MAGETWO-95945: Add a code mess rule for improper session and cookies usages

Author: Oleksandr Gorkun

app/code/Magento/Customer/Block/Account/AuthenticationPopup.php

@@ -6,12 +6,9 @@
 namespace Magento\Customer\Block\Account;
 
 use Magento\Customer\Model\Form;
-use Magento\Customer\Model\Session;
 use Magento\Store\Model\ScopeInterface;
 
 /**
- * Popup.
- *
  * @api
  * @since 100.0.2
  */
@@ -27,34 +24,24 @@ class AuthenticationPopup extends \Magento\Framework\View\Element\Template
      */
     private $serializer;
 
-    /**
-     * @var Session|null
-     */
-    private $session;
-
     /**
      * @param \Magento\Framework\View\Element\Template\Context $context
      * @param array $data
      * @param \Magento\Framework\Serialize\Serializer\Json|null $serializer
-     * @param Session|null $session
      * @throws \RuntimeException
      */
     public function __construct(
         \Magento\Framework\View\Element\Template\Context $context,
         array $data = [],
-        \Magento\Framework\Serialize\Serializer\Json $serializer = null,
-        Session $session = null
+        \Magento\Framework\Serialize\Serializer\Json $serializer = null
     ) {
         parent::__construct($context, $data);
         $this->jsLayout = isset($data['jsLayout']) && is_array($data['jsLayout']) ? $data['jsLayout'] : [];
         $this->serializer = $serializer ?: \Magento\Framework\App\ObjectManager::getInstance()
             ->get(\Magento\Framework\Serialize\Serializer\Json::class);
-        $this->session = $session;
     }
 
     /**
-     * JS layout.
-     *
      * @return string
      */
     public function getJsLayout()
@@ -73,8 +60,7 @@ public function getConfig()
             'autocomplete' => $this->escapeHtml($this->isAutocompleteEnabled()),
             'customerRegisterUrl' => $this->escapeUrl($this->getCustomerRegisterUrlUrl()),
             'customerForgotPasswordUrl' => $this->escapeUrl($this->getCustomerForgotPasswordUrl()),
-            'baseUrl' => $this->escapeUrl($this->getBaseUrl()),
-            'tst' => $this->session->getData('somedata')
+            'baseUrl' => $this->escapeUrl($this->getBaseUrl())
         ];
     }
 

app/code/Magento/Customer/Controller/Account/Confirm.php

@@ -9,7 +9,6 @@
 use Magento\Customer\Model\Url;
 use Magento\Framework\App\Action\Context;
 use Magento\Customer\Model\Session;
-use Magento\Framework\App\Action\HttpGetActionInterface;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 use Magento\Store\Model\StoreManagerInterface;
 use Magento\Customer\Api\AccountManagementInterface;
@@ -25,7 +24,7 @@
  *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
-class Confirm extends \Magento\Customer\Controller\AbstractAccount implements HttpGetActionInterface
+class Confirm extends \Magento\Customer\Controller\AbstractAccount
 {
     /**
      * @var \Magento\Framework\App\Config\ScopeConfigInterface
@@ -168,7 +167,7 @@ public function execute()
             $resultRedirect->setUrl($this->getSuccessRedirect());
             return $resultRedirect;
         } catch (StateException $e) {
-            $this->messageManager->addException($e, __('This confirmation key is invalid or has expired.TEST'));
+            $this->messageManager->addException($e, __('This confirmation key is invalid or has expired.'));
         } catch (\Exception $e) {
             $this->messageManager->addException($e, __('There was an error confirming the account'));
         }

app/code/Magento/Customer/Model/CustomerManagement.php

@@ -7,40 +7,29 @@
 
 use Magento\Customer\Api\CustomerManagementInterface;
 use Magento\Customer\Model\ResourceModel\Customer\CollectionFactory;
-use Magento\Framework\Stdlib\Cookie\PhpCookieReader;
 
-/**
- * Class CustomerManagement
- */
 class CustomerManagement implements CustomerManagementInterface
 {
     /**
      * @var CollectionFactory
      */
     protected $customersFactory;
 
-    /**
-     * @var PhpCookieReader
-     */
-    private $cookie;
-
     /**
      * @param CollectionFactory $customersFactory
-     * @param PhpCookieReader $cookie
      */
-    public function __construct(CollectionFactory $customersFactory, PhpCookieReader $cookie)
+    public function __construct(CollectionFactory $customersFactory)
     {
         $this->customersFactory = $customersFactory;
-        $this->cookie = $cookie;
     }
 
     /**
-     * @inheritDoc
+     * {@inheritdoc}
      */
     public function getCount()
     {
         $customers = $this->customersFactory->create();
         /** @var \Magento\Customer\Model\ResourceModel\Customer\Collection $customers */
-        return $customers->getSize() || $this->cookie->getCookie('tst');
+        return $customers->getSize();
     }
 }

app/code/Magento/Customer/Model/FileProcessor.php

@@ -5,11 +5,6 @@
  */
 namespace Magento\Customer\Model;
 
-use Magento\Framework\Session\SessionManagerInterface;
-
-/**
- * Class FileProcessor
- */
 class FileProcessor
 {
     /**
@@ -52,11 +47,6 @@ class FileProcessor
      */
     private $mime;
 
