Merge pull request #5708 from magento-engcom/module-login-as-customer

[EngCom] Login as Customer

Author: naydav

app/code/Magento/LoginAsCustomer/Model/AuthenticateCustomer.php renamed to app/code/Magento/LoginAsCustomer/Model/AuthenticateCustomerBySecret.php

@@ -9,35 +9,45 @@
 
 use Magento\Customer\Model\Session;
 use Magento\Framework\Exception\LocalizedException;
-use Magento\LoginAsCustomerApi\Api\AuthenticateCustomerInterface;
-use Magento\LoginAsCustomerApi\Api\Data\AuthenticationDataInterface;
+use Magento\LoginAsCustomerApi\Api\AuthenticateCustomerBySecretInterface;
+use Magento\LoginAsCustomerApi\Api\GetAuthenticationDataBySecretInterface;
 
 /**
  * @inheritdoc
  *
  * @SuppressWarnings(PHPMD.CookieAndSessionMisuse)
  */
-class AuthenticateCustomer implements AuthenticateCustomerInterface
+class AuthenticateCustomerBySecret implements AuthenticateCustomerBySecretInterface
 {
+    /**
+     * @var GetAuthenticationDataBySecretInterface
+     */
+    private $getAuthenticationDataBySecret;
+
     /**
      * @var Session
      */
     private $customerSession;
 
     /**
+     * @param GetAuthenticationDataBySecretInterface $getAuthenticationDataBySecret
      * @param Session $customerSession
      */
     public function __construct(
+        GetAuthenticationDataBySecretInterface $getAuthenticationDataBySecret,
         Session $customerSession
     ) {
+        $this->getAuthenticationDataBySecret = $getAuthenticationDataBySecret;
         $this->customerSession = $customerSession;
     }
 
     /**
      * @inheritdoc
      */
-    public function execute(AuthenticationDataInterface $authenticationData): void
+    public function execute(string $secret): void
     {
+        $authenticationData = $this->getAuthenticationDataBySecret->execute($secret);
+
         if ($this->customerSession->getId()) {
             $this->customerSession->logout();
         }

app/code/Magento/LoginAsCustomer/Model/ResourceModel/DeleteExpiredAuthenticationData.php renamed to app/code/Magento/LoginAsCustomer/Model/ResourceModel/DeleteAuthenticationDataForUser.php

@@ -10,12 +10,12 @@
 use Magento\Framework\App\ResourceConnection;
 use Magento\Framework\Stdlib\DateTime\DateTime;
 use Magento\LoginAsCustomerApi\Api\ConfigInterface;
-use Magento\LoginAsCustomerApi\Api\DeleteExpiredAuthenticationDataInterface;
+use Magento\LoginAsCustomerApi\Api\DeleteAuthenticationDataForUserInterface;
 
 /**
  * @inheritdoc
  */
-class DeleteExpiredAuthenticationData implements DeleteExpiredAuthenticationDataInterface
+class DeleteAuthenticationDataForUser implements DeleteAuthenticationDataForUserInterface
 {
     /**
      * @var ResourceConnection

app/code/Magento/LoginAsCustomer/Model/ResourceModel/GetAuthenticationDataBySecret.php

@@ -61,7 +61,7 @@ public function __construct(
     /**
      * @inheritdoc
      */
-    public function execute(string $secretKey): AuthenticationDataInterface
+    public function execute(string $secret): AuthenticationDataInterface
     {
         $connection = $this->resourceConnection->getConnection();
         $tableName = $this->resourceConnection->getTableName('login_as_customer');
@@ -73,7 +73,7 @@ public function execute(string $secretKey): AuthenticationDataInterface
 
         $select = $connection->select()
             ->from(['main_table' => $tableName])
-            ->where('main_table.secret = ?', $secretKey)
+            ->where('main_table.secret = ?', $secret)
             ->where('main_table.created_at > ?', $timePoint);
 
         $data = $connection->fetchRow($select);

app/code/Magento/LoginAsCustomerUi/Plugin/AdminLogoutPlugin.php renamed to app/code/Magento/LoginAsCustomer/Plugin/AdminLogoutPlugin.php

@@ -5,11 +5,11 @@
  */
 declare(strict_types=1);
 
