MC-17854: Improper Escaping for Bundle Options in Multiple Address Checkout

- Merge remote-tracking branch 'arcticfoxes/MC-17854' into test-branch

# Conflicts:
#	app/code/Magento/Multishipping/view/frontend/templates/checkout/item/default.phtml

Author: Joan He

app/code/Magento/Catalog/Test/Mftf/Section/StorefrontProductActionSection.xml

@@ -9,7 +9,7 @@
         xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
     <section name="StorefrontProductActionSection">
         <element name="quantity" type="input" selector="#qty"/>
-        <element name="addToCart" type="button" selector="#product-addtocart-button"/>
+        <element name="addToCart" type="button" selector="#product-addtocart-button" timeout="60"/>
         <element name="addToCartButtonTitleIsAdding" type="text" selector="//button/span[text()='Adding...']"/>
         <element name="addToCartButtonTitleIsAdded" type="text" selector="//button/span[text()='Added']"/>
         <element name="addToCartButtonTitleIsAddToCart" type="text" selector="//button/span[text()='Add to Cart']"/>

app/code/Magento/Checkout/Test/Mftf/Section/CheckoutCartSummarySection.xml

@@ -20,7 +20,7 @@
         <element name="totalAmount" type="text" selector="//*[@id='cart-totals']//tr[@class='grand totals']//td//span[@class='price' and contains(text(), '{{amount}}')]" parameterized="true"/>
         <element name="proceedToCheckout" type="button" selector=".action.primary.checkout span" timeout="30"/>
         <element name="discountAmount" type="text" selector="td[data-th='Discount']"/>
-        <element name="shippingHeading" type="button" selector="#block-shipping-heading"/>
+        <element name="shippingHeading" type="button" selector="#block-shipping-heading" timeout="60"/>
         <element name="postcode" type="input" selector="input[name='postcode']" timeout="10"/>
         <element name="stateProvince" type="select" selector="select[name='region_id']" timeout="10"/>
         <element name="stateProvinceInput" type="input" selector="input[name='region']"/>

app/code/Magento/Checkout/Test/Mftf/Section/CheckoutShippingMethodsSection.xml

@@ -14,7 +14,7 @@
         <element name="shippingMethodRow" type="text" selector=".form.methods-shipping table tbody tr"/>
         <element name="checkShippingMethodByName" type="radio" selector="//div[@id='checkout-shipping-method-load']//td[contains(., '{{var1}}')]/..//input" parameterized="true"/>
         <element name="shippingMethodFlatRate" type="radio" selector="#checkout-shipping-method-load input[value='flatrate_flatrate']"/>
-        <element name="shippingMethodFreeShipping" type="radio" selector="#checkout-shipping-method-load input[value='freeshipping_freeshipping']"/>
+        <element name="shippingMethodFreeShipping" type="radio" selector="#checkout-shipping-method-load input[value='freeshipping_freeshipping']" timeout="60"/>
         <element name="shippingMethodRowByName" type="text" selector="//div[@id='checkout-shipping-method-load']//td[contains(., '{{var1}}')]/.." parameterized="true"/>
         <element name="shipHereButton" type="button" selector="//div/following-sibling::div/button[contains(@class, 'action-select-shipping-item')]"/>
         <element name="shippingMethodLoader" type="button" selector="//div[contains(@class, 'checkout-shipping-method')]/following-sibling::div[contains(@class, 'loading-mask')]"/>

app/code/Magento/Checkout/Test/Mftf/Section/StorefrontMiniCartSection.xml

@@ -16,7 +16,7 @@
         <element name="productName" type="text" selector=".product-item-name"/>
         <element name="productOptionsDetailsByName" type="button" selector="//header//ol[@id='mini-cart']//div[@class='product-item-details'][.//a[contains(text(), '{{var1}}')]]//span[.='See Details']"  parameterized="true"/>
         <element name="productOptionByNameAndAttribute" type="text" selector="//header//ol[@id='mini-cart']//div[@class='product-item-details'][.//a[contains(text(), '{{var1}}')]]//dt[@class='label' and .='{{var2}}']/following-sibling::dd[@class='values']//span"  parameterized="true"/>
-        <element name="showCart" type="button" selector="a.showcart"/>
+        <element name="showCart" type="button" selector="a.showcart" timeout="60"/>
         <element name="quantity" type="button" selector="span.counter-number"/>
         <element name="miniCartOpened" type="button" selector="a.showcart.active"/>
         <element name="goToCheckout" type="button" selector="#top-cart-btn-checkout" timeout="30"/>

