8
8
9
9
use Magento \Customer \Api \Data \CustomerInterface as Customer ;
10
10
use Magento \Customer \Api \Data \AddressInterface as Address ;
11
+ use Magento \Customer \Api \Data \CustomerInterfaceFactory ;
12
+ use Magento \Customer \Model \CustomerRegistry ;
13
+ use Magento \Framework \Api \DataObjectHelper ;
14
+ use Magento \Framework \Api \FilterBuilder ;
15
+ use Magento \Framework \Api \Search \FilterGroupBuilder ;
16
+ use Magento \Framework \Api \SearchCriteriaBuilder ;
17
+ use Magento \Framework \Api \SearchCriteriaInterface ;
11
18
use Magento \Framework \Api \SortOrder ;
19
+ use Magento \Framework \Api \SortOrderBuilder ;
12
20
use Magento \Framework \Exception \InputException ;
13
21
use Magento \Framework \Exception \LocalizedException ;
22
+ use Magento \Framework \Reflection \DataObjectProcessor ;
14
23
use Magento \Framework \Webapi \Rest \Request ;
15
24
use Magento \Integration \Api \CustomerTokenServiceInterface ;
25
+ use Magento \Integration \Api \IntegrationServiceInterface ;
26
+ use Magento \Integration \Api \OauthServiceInterface ;
27
+ use Magento \Integration \Model \Integration ;
16
28
use Magento \TestFramework \Helper \Bootstrap ;
17
29
use Magento \TestFramework \Helper \Customer as CustomerHelper ;
18
30
use Magento \TestFramework \TestCase \WebapiAbstract ;
@@ -92,34 +104,20 @@ class CustomerRepositoryTest extends WebapiAbstract
92
104
*/
93
105
public function setUp ()
94
106
{
95
- $ this ->customerRegistry = Bootstrap::getObjectManager ()->get (
96
- \Magento \Customer \Model \CustomerRegistry::class
97
- );
107
+ $ this ->customerRegistry = Bootstrap::getObjectManager ()->get (CustomerRegistry::class);
98
108
99
109
$ this ->customerRepository = Bootstrap::getObjectManager ()->get (
100
110
\Magento \Customer \Api \CustomerRepositoryInterface::class,
101
111
['customerRegistry ' => $ this ->customerRegistry ]
102
112
);
103
- $ this ->dataObjectHelper = Bootstrap::getObjectManager ()->create (
104
- \Magento \Framework \Api \DataObjectHelper::class
105
- );
106
- $ this ->customerDataFactory = Bootstrap::getObjectManager ()->create (
107
- \Magento \Customer \Api \Data \CustomerInterfaceFactory::class
108
- );
109
- $ this ->searchCriteriaBuilder = Bootstrap::getObjectManager ()->create (
110
- \Magento \Framework \Api \SearchCriteriaBuilder::class
111
- );
112
- $ this ->sortOrderBuilder = Bootstrap::getObjectManager ()->create (
113
- \Magento \Framework \Api \SortOrderBuilder::class
114
- );
115
- $ this ->filterGroupBuilder = Bootstrap::getObjectManager ()->create (
116
- \Magento \Framework \Api \Search \FilterGroupBuilder::class
117
- );
113
+ $ this ->dataObjectHelper = Bootstrap::getObjectManager ()->create (DataObjectHelper::class);
114
+ $ this ->customerDataFactory = Bootstrap::getObjectManager ()->create (CustomerInterfaceFactory::class);
115
+ $ this ->searchCriteriaBuilder = Bootstrap::getObjectManager ()->create (SearchCriteriaBuilder::class);
116
+ $ this ->sortOrderBuilder = Bootstrap::getObjectManager ()->create (SortOrderBuilder::class);
117
+ $ this ->filterGroupBuilder = Bootstrap::getObjectManager ()->create (FilterGroupBuilder::class);
118
118
$ this ->customerHelper = new CustomerHelper ();
119
119
120
- $ this ->dataObjectProcessor = Bootstrap::getObjectManager ()->create (
121
- \Magento \Framework \Reflection \DataObjectProcessor::class
122
- );
120
+ $ this ->dataObjectProcessor = Bootstrap::getObjectManager ()->create (DataObjectProcessor::class);
123
121
}
124
122
125
123
public function tearDown ()
@@ -149,10 +147,10 @@ public function tearDown()
149
147
/**
150
148
* Validate update by invalid customer.
151
149
*
152
- * @expectedException \Exception
153
150
*/
154
151
public function testInvalidCustomerUpdate ()
155
152
{
153
+ $ this ->expectException (\Exception::class);
156
154
//Create first customer and retrieve customer token.
157
155
$ firstCustomerData = $ this ->_createCustomer ();
158
156
@@ -198,6 +196,31 @@ public function testInvalidCustomerUpdate()
198
196
$ this ->_webApiCall ($ serviceInfo , $ requestData );
199
197
}
200
198
199
+ /**
200
+ * Create Integration and return token.