-namespace Magento\LoginAsCustomerUi\Plugin;
+namespace Magento\LoginAsCustomer\Plugin;
 
 use Magento\Backend\Model\Auth;
 use Magento\LoginAsCustomerApi\Api\ConfigInterface;
-use Magento\LoginAsCustomerApi\Api\DeleteExpiredAuthenticationDataInterface;
+use Magento\LoginAsCustomerApi\Api\DeleteAuthenticationDataForUserInterface;
 
 /**
  * Delete all Login as Customer sessions for logging out admin.
@@ -22,20 +22,20 @@ class AdminLogoutPlugin
     private $config;
 
     /**
-     * @var DeleteExpiredAuthenticationDataInterface
+     * @var DeleteAuthenticationDataForUserInterface
      */
-    private $deleteExpiredAuthenticationData;
+    private $deleteAuthenticationDataForUser;
 
     /**
      * @param ConfigInterface $config
-     * @param DeleteExpiredAuthenticationDataInterface $deleteExpiredAuthenticationData
+     * @param DeleteAuthenticationDataForUserInterface $deleteAuthenticationDataForUser
      */
     public function __construct(
         ConfigInterface $config,
-        DeleteExpiredAuthenticationDataInterface $deleteExpiredAuthenticationData
+        DeleteAuthenticationDataForUserInterface $deleteAuthenticationDataForUser
     ) {
         $this->config = $config;
-        $this->deleteExpiredAuthenticationData = $deleteExpiredAuthenticationData;
+        $this->deleteAuthenticationDataForUser = $deleteAuthenticationDataForUser;
     }
 
     /**
@@ -47,7 +47,7 @@ public function beforeLogout(Auth $subject): void
     {
         if ($this->config->isEnabled()) {
             $userId = (int)$subject->getUser()->getId();
-            $this->deleteExpiredAuthenticationData->execute($userId);
+            $this->deleteAuthenticationDataForUser->execute($userId);
         }
     }
 }

app/code/Magento/LoginAsCustomer/composer.json

@@ -7,6 +7,9 @@
         "magento/module-customer": "*",
         "magento/module-login-as-customer-api": "*"
     },
+    "suggest": {
+        "magento/module-backend": "*"
+    },
     "type": "magento2-module",
     "license": [
         "OSL-3.0",

app/code/Magento/LoginAsCustomer/etc/db_schema.xml

@@ -7,7 +7,7 @@
 -->
 <schema xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:framework:Setup/Declaration/Schema/etc/schema.xsd">
-    <table name="login_as_customer" resource="default" engine="innodb" comment="Magento Login As Customer Table">
+    <table name="login_as_customer" resource="default" engine="innodb" comment="Magento Login as Customer Table">
         <column xsi:type="varchar" name="secret" nullable="false" length="64" comment="Login Secret"/>
         <column xsi:type="int" name="customer_id" nullable="false" comment="Customer ID"/>
         <column xsi:type="int" name="admin_id" nullable="false" comment="Admin ID"/>

app/code/Magento/LoginAsCustomer/etc/di.xml

@@ -9,9 +9,11 @@
     <preference for="Magento\LoginAsCustomerApi\Api\Data\AuthenticationDataInterface" type="Magento\LoginAsCustomer\Model\AuthenticationData"/>
     <preference for="Magento\LoginAsCustomerApi\Api\SaveAuthenticationDataInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\SaveAuthenticationData"/>
     <preference for="Magento\LoginAsCustomerApi\Api\GetAuthenticationDataBySecretInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\GetAuthenticationDataBySecret"/>
-    <preference for="Magento\LoginAsCustomerApi\Api\AuthenticateCustomerInterface" type="Magento\LoginAsCustomer\Model\AuthenticateCustomer"/>
-    <preference for="Magento\LoginAsCustomerApi\Api\DeleteAuthenticationDataBySecretInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\DeleteAuthenticationDataBySecret"/>
-    <preference for="Magento\LoginAsCustomerApi\Api\DeleteExpiredAuthenticationDataInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\DeleteExpiredAuthenticationData"/>
+    <preference for="Magento\LoginAsCustomerApi\Api\AuthenticateCustomerBySecretInterface" type="Magento\LoginAsCustomer\Model\AuthenticateCustomerBySecret"/>
+    <preference for="Magento\LoginAsCustomerApi\Api\DeleteAuthenticationDataForUserInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\DeleteAuthenticationDataForUser"/>
     <preference for="Magento\LoginAsCustomerApi\Api\ConfigInterface" type="Magento\LoginAsCustomer\Model\Config"/>
     <preference for="Magento\LoginAsCustomerApi\Api\IsLoginAsCustomerSessionActiveInterface" type="Magento\LoginAsCustomer\Model\ResourceModel\IsLoginAsCustomerSessionActive"/>
+    <type name="Magento\Backend\Model\Auth">
+        <plugin name="login_as_customer_admin_logout" type="Magento\LoginAsCustomer\Plugin\AdminLogoutPlugin"/>
+    </type>
 </config>