app/code/Magento/Checkout/view/frontend/web/js/region-updater.js

@@ -157,7 +157,7 @@ define([
                 regionInput = $(this.options.regionInputId),
                 postcode = $(this.options.postcodeId),
                 label = regionList.parent().siblings('label'),
-                requiredLabel = regionList.parents('div.field');
+                container = regionList.parents('div.field');
 
             this._clearError();
             this._checkRegionRequired(country);
@@ -181,15 +181,16 @@ define([
 
                 if (this.options.isRegionRequired) {
                     regionList.addClass('required-entry').removeAttr('disabled');
-                    requiredLabel.addClass('required');
+                    container.addClass('required').show();
                 } else {
                     regionList.removeClass('required-entry validate-select').removeAttr('data-validate');
-                    requiredLabel.removeClass('required');
+                    container.removeClass('required');
 
                     if (!this.options.optionalRegionAllowed) { //eslint-disable-line max-depth
-                        regionList.attr('disabled', 'disabled');
+                        regionList.hide();
+                        container.hide();
                     } else {
-                        regionList.removeAttr('disabled');
+                        regionList.show();
                     }
                 }
 
@@ -201,12 +202,13 @@ define([
 
                 if (this.options.isRegionRequired) {
                     regionInput.addClass('required-entry').removeAttr('disabled');
-                    requiredLabel.addClass('required');
+                    container.addClass('required').show();
                 } else {
                     if (!this.options.optionalRegionAllowed) { //eslint-disable-line max-depth
                         regionInput.attr('disabled', 'disabled');
+                        container.hide();
                     }
-                    requiredLabel.removeClass('required');
+                    container.removeClass('required');
                     regionInput.removeClass('required-entry');
                 }
 

app/code/Magento/Config/Test/Mftf/Section/GeneralSection.xml

@@ -9,11 +9,11 @@
 <sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
     <section name="ContentManagementSection">
-        <element name="WYSIWYGOptions" type="button" selector="#cms_wysiwyg-head"/>
+        <element name="WYSIWYGOptions" type="button" selector="#cms_wysiwyg-head" timeout="60"/>
         <element name="CheckIfTabExpand" type="button" selector="#cms_wysiwyg-head:not(.open)"/>
         <element name="EnableSystemValue" type="button" selector="#cms_wysiwyg_enabled_inherit"/>
         <element name="EnableWYSIWYG" type="button" selector="#cms_wysiwyg_enabled"/>
-        <element name="SwitcherSystemValue" type="button" selector="#cms_wysiwyg_editor_inherit"/>
+        <element name="SwitcherSystemValue" type="button" selector="#cms_wysiwyg_editor_inherit" timeout="60"/>
         <element name="Switcher" type="button" selector="#cms_wysiwyg_editor" />
         <element name="StaticURL" type="button" selector="#cms_wysiwyg_use_static_urls_in_catalog" />
         <element name="Save" type="button" selector="#save" timeout="30"/>

app/code/Magento/ConfigurableProductGraphQl/Model/Variant/Collection.php

@@ -9,12 +9,11 @@
 
 use Magento\Catalog\Api\Data\ProductInterface;
 use Magento\Catalog\Model\Product;
-use Magento\Catalog\Model\ProductFactory;
 use Magento\ConfigurableProduct\Model\ResourceModel\Product\Type\Configurable\Product\Collection as ChildCollection;
 use Magento\ConfigurableProduct\Model\ResourceModel\Product\Type\Configurable\Product\CollectionFactory;
 use Magento\Framework\EntityManager\MetadataPool;
 use Magento\Framework\Api\SearchCriteriaBuilder;
-use Magento\CatalogGraphQl\Model\Resolver\Products\DataProvider\Product as DataProvider;
+use Magento\CatalogGraphQl\Model\Resolver\Products\DataProvider\Product\CollectionProcessorInterface;
 
 /**
  * Collection for fetching configurable child product data.
@@ -26,21 +25,11 @@ class Collection
      */
     private $childCollectionFactory;
 
