MC-38005: Improve Customer Update through REST API

SeruyV · SeruyV · commit b61295679ce4 · 2020-10-07T15:41:43.000+03:00
diff --git a/app/code/Magento/CustomerGraphQl/Model/Context/AddUserInfoToContext.php b/app/code/Magento/CustomerGraphQl/Model/Context/AddUserInfoToContext.php
@@ -60,6 +60,8 @@ public function execute(ContextParametersInterface $contextParameters): ContextP
      */
     private function isCustomer(?int $customerId, ?int $customerType): bool
     {
-        return !empty($customerId) && !empty($customerType) && $customerType !== UserContextInterface::USER_TYPE_GUEST;
+        return !empty($customerId)
+            && !empty($customerType)
+            && $customerType === UserContextInterface::USER_TYPE_CUSTOMER;
     }
 }
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GetCustomerTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GetCustomerTest.php
@@ -7,13 +7,21 @@
 
 namespace Magento\GraphQl\Customer;
 
+use Exception;
+use Magento\Customer\Api\AccountManagementInterface;
 use Magento\Customer\Api\CustomerRepositoryInterface;
 use Magento\Customer\Model\CustomerAuthUpdate;
 use Magento\Customer\Model\CustomerRegistry;
+use Magento\Framework\ObjectManagerInterface;
+use Magento\Integration\Api\AdminTokenServiceInterface;
 use Magento\Integration\Api\CustomerTokenServiceInterface;
 use Magento\TestFramework\Helper\Bootstrap;
+use Magento\TestFramework\Bootstrap as TestBootstrap;
 use Magento\TestFramework\TestCase\GraphQlAbstract;
 
+/**
+ * GraphQl tests for @see \Magento\CustomerGraphQl\Model\Customer\GetCustomer.
+ */
 class GetCustomerTest extends GraphQlAbstract
 {
     /**
@@ -36,14 +44,23 @@ class GetCustomerTest extends GraphQlAbstract
      */
     private $customerRepository;
 
+    /**
+     * @var ObjectManagerInterface
+     */
+    private $objectManager;
+
+    /**
+     * @inheridoc
+     */
     protected function setUp(): void
     {
         parent::setUp();
 
-        $this->customerTokenService = Bootstrap::getObjectManager()->get(CustomerTokenServiceInterface::class);
-        $this->customerRegistry = Bootstrap::getObjectManager()->get(CustomerRegistry::class);
-        $this->customerAuthUpdate = Bootstrap::getObjectManager()->get(CustomerAuthUpdate::class);
-        $this->customerRepository = Bootstrap::getObjectManager()->get(CustomerRepositoryInterface::class);
+        $this->objectManager = Bootstrap::getObjectManager();
+        $this->customerTokenService = $this->objectManager->get(CustomerTokenServiceInterface::class);
+        $this->customerRegistry = $this->objectManager->get(CustomerRegistry::class);
+        $this->customerAuthUpdate = $this->objectManager->get(CustomerAuthUpdate::class);
+        $this->customerRepository = $this->objectManager->get(CustomerRepositoryInterface::class);
     }
 
     /**
@@ -71,18 +88,19 @@ public function testGetCustomer()
             $this->getCustomerAuthHeaders($currentEmail, $currentPassword)
         );
 
-        $this->assertEquals(null, $response['customer']['id']);
+        $this->assertNull($response['customer']['id']);
         $this->assertEquals('John', $response['customer']['firstname']);
         $this->assertEquals('Smith', $response['customer']['lastname']);
         $this->assertEquals($currentEmail, $response['customer']['email']);
     }
 
     /**
-     * @expectedException \Exception
-     * @expectedExceptionMessage The current customer isn't authorized.
      */
     public function testGetCustomerIfUserIsNotAuthorized()
     {
+        $this->expectException(Exception::class);
+        $this->expectExceptionMessage('The current customer isn\'t authorized.');
+
         $query = <<<QUERY
 query {
     customer {
@@ -95,17 +113,49 @@ public function testGetCustomerIfUserIsNotAuthorized()
         $this->graphQlQuery($query);
     }
 