app/code/Magento/LoginAsCustomerUi/Block/Adminhtml/ConfirmationPopup.php renamed to app/code/Magento/LoginAsCustomerAdminUi/Block/Adminhtml/ConfirmationPopup.php

@@ -5,37 +5,31 @@
  */
 declare(strict_types=1);
 
-namespace Magento\LoginAsCustomerUi\Block\Adminhtml;
+namespace Magento\LoginAsCustomerAdminUi\Block\Adminhtml;
 
-use Magento\Framework\Serialize\Serializer\Json;
-use Magento\Store\Ui\Component\Listing\Column\Store\Options as StoreOptions;
 use Magento\Backend\Block\Template;
+use Magento\Framework\Serialize\Serializer\Json;
 use Magento\LoginAsCustomerApi\Api\ConfigInterface;
+use Magento\Store\Ui\Component\Listing\Column\Store\Options as StoreOptions;
 
 /**
- * Admin blog post
+ * Login confirmation pop-up
  *
  * @api
  */
 class ConfirmationPopup extends Template
 {
     /**
-     * Store Options
-     *
      * @var StoreOptions
      */
     private $storeOptions;
 
     /**
-     * Config
-     *
      * @var ConfigInterface
      */
     private $config;
 
     /**
-     * Json Serializer
-     *
      * @var Json
      */
     private $json;
@@ -83,15 +77,13 @@ public function getJsLayout()
     }
 
     /**
-     * Render block HTML
-     *
-     * @return string
+     * @inheritdoc
      */
-    protected function _toHtml()
+    public function toHtml()
     {
         if (!$this->config->isEnabled()) {
             return '';
         }
-        return parent::_toHtml();
+        return parent::toHtml();
     }
 }

app/code/Magento/LoginAsCustomerUi/Controller/Adminhtml/Login/Login.php renamed to app/code/Magento/LoginAsCustomerAdminUi/Controller/Adminhtml/Login/Login.php

@@ -5,14 +5,13 @@
  */
 declare(strict_types=1);
 
-namespace Magento\LoginAsCustomerUi\Controller\Adminhtml\Login;
+namespace Magento\LoginAsCustomerAdminUi\Controller\Adminhtml\Login;
 
 use Magento\Backend\App\Action;
 use Magento\Backend\App\Action\Context;
 use Magento\Backend\Model\Auth\Session;
 use Magento\Customer\Api\CustomerRepositoryInterface;
 use Magento\Framework\App\Action\HttpGetActionInterface;
-use Magento\Framework\App\Action\HttpPostActionInterface;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Controller\ResultInterface;
@@ -22,19 +21,17 @@
 use Magento\LoginAsCustomerApi\Api\ConfigInterface;
 use Magento\LoginAsCustomerApi\Api\Data\AuthenticationDataInterface;
 use Magento\LoginAsCustomerApi\Api\Data\AuthenticationDataInterfaceFactory;
-use Magento\LoginAsCustomerApi\Api\DeleteExpiredAuthenticationDataInterface;
+use Magento\LoginAsCustomerApi\Api\DeleteAuthenticationDataForUserInterface;
 use Magento\LoginAsCustomerApi\Api\SaveAuthenticationDataInterface;
 use Magento\Store\Model\StoreManagerInterface;
 
 /**
  * Login as customer action
  * Generate secret key and forward to the storefront action
  *
- * This action can be executed via GET request when "Store View To Login In" is disabled, and POST when it is enabled
- *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
-class Login extends Action implements HttpGetActionInterface, HttpPostActionInterface
+class Login extends Action implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session
@@ -74,9 +71,9 @@ class Login extends Action implements HttpGetActionInterface, HttpPostActionInte
     private $saveAuthenticationData;
 