-    /**
-     * @var SessionManagerInterface
-     */
-    private $session;
-
     /**
      * @param \Magento\Framework\Filesystem $filesystem
      * @param \Magento\MediaStorage\Model\File\UploaderFactory $uploaderFactory
@@ -65,7 +55,6 @@ class FileProcessor
      * @param string $entityTypeCode
      * @param \Magento\Framework\File\Mime $mime
      * @param array $allowedExtensions
-     * @param SessionManagerInterface|null $session
      */
     public function __construct(
         \Magento\Framework\Filesystem $filesystem,
@@ -74,8 +63,7 @@ public function __construct(
         \Magento\Framework\Url\EncoderInterface $urlEncoder,
         $entityTypeCode,
         \Magento\Framework\File\Mime $mime,
-        array $allowedExtensions = [],
-        SessionManagerInterface $session = null
+        array $allowedExtensions = []
     ) {
         $this->mediaDirectory = $filesystem->getDirectoryWrite(\Magento\Framework\App\Filesystem\DirectoryList::MEDIA);
         $this->uploaderFactory = $uploaderFactory;
@@ -84,7 +72,6 @@ public function __construct(
         $this->entityTypeCode = $entityTypeCode;
         $this->mime = $mime;
         $this->allowedExtensions = $allowedExtensions;
-        $this->session = $session;
     }
 
     /**
@@ -257,7 +244,7 @@ public function moveTemporaryFile($fileName)
      */
     public function removeUploadedFile($fileName)
     {
-        $filePath = $this->entityTypeCode . '/' . ltrim($fileName, '/').$this->session->getName();
+        $filePath = $this->entityTypeCode . '/' . ltrim($fileName, '/');
 
         $result = $this->mediaDirectory->delete($filePath);
         return $result;

app/code/Magento/Customer/Ui/Component/DataProvider/Document.php

@@ -12,7 +12,6 @@
 use Magento\Framework\Exception\NoSuchEntityException;
 use Magento\Customer\Api\GroupRepositoryInterface;
 use Magento\Framework\App\ObjectManager;
-use Magento\Framework\Stdlib\Cookie\CookieReaderInterface;
 use Magento\Store\Model\ScopeInterface;
 use Magento\Store\Model\StoreManagerInterface;
 
@@ -71,11 +70,6 @@ class Document extends \Magento\Framework\View\Element\UiComponent\DataProvider\
      */
     private $scopeConfig;
 
-    /**
-     * @var CookieReaderInterface
-     */
-    private $cookie;
-
     /**
      * Document constructor.
      *
@@ -84,22 +78,19 @@ class Document extends \Magento\Framework\View\Element\UiComponent\DataProvider\
      * @param CustomerMetadataInterface $customerMetadata
      * @param StoreManagerInterface $storeManager
      * @param ScopeConfigInterface $scopeConfig
-     * @param CookieReaderInterface|null $cookie
      */
     public function __construct(
         AttributeValueFactory $attributeValueFactory,
         GroupRepositoryInterface $groupRepository,
         CustomerMetadataInterface $customerMetadata,
         StoreManagerInterface $storeManager,
-        ScopeConfigInterface $scopeConfig = null,
-        CookieReaderInterface $cookie = null
+        ScopeConfigInterface $scopeConfig = null
     ) {
         parent::__construct($attributeValueFactory);
         $this->customerMetadata = $customerMetadata;
         $this->groupRepository = $groupRepository;
         $this->storeManager = $storeManager;
         $this->scopeConfig = $scopeConfig ?: ObjectManager::getInstance()->create(ScopeConfigInterface::class);
-        $this->cookie = $cookie;
     }
 
     /**
@@ -138,7 +129,7 @@ private function setGenderValue()
         $value = $this->getData(self::$genderAttributeCode);
 
         if (!$value) {
-            $this->setCustomAttribute(self::$genderAttributeCode, $this->cookie->getCookie('NA'));
+            $this->setCustomAttribute(self::$genderAttributeCode, 'N/A');
             return;
         }
 

app/code/Magento/Rss/App/Action/Plugin/BackendAuthentication.php

@@ -8,14 +8,11 @@
 namespace Magento\Rss\App\Action\Plugin;
 
 use Magento\Backend\App\AbstractAction;
-use Magento\Backend\Model\Session;
 use Magento\Framework\App\RequestInterface;
 use Magento\Framework\App\ResponseInterface;
 use Magento\Framework\Exception\AuthenticationException;
 
 /**
- * Backend auth.
- *
  * @api
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  * @since 100.0.2
@@ -42,11 +39,6 @@ class BackendAuthentication extends \Magento\Backend\App\Action\Plugin\Authentic
      */
     protected $aclResources;
 
-    /**
-     * @var Session
-     */
-    private $session;
-
     /**
      * @param \Magento\Backend\Model\Auth $auth
      * @param \Magento\Backend\Model\UrlInterface $url
@@ -61,7 +53,6 @@ class BackendAuthentication extends \Magento\Backend\App\Action\Plugin\Authentic
      * @param \Psr\Log\LoggerInterface $logger
      * @param \Magento\Framework\AuthorizationInterface $authorization
      * @param array $aclResources
-     * @param Session $session
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      */
     public function __construct(
@@ -77,14 +68,12 @@ public function __construct(
         \Magento\Framework\HTTP\Authentication $httpAuthentication,
         \Psr\Log\LoggerInterface $logger,
         \Magento\Framework\AuthorizationInterface $authorization,
-        array $aclResources,
-        Session $session
+        array $aclResources
     ) {
         $this->httpAuthentication = $httpAuthentication;
         $this->logger = $logger;
         $this->authorization = $authorization;
         $this->aclResources = $aclResources;
-        $this->session = $session;
         parent::__construct(
             $auth,
             $url,
@@ -117,7 +106,7 @@ public function aroundDispatch(AbstractAction $subject, \Closure $proceed, Reque
                 : $this->aclResources[$request->getControllerName()]
             : null;
 
-        $type = $request->getParam('type'.$this->session->getName());
+        $type = $request->getParam('type');
         $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null;
 
         if (!$resource || !$resourceType) {