

1112
class Delete extends \Magento\Customer\Controller\Adminhtml\Group
1213
{
1314
/**
1415
* Delete customer group.
1516
*
1617
* @return \Magento\Backend\Model\View\Result\Redirect
18+
* @throws NotFoundException
1719
*/
1820
public function execute()
1921
{
22+
if (!$this->getRequest()->isPost()) {
23+
throw new NotFoundException(__('Page not found'));
24+
}
25+
2026
$id = $this->getRequest()->getParam('id');
2127
/** @var \Magento\Backend\Model\View\Result\Redirect $resultRedirect */
2228
$resultRedirect = $this->resultRedirectFactory->create();

dev/tests/integration/testsuite/Magento/Customer/Controller/Adminhtml/GroupTest.php

Lines changed: 27 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77

88
use Magento\Framework\Message\MessageInterface;
99
use Magento\TestFramework\Helper\Bootstrap;
10+
use Magento\Framework\Data\Form\FormKey;
1011

1112
/**
1213
* @magentoAppArea adminhtml
@@ -80,6 +81,11 @@ public function testNewActionWithCustomerGroupDataInSession()
8081
*/
8182
public function testDeleteActionNoGroupId()
8283
{
84+
/** @var FormKey $formKey */
85+
$formKey = $this->_objectManager->get(FormKey::class);
86+
87+
$this->getRequest()->setMethod('POST');
88+
$this->getRequest()->setParam('form_key', $formKey->getFormKey());
8389
$this->dispatch('backend/customer/group/delete');
8490
$this->assertRedirect($this->stringStartsWith(self::BASE_CONTROLLER_URL));
8591
}
@@ -90,7 +96,17 @@ public function testDeleteActionNoGroupId()
9096
public function testDeleteActionExistingGroup()
9197
{
9298
$groupId = $this->findGroupIdWithCode(self::CUSTOMER_GROUP_CODE);
93-
$this->getRequest()->setParam('id', $groupId);
99+
100+
/** @var FormKey $formKey */
101+
$formKey = $this->_objectManager->get(FormKey::class);
102+
103+
$this->getRequest()->setMethod('POST');
104+
$this->getRequest()->setParams(
105+
[
106+
'id' => $groupId,
107+
'form_key' => $formKey->getFormKey()
108+
]
109+
);
94110
$this->dispatch('backend/customer/group/delete');
95111

96112
/**
@@ -108,7 +124,16 @@ public function testDeleteActionExistingGroup()
108124
*/
109125
public function testDeleteActionNonExistingGroupId()
110126
{
111-
$this->getRequest()->setParam('id', 10000);
127+
/** @var FormKey $formKey */
128+
$formKey = $this->_objectManager->get(FormKey::class);
129+
130+
$this->getRequest()->setMethod('POST');
131+
$this->getRequest()->setParams(
132+
[
133+
'id' => 10000,
134+
'form_key' => $formKey->getFormKey()
135+
]
136+
);
112137
$this->dispatch('backend/customer/group/delete');
113138

114139
/**

0 commit comments

Comments
 (0)