-    /**
-     * @var ProductFactory
-     */
-    private $productFactory;
-
     /**
      * @var SearchCriteriaBuilder
      */
     private $searchCriteriaBuilder;
 
-    /**
-     * @var DataProvider
-     */
-    private $productDataProvider;
-
     /**
      * @var MetadataPool
      */
@@ -61,25 +50,27 @@ class Collection
      */
     private $attributeCodes = [];
 
+    /**
+     * @var CollectionProcessorInterface
+     */
+    private $collectionProcessor;
+
     /**
      * @param CollectionFactory $childCollectionFactory
-     * @param ProductFactory $productFactory
      * @param SearchCriteriaBuilder $searchCriteriaBuilder
-     * @param DataProvider $productDataProvider
      * @param MetadataPool $metadataPool
+     * @param CollectionProcessorInterface $collectionProcessor
      */
     public function __construct(
         CollectionFactory $childCollectionFactory,
-        ProductFactory $productFactory,
         SearchCriteriaBuilder $searchCriteriaBuilder,
-        DataProvider $productDataProvider,
-        MetadataPool $metadataPool
+        MetadataPool $metadataPool,
+        CollectionProcessorInterface $collectionProcessor
     ) {
         $this->childCollectionFactory = $childCollectionFactory;
-        $this->productFactory = $productFactory;
         $this->searchCriteriaBuilder = $searchCriteriaBuilder;
-        $this->productDataProvider = $productDataProvider;
         $this->metadataPool = $metadataPool;
+        $this->collectionProcessor = $collectionProcessor;
     }
 
     /**
@@ -148,7 +139,11 @@ private function fetch() : array
             /** @var ChildCollection $childCollection */
             $childCollection = $this->childCollectionFactory->create();
             $childCollection->setProductFilter($product);
-            $childCollection->addAttributeToSelect($attributeData);
+            $this->collectionProcessor->process(
+                $childCollection,
+                $this->searchCriteriaBuilder->create(),
+                $attributeData
+            );
 
             /** @var Product $childProduct */
             foreach ($childCollection->getItems() as $childProduct) {

app/code/Magento/Customer/Test/Mftf/ActionGroup/StorefrontCustomerLogoutActionGroup.xml

@@ -10,6 +10,7 @@
               xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
     <actionGroup name="StorefrontCustomerLogoutActionGroup">
         <amOnPage url="{{StorefrontCustomerLogoutPage.url}}" stepKey="storefrontSignOut"/>
+        <waitForPageLoad stepKey="waitForSignOut"/>
     </actionGroup>
 
     <actionGroup name="StorefrontSignOutActionGroup">

app/code/Magento/Customer/Test/Mftf/Section/StorefrontCustomerSidebarSection.xml

@@ -9,7 +9,7 @@
 <sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
     <section name="StorefrontCustomerSidebarSection">
-        <element name="sidebarTab" type="text" selector="//div[@id='block-collapsible-nav']//a[text()='{{tabName}}']" parameterized="true"/>
+        <element name="sidebarTab" type="text" selector="//div[@id='block-collapsible-nav']//a[text()='{{tabName}}']" parameterized="true" timeout="60"/>
         <element name="sidebarCurrentTab" type="text" selector="//div[@id='block-collapsible-nav']//*[contains(text(), '{{var}}')]" parameterized="true"/>
     </section>
 </sections>

app/code/Magento/Customer/Test/Mftf/Test/VerifyDisabledCustomerGroupFieldTest.xml

@@ -27,6 +27,7 @@
         <!-- 2. Navigate to Customers > Customer Groups -->
         <amOnPage url="{{AdminCustomerGroupPage.url}}" stepKey="amOnCustomerGroupPage" />
         <waitForPageLoad stepKey="waitForCustomerGroupsPageLoad" />
+        <conditionalClick selector="{{AdminDataGridHeaderSection.clearFilters}}" dependentSelector="{{AdminDataGridHeaderSection.clearFilters}}" visible="true" stepKey="clearFilters"/>
 
         <!-- 3. Select system Customer Group specified in data set from grid -->
         <click selector="{{AdminCustomerGroupMainSection.editButtonByCustomerGroupCode(NotLoggedInCustomerGroup.code)}}" stepKey="clickOnEditCustomerGroup" />