     /**
-     * @var DeleteExpiredAuthenticationDataInterface
+     * @var DeleteAuthenticationDataForUserInterface
      */
-    private $deleteExpiredAuthenticationData;
+    private $deleteAuthenticationDataForUser;
 
     /**
      * @var Url
@@ -91,7 +88,7 @@ class Login extends Action implements HttpGetActionInterface, HttpPostActionInte
      * @param ConfigInterface $config
      * @param AuthenticationDataInterfaceFactory $authenticationDataFactory
      * @param SaveAuthenticationDataInterface $saveAuthenticationData ,
-     * @param DeleteExpiredAuthenticationDataInterface $deleteExpiredAuthenticationData
+     * @param DeleteAuthenticationDataForUserInterface $deleteAuthenticationDataForUser
      * @param Url $url
      */
     public function __construct(
@@ -102,7 +99,7 @@ public function __construct(
         ConfigInterface $config,
         AuthenticationDataInterfaceFactory $authenticationDataFactory,
         SaveAuthenticationDataInterface $saveAuthenticationData,
-        DeleteExpiredAuthenticationDataInterface $deleteExpiredAuthenticationData,
+        DeleteAuthenticationDataForUserInterface $deleteAuthenticationDataForUser,
         Url $url
     ) {
         parent::__construct($context);
@@ -113,7 +110,7 @@ public function __construct(
         $this->config = $config;
         $this->authenticationDataFactory = $authenticationDataFactory;
         $this->saveAuthenticationData = $saveAuthenticationData;
-        $this->deleteExpiredAuthenticationData = $deleteExpiredAuthenticationData;
+        $this->deleteAuthenticationDataForUser = $deleteAuthenticationDataForUser;
         $this->url = $url;
     }
 
@@ -130,7 +127,7 @@ public function execute(): ResultInterface
         $resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT);
 
         if (!$this->config->isEnabled()) {
-            $this->messageManager->addErrorMessage(__('Login As Customer is disabled.'));
+            $this->messageManager->addErrorMessage(__('Login as Customer is disabled.'));
             return $resultRedirect->setPath('customer/index/index');
         }
 
@@ -140,16 +137,20 @@ public function execute(): ResultInterface
         }
 
         try {
-            $this->customerRepository->getById($customerId);
+            $customer = $this->customerRepository->getById($customerId);
         } catch (NoSuchEntityException $e) {
             $this->messageManager->addErrorMessage(__('Customer with this ID are no longer exist.'));
             return $resultRedirect->setPath('customer/index/index');
         }
 
-        $storeId = (int)$this->_request->getParam('store_id');
-        if (empty($storeId) && $this->config->isStoreManualChoiceEnabled()) {
-            $this->messageManager->addNoticeMessage(__('Please select a Store View to login in.'));
-            return $resultRedirect->setPath('customer/index/edit', ['id' => $customerId]);
+        if ($this->config->isStoreManualChoiceEnabled()) {
+            $storeId = (int)$this->_request->getParam('store_id');
+            if (empty($storeId)) {
+                $this->messageManager->addNoticeMessage(__('Please select a Store View to login in.'));
+                return $resultRedirect->setPath('customer/index/edit', ['id' => $customerId]);
+            }
+        } else {
+            $storeId = (int)$customer->getStoreId();
         }
 
         $adminUser = $this->authSession->getUser();
@@ -164,7 +165,7 @@ public function execute(): ResultInterface
             ]
         );
 
-        $this->deleteExpiredAuthenticationData->execute($userId);
+        $this->deleteAuthenticationDataForUser->execute($userId);
         $secret = $this->saveAuthenticationData->execute($authenticationData);
 
         $redirectUrl = $this->getLoginProceedRedirectUrl($secret, $storeId);
@@ -176,17 +177,13 @@ public function execute(): ResultInterface
      * Get login proceed redirect url
      *
      * @param string $secret
-     * @param int|null $storeId
+     * @param int $storeId
      * @return string
      * @throws NoSuchEntityException
      */
-    private function getLoginProceedRedirectUrl(string $secret, ?int $storeId): string
+    private function getLoginProceedRedirectUrl(string $secret, int $storeId): string
     {
-        if (null === $storeId) {
-            $store = $this->storeManager->getDefaultStoreView();
-        } else {
-            $store = $this->storeManager->getStore($storeId);
-        }
+        $store = $this->storeManager->getStore($storeId);
 
         return $this->url
             ->setScope($store)