magento
diff --git a/‎app/code/Magento/Backend/App/AbstractAction.php
Lines changed: 138 additions & 114 deletions b/‎app/code/Magento/Backend/App/AbstractAction.php
Lines changed: 138 additions & 114 deletions
@@ -3,11 +3,24 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
 namespace Magento\Backend\App;
 
+use Magento\Backend\App\Action\Context;
+use Magento\Backend\Helper\Data as BackendHelper;
+use Magento\Backend\Model\Auth;
+use Magento\Backend\Model\Session;
+use Magento\Backend\Model\UrlInterface;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\AuthorizationInterface;
+use Magento\Framework\Data\Form\FormKey\Validator as FormKeyValidator;
+use Magento\Framework\Locale\ResolverInterface;
+use Magento\Framework\View\Element\AbstractBlock;
+
 /**
  * Generic backend controller
  *
+ * phpcs:disable Magento2.Classes.AbstractApi
  * @api
  * @SuppressWarnings(PHPMD.NumberOfChildren)
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
@@ -45,32 +58,32 @@ abstract class AbstractAction extends \Magento\Framework\App\Action\Action
     protected $_sessionNamespace = self::SESSION_NAMESPACE;
 
     /**
-     * @var \Magento\Backend\Helper\Data
+     * @var BackendHelper
      */
     protected $_helper;
 
     /**
-     * @var \Magento\Backend\Model\Session
+     * @var Session
      */
     protected $_session;
 
     /**
-     * @var \Magento\Framework\AuthorizationInterface
+     * @var AuthorizationInterface
      */
     protected $_authorization;
 
     /**
-     * @var \Magento\Backend\Model\Auth
+     * @var Auth
      */
     protected $_auth;
 
     /**
-     * @var \Magento\Backend\Model\UrlInterface
+     * @var UrlInterface
      */
     protected $_backendUrl;
 
     /**
-     * @var \Magento\Framework\Locale\ResolverInterface
+     * @var ResolverInterface
      */
     protected $_localeResolver;
 
@@ -80,14 +93,14 @@ abstract class AbstractAction extends \Magento\Framework\App\Action\Action
     protected $_canUseBaseUrl;
 
     /**
-     * @var \Magento\Framework\Data\Form\FormKey\Validator
+     * @var FormKeyValidator
      */
     protected $_formKeyValidator;
 
     /**
-     * @param \Magento\Backend\App\Action\Context $context
+     * @param Context $context
      */
-    public function __construct(Action\Context $context)
+    public function __construct(Context $context)
     {
         parent::__construct($context);
         $this->_authorization = $context->getAuthorization();
@@ -101,6 +114,95 @@ public function __construct(Action\Context $context)
     }
 
     /**
+     * Dispatches the Action
+     *
+     * @param RequestInterface $request
+     * @return \Magento\Framework\App\ResponseInterface
+     */
+    public function dispatch(RequestInterface $request)
+    {
+        if ($request->isDispatched() && $request->getActionName() !== 'denied' && !$this->_isAllowed()) {
+            $this->_response->setStatusHeader(403, '1.1', 'Forbidden');
+            if (!$this->_auth->isLoggedIn()) {
+                return $this->_redirect('*/auth/login');
+            }
+
+            $this->_view->loadLayout(['default', 'adminhtml_denied'], true, true, false);
+            $this->_view->renderLayout();
+            $this->_request->setDispatched(true);
+
+            return $this->_response;
+        }
+
+        if ($this->_isUrlChecked()) {
+            $this->_actionFlag->set('', self::FLAG_IS_URLS_CHECKED, true);
+        }
+
+        $this->_processLocaleSettings();
+
+        // Need to preload isFirstPageAfterLogin (see https://github.com/magento/magento2/issues/15510)
+        if ($this->_auth->isLoggedIn()) {
+            $this->_auth->getAuthStorage()->isFirstPageAfterLogin();
+        }
+
+        return parent::dispatch($request);
+    }
+
+    /**
+     * Check url keys. If non valid - redirect
+     *
+     * @return bool
+     *
+     * @see \Magento\Backend\App\Request\BackendValidator for default request validation.
+     */
+    public function _processUrlKeys()
+    {
+        $_isValidFormKey = true;
+        $_isValidSecretKey = true;
+        $_keyErrorMsg = '';
+        if ($this->_auth->isLoggedIn()) {
+            if ($this->getRequest()->isPost()) {
+                $_isValidFormKey = $this->_formKeyValidator->validate($this->getRequest());
+                $_keyErrorMsg = __('Invalid Form Key. Please refresh the page.');
+            } elseif ($this->_backendUrl->useSecretKey()) {
+                $_isValidSecretKey = $this->_validateSecretKey();
+                $_keyErrorMsg = __('You entered an invalid Secret Key. Please refresh the page.');
+            }
+        }
+        if (!$_isValidFormKey || !$_isValidSecretKey) {
+            $this->_actionFlag->set('', self::FLAG_NO_DISPATCH, true);
+            $this->_actionFlag->set('', self::FLAG_NO_POST_DISPATCH, true);
+            if ($this->getRequest()->getQuery('isAjax', false) || $this->getRequest()->getQuery('ajax', false)) {
+                $this->getResponse()->representJson(
+                    $this->_objectManager->get(
+                        \Magento\Framework\Json\Helper\Data::class
+                    )->jsonEncode(
+                        ['error' => true, 'message' => $_keyErrorMsg]
+                    )
+                );
+            } else {
+                $this->_redirect($this->_backendUrl->getStartupPageUrl());
+            }
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * Generate url by route and parameters
+     *
+     * @param string $route
+     * @param array $params
+     * @return string
+     */
+    public function getUrl($route = '', $params = [])
+    {
+        return $this->_helper->getUrl($route, $params);
+    }
+
+    /**
+     * Determines whether current user is allowed to access Action
+     *
      * @return bool
      */
     protected function _isAllowed()
@@ -119,6 +221,8 @@ protected function _getSession()
     }
 
