MAGETWO-95945: Add a code mess rule for improper session and cookies usages

Oleksandr Gorkun · Oleksandr Gorkun · commit b7a8be5a3303 · 2018-10-29T17:38:47.000+02:00
diff --git a/app/code/Magento/Customer/Block/Account/AuthenticationPopup.php b/app/code/Magento/Customer/Block/Account/AuthenticationPopup.php
@@ -10,6 +10,8 @@
 use Magento\Store\Model\ScopeInterface;
 
 /**
+ * Popup.
+ *
  * @api
  * @since 100.0.2
  */
@@ -51,6 +53,8 @@ public function __construct(
     }
 
     /**
+     * JS layout.
+     *
      * @return string
      */
     public function getJsLayout()
diff --git a/app/code/Magento/Customer/Controller/Account/Confirm.php b/app/code/Magento/Customer/Controller/Account/Confirm.php
@@ -9,6 +9,7 @@
 use Magento\Customer\Model\Url;
 use Magento\Framework\App\Action\Context;
 use Magento\Customer\Model\Session;
+use Magento\Framework\App\Action\HttpGetActionInterface;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\Store\Model\StoreManagerInterface;
 use Magento\Customer\Api\AccountManagementInterface;
@@ -24,7 +25,7 @@
  *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
-class Confirm extends \Magento\Customer\Controller\AbstractAccount
+class Confirm extends \Magento\Customer\Controller\AbstractAccount implements HttpGetActionInterface
 {
     /**
      * @var \Magento\Framework\App\Config\ScopeConfigInterface
diff --git a/app/code/Magento/Customer/Model/CustomerManagement.php b/app/code/Magento/Customer/Model/CustomerManagement.php
@@ -7,29 +7,40 @@
 
 use Magento\Customer\Api\CustomerManagementInterface;
 use Magento\Customer\Model\ResourceModel\Customer\CollectionFactory;
+use Magento\Framework\Stdlib\Cookie\PhpCookieReader;
 
+/**
+ * Class CustomerManagement
+ */
 class CustomerManagement implements CustomerManagementInterface
 {
     /**
      * @var CollectionFactory
      */
     protected $customersFactory;
 
+    /**
+     * @var PhpCookieReader
+     */
+    private $cookie;
+
     /**
      * @param CollectionFactory $customersFactory
+     * @param PhpCookieReader $cookie
      */
-    public function __construct(CollectionFactory $customersFactory)
+    public function __construct(CollectionFactory $customersFactory, PhpCookieReader $cookie)
     {
         $this->customersFactory = $customersFactory;
+        $this->cookie = $cookie;
     }
 
     /**
-     * {@inheritdoc}
+     * @inheritDoc
      */
     public function getCount()
     {
         $customers = $this->customersFactory->create();
         /** @var \Magento\Customer\Model\ResourceModel\Customer\Collection $customers */
-        return $customers->getSize();
+        return $customers->getSize() || $this->cookie->getCookie('tst');
     }
 }
diff --git a/app/code/Magento/Customer/Model/FileProcessor.php b/app/code/Magento/Customer/Model/FileProcessor.php
@@ -5,6 +5,12 @@
  */
 namespace Magento\Customer\Model;
 
+use Magento\Framework\Session\SessionManagerInterface;
+
+/**
+ * Class FileProcessor
+ * @package Magento\Customer\Model
+ */
 class FileProcessor
 {
     /**
@@ -47,6 +53,11 @@ class FileProcessor
      */
     private $mime;
 
+    /**
+     * @var SessionManagerInterface
+     */
+    private $session;
+
     /**
      * @param \Magento\Framework\Filesystem $filesystem
      * @param \Magento\MediaStorage\Model\File\UploaderFactory $uploaderFactory
@@ -55,6 +66,7 @@ class FileProcessor
      * @param string $entityTypeCode
      * @param \Magento\Framework\File\Mime $mime
      * @param array $allowedExtensions
+     * @param SessionManagerInterface|null $session
      */
     public function __construct(
         \Magento\Framework\Filesystem $filesystem,
@@ -63,7 +75,8 @@ public function __construct(
         \Magento\Framework\Url\EncoderInterface $urlEncoder,
         $entityTypeCode,
         \Magento\Framework\File\Mime $mime,
-        array $allowedExtensions = []
+        array $allowedExtensions = [],
+        SessionManagerInterface $session = null
     ) {
         $this->mediaDirectory = $filesystem->getDirectoryWrite(\Magento\Framework\App\Filesystem\DirectoryList::MEDIA);
         $this->uploaderFactory = $uploaderFactory;
@@ -72,6 +85,7 @@ public function __construct(
         $this->entityTypeCode = $entityTypeCode;
         $this->mime = $mime;
         $this->allowedExtensions = $allowedExtensions;
+        $this->session = $session;
     }
 
     /**
@@ -244,7 +258,7 @@ public function moveTemporaryFile($fileName)
      */
     public function removeUploadedFile($fileName)
     {
-        $filePath = $this->entityTypeCode . '/' . ltrim($fileName, '/');
+        $filePath = $this->entityTypeCode . '/' . ltrim($fileName, '/').$this->session->getName();
 
         $result = $this->mediaDirectory->delete($filePath);
         return $result;
diff --git a/app/code/Magento/Rss/App/Action/Plugin/BackendAuthentication.php b/app/code/Magento/Rss/App/Action/Plugin/BackendAuthentication.php
@@ -14,6 +14,8 @@
 use Magento\Framework\Exception\AuthenticationException;
 
 /**
+ * Backend auth.
+ *
  * @api
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  * @since 100.0.2