+    /**
+     * @magentoApiDataFixture Magento/User/_files/user_with_role.php
+     * @return void
+     */
+    public function testGetCustomerIfUserHasWrongType(): void
+    {
+        /** @var $adminTokenService AdminTokenServiceInterface */
+        $adminTokenService = $this->objectManager->get(AdminTokenServiceInterface::class);
+        $adminToken = $adminTokenService->createAdminAccessToken('adminUser', TestBootstrap::ADMIN_PASSWORD);
+
+        $this->expectException(Exception::class);
+        $this->expectExceptionMessage('The current customer isn\'t authorized.');
+
+        $query = <<<QUERY
+query {
+    customer {
+        firstname
+        lastname
+        email
+    }
+}
+QUERY;
+        $this->graphQlQuery(
+            $query,
+            [],
+            '',
+            ['Authorization' => 'Bearer ' . $adminToken]
+        );
+    }
+
     /**
      * @magentoApiDataFixture Magento/Customer/_files/customer.php
-     * @expectedException \Exception
-     * @expectedExceptionMessage The account is locked.
      */
     public function testGetCustomerIfAccountIsLocked()
     {
-        $this->lockCustomer(1);
-
         $currentEmail = 'customer@example.com';
         $currentPassword = 'password';
+        $customer = $this->customerRepository->get($currentEmail);
+
+        $this->lockCustomer((int)$customer->getId());
+
+        $this->expectException(Exception::class);
+        $this->expectExceptionMessage('The account is locked.');
 
         $query = <<<QUERY
 query {
@@ -125,18 +175,19 @@ public function testGetCustomerIfAccountIsLocked()
     }
 
     /**
-     * @magentoApiDataFixture Magento/Customer/_files/customer_confirmation_config_enable.php
+     * @magentoConfigFixture customer/create_account/confirm 1
      * @magentoApiDataFixture Magento/Customer/_files/customer.php
-     * @expectedExceptionMessage This account isn't confirmed. Verify and try again.
+     *
      */
     public function testAccountIsNotConfirmed()
     {
+        $this->expectExceptionMessage("This account isn't confirmed. Verify and try again.");
         $customerEmail = 'customer@example.com';
         $currentPassword = 'password';
+        $customer = $this->customerRepository->get($customerEmail);
         $headersMap = $this->getCustomerAuthHeaders($customerEmail, $currentPassword);
-        $customer = $this->customerRepository->getById(1)->setConfirmation(
-            \Magento\Customer\Api\AccountManagementInterface::ACCOUNT_CONFIRMATION_REQUIRED
-        );
+        $customer = $this->customerRepository->getById((int)$customer->getId())
+            ->setConfirmation(AccountManagementInterface::ACCOUNT_CONFIRMATION_REQUIRED);
         $this->customerRepository->save($customer);
         $query = <<<QUERY
 query {
@@ -158,6 +209,7 @@ public function testAccountIsNotConfirmed()
     private function getCustomerAuthHeaders(string $email, string $password): array
     {
         $customerToken = $this->customerTokenService->createCustomerAccessToken($email, $password);
+
         return ['Authorization' => 'Bearer ' . $customerToken];
     }
 
diff --git a/dev/tests/integration/testsuite/Magento/User/_files/user_with_role_rollback.php b/dev/tests/integration/testsuite/Magento/User/_files/user_with_role_rollback.php
@@ -0,0 +1,16 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\User\Model\User;
+
+/** @var $model \Magento\User\Model\User */
+$model = Bootstrap::getObjectManager()->create(User::class);
+$user = $model->loadByUsername('adminUser');
+if ($user->getId()) {
+    $model->delete();
+}

Original file line number	Diff line number	Diff line change
`@@ -60,6 +60,8 @@ public function execute(ContextParametersInterface $contextParameters): ContextP`
`60`	`60`	`*/`
`61`	`61`	`private function isCustomer(?int $customerId, ?int $customerType): bool`
`62`	`62`	`{`
`63`		`- return !empty($customerId) && !empty($customerType) && $customerType !== UserContextInterface::USER_TYPE_GUEST;`
	`63`	`+ return !empty($customerId)`
	`64`	`+ && !empty($customerType)`
	`65`	`+ && $customerType === UserContextInterface::USER_TYPE_CUSTOMER;`
`64`	`66`	`}`
`65`	`67`	`}`