     /**
+     * Returns instantiated Message\ManagerInterface.
+     *
      * @return \Magento\Framework\Message\ManagerInterface
      */
     protected function getMessageManager()
@@ -146,6 +250,8 @@ protected function _setActiveMenu($itemId)
     }
 
     /**
+     * Adds element to Breadcrumbs block
+     *
      * @param string $label
      * @param string $title
      * @param string|null $link
@@ -158,79 +264,51 @@ protected function _addBreadcrumb($label, $title, $link = null)
     }
 
     /**
-     * @param \Magento\Framework\View\Element\AbstractBlock $block
+     * Adds block to `content` block
+     *
+     * @param AbstractBlock $block
      * @return $this
      */
-    protected function _addContent(\Magento\Framework\View\Element\AbstractBlock $block)
+    protected function _addContent(AbstractBlock $block)
     {
         return $this->_moveBlockToContainer($block, 'content');
     }
 
     /**
-     * @param \Magento\Framework\View\Element\AbstractBlock $block
+     * Moves Block to `left` container
+     *
+     * @param AbstractBlock $block
      * @return $this
      */
-    protected function _addLeft(\Magento\Framework\View\Element\AbstractBlock $block)
+    protected function _addLeft(AbstractBlock $block)
     {
         return $this->_moveBlockToContainer($block, 'left');
     }
 
     /**
-     * @param \Magento\Framework\View\Element\AbstractBlock $block
+     * Adds Block to `js` container
+     *
+     * @param AbstractBlock $block
      * @return $this
      */
-    protected function _addJs(\Magento\Framework\View\Element\AbstractBlock $block)
+    protected function _addJs(AbstractBlock $block)
     {
         return $this->_moveBlockToContainer($block, 'js');
     }
 
     /**
-     * Set specified block as an anonymous child to specified container
-     *
-     * The block will be moved to the container from previous parent after all other elements
+     * Set specified block as an anonymous child to specified container.
      *
-     * @param \Magento\Framework\View\Element\AbstractBlock $block
+     * @param AbstractBlock $block
      * @param string $containerName
      * @return $this
      */
-    private function _moveBlockToContainer(\Magento\Framework\View\Element\AbstractBlock $block, $containerName)
+    private function _moveBlockToContainer(AbstractBlock $block, $containerName)
     {
         $this->_view->getLayout()->setChild($containerName, $block->getNameInLayout(), '');
         return $this;
     }
 
-    /**
-     * @param \Magento\Framework\App\RequestInterface $request
-     * @return \Magento\Framework\App\ResponseInterface
-     */
-    public function dispatch(\Magento\Framework\App\RequestInterface $request)
-    {
-        if ($request->isDispatched() && $request->getActionName() !== 'denied' && !$this->_isAllowed()) {
-            $this->_response->setStatusHeader(403, '1.1', 'Forbidden');
-            if (!$this->_auth->isLoggedIn()) {
-                return $this->_redirect('*/auth/login');
-            }
-            $this->_view->loadLayout(['default', 'adminhtml_denied'], true, true, false);
-            $this->_view->renderLayout();
-            $this->_request->setDispatched(true);
-
-            return $this->_response;
-        }
-
-        if ($this->_isUrlChecked()) {
-            $this->_actionFlag->set('', self::FLAG_IS_URLS_CHECKED, true);
-        }
-
-        $this->_processLocaleSettings();
-
-        // Need to preload isFirstPageAfterLogin (see https://github.com/magento/magento2/issues/15510)
-        if ($this->_auth->isLoggedIn()) {
-            $this->_auth->getAuthStorage()->isFirstPageAfterLogin();
-        }
-
-        return parent::dispatch($request);
-    }
-
     /**
      * Check whether url is checked
      *
@@ -239,55 +317,13 @@ public function dispatch(\Magento\Framework\App\RequestInterface $request)
     protected function _isUrlChecked()
     {
         return !$this->_actionFlag->get('', self::FLAG_IS_URLS_CHECKED)
-        && !$this->getRequest()->isForwarded()
-        && !$this->_getSession()->getIsUrlNotice(true)
-        && !$this->_canUseBaseUrl;
+            && !$this->getRequest()->isForwarded()
+            && !$this->_getSession()->getIsUrlNotice(true)
+            && !$this->_canUseBaseUrl;
     }
 
     /**
-     * Check url keys. If non valid - redirect
-     *
-     * @return bool
-     *
-     * @see \Magento\Backend\App\Request\BackendValidator for default
-     * request validation.
-     */
-    public function _processUrlKeys()
-    {
-        $_isValidFormKey = true;
-        $_isValidSecretKey = true;
-        $_keyErrorMsg = '';
-        if ($this->_auth->isLoggedIn()) {
-            if ($this->getRequest()->isPost()) {
-                $_isValidFormKey = $this->_formKeyValidator->validate($this->getRequest());
-                $_keyErrorMsg = __('Invalid Form Key. Please refresh the page.');
-            } elseif ($this->_backendUrl->useSecretKey()) {
-                $_isValidSecretKey = $this->_validateSecretKey();
-                $_keyErrorMsg = __('You entered an invalid Secret Key. Please refresh the page.');
-            }
-        }
-        if (!$_isValidFormKey || !$_isValidSecretKey) {
-            $this->_actionFlag->set('', self::FLAG_NO_DISPATCH, true);
-            $this->_actionFlag->set('', self::FLAG_NO_POST_DISPATCH, true);
-            if ($this->getRequest()->getQuery('isAjax', false) || $this->getRequest()->getQuery('ajax', false)) {
-                $this->getResponse()->representJson(
-                    $this->_objectManager->get(
-                        \Magento\Framework\Json\Helper\Data::class
-                    )->jsonEncode(
-                        ['error' => true, 'message' => $_keyErrorMsg]
-                    )
-                );
-            } else {
-                $this->_redirect($this->_backendUrl->getStartupPageUrl());
-            }
-            return false;
-        }
-        return true;
-    }
-
-    /**
-     * Set session locale,
-     * process force locale set through url params
+     * Set session locale, process force locale set through url params
      *
      * @return $this
      */
@@ -309,8 +345,8 @@ protected function _processLocaleSettings()
      * Set redirect into response
      *
      * @TODO MAGETWO-28356: Refactor controller actions to new ResultInterface
-     * @param   string $path
-     * @param   array $arguments
+     * @param string $path
+     * @param array $arguments
      * @return \Magento\Framework\App\ResponseInterface
      */
     protected function _redirect($path, $arguments = [])
@@ -333,19 +369,7 @@ protected function _redirect($path, $arguments = [])
     protected function _forward($action, $controller = null, $module = null, array $params = null)
     {
         $this->_getSession()->setIsUrlNotice($this->_actionFlag->get('', self::FLAG_IS_URLS_CHECKED));
-        return parent::_forward($action, $controller, $module, $params);
-    }
-
-    /**
-     * Generate url by route and parameters
-     *
-     * @param   string $route
-     * @param   array $params
-     * @return  string
-     */
-    public function getUrl($route = '', $params = [])
-    {
-        return $this->_helper->getUrl($route, $params);
+        parent::_forward($action, $controller, $module, $params);
     }
 
     /**
@@ -359,7 +383,7 @@ protected function _validateSecretKey()
             return true;
         }
 
-        $secretKey = $this->getRequest()->getParam(\Magento\Backend\Model\UrlInterface::SECRET_KEY_PARAM_NAME, null);
+        $secretKey = $this->getRequest()->getParam(UrlInterface::SECRET_KEY_PARAM_NAME, null);
         if (!$secretKey || $secretKey != $this->_backendUrl->getSecretKey()) {
             return false;
         }