201
+ *
202
+ * @param string $name
203
+ * @param array $resource
204
+ * @return string
205
+ */
206
+ private function createIntegrationToken (string $ name , array $ resource ): string
207
+ {
208
+ /** @var IntegrationServiceInterface $integrationService */
209
+ $ integrationService = Bootstrap::getObjectManager ()->get (IntegrationServiceInterface::class);
210
+ $ oauthService = Bootstrap::getObjectManager ()->get (OauthServiceInterface::class);
211
+ /** @var Integration $integration */
212
+ $ integration = $ integrationService ->create (
213
+ [
214
+ 'name ' => $ name ,
215
+ 'resource ' => $ resource ,
216
+ ]
217
+ );
218
+ /** @var OauthServiceInterface $oauthService */
219
+ $ oauthService ->createAccessToken ($ integration ->getConsumerId ());
220
+
221
+ return $ integrationService ->get ($ integration ->getId ())->getToken ();
222
+ }
223
+
201
224
public function testDeleteCustomer ()
202
225
{
203
226
$ customerData = $ this ->_createCustomer ();
@@ -228,6 +251,51 @@ public function testDeleteCustomer()
228
251
$ this ->_getCustomerData ($ customerData [Customer::ID ]);
229
252
}
230
253
254
+ /**
255
+ * Check that non authorized consumer can`t delete customer.
256
+ *
257
+ * @return void
258
+ */
259
+ public function testDeleteCustomerNonAuthorized (): void
260
+ {
261
+ $ resource = [
262
+ 'Magento_Customer::customer ' ,
263
+ 'Magento_Customer::manage ' ,
264
+ ];
265
+ $ token = $ this ->createIntegrationToken ('TestAPI ' . bin2hex (random_bytes (5 )), $ resource );
266
+
267
+ $ customerData = $ this ->_createCustomer ();
268
+ $ this ->currentCustomerId = [];
269
+
270
+ $ serviceInfo = [
271
+ 'rest ' => [
272
+ 'resourcePath ' => self ::RESOURCE_PATH . '/ ' . $ customerData [Customer::ID ],
273
+ 'httpMethod ' => Request::HTTP_METHOD_DELETE ,
274
+ 'token ' => $ token ,
275
+ ],
276
+ 'soap ' => [
277
+ 'service ' => self ::SERVICE_NAME ,
278
+ 'serviceVersion ' => self ::SERVICE_VERSION ,
279
+ 'operation ' => self ::SERVICE_NAME . 'DeleteById ' ,
280
+ 'token ' => $ token ,
281
+ ],
282
+ ];
283
+ try {
284
+ $ this ->_webApiCall ($ serviceInfo , ['customerId ' => $ customerData ['id ' ]]);
285
+ $ this ->fail ("Expected exception is not thrown. " );
286
+ } catch (\SoapFault $ e ) {
287
+ } catch (\Exception $ e ) {
288
+ $ expectedMessage = 'The consumer isn \'t authorized to access %resources. ' ;
289
+ $ errorObj = $ this ->processRestExceptionResult ($ e );
290
+ $ this ->assertEquals ($ expectedMessage , $ errorObj ['message ' ]);
291
+ $ this ->assertEquals (['resources ' => 'Magento_Customer::delete ' ], $ errorObj ['parameters ' ]);
292
+ $ this ->assertEquals (HTTPExceptionCodes::HTTP_UNAUTHORIZED , $ e ->getCode ());
293
+ }
294
+ /** @var Customer $data */
295
+ $ data = $ this ->_getCustomerData ($ customerData [Customer::ID ]);
296
+ $ this ->assertNotNull ($ data ->getId ());
297
+ }
298
+
231
299
public function testDeleteCustomerInvalidCustomerId ()
232
300
{
233
301
$ invalidId = -1 ;
@@ -485,7 +553,7 @@ public function testCreateCustomerWithoutAddressRequiresException()
485
553
*/
486
554
public function testSearchCustomers ()
487
555
{
488
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
556
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
489
557
$ customerData = $ this ->_createCustomer ();
490
558
$ filter = $ builder
491
559
->setField (Customer::EMAIL )
@@ -494,7 +562,7 @@ public function testSearchCustomers()
494
562
$ this ->searchCriteriaBuilder ->addFilters ([$ filter ]);
495
563
$ searchData = $ this ->dataObjectProcessor ->buildOutputDataArray (
496
564
$ this ->searchCriteriaBuilder ->create (),
497
- \ Magento \ Framework \ Api \ SearchCriteriaInterface::class
565
+ SearchCriteriaInterface::class
498
566
);
499
567
$ requestData = ['searchCriteria ' => $ searchData ];
500
568
$ serviceInfo = [
@@ -519,7 +587,7 @@ public function testSearchCustomers()
519
587
public function testSearchCustomersUsingGET ()
520
588
{
521
589
$ this ->_markTestAsRestOnly ('SOAP test is covered in testSearchCustomers ' );
522
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
590
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
523
591
$ customerData = $ this ->_createCustomer ();
524
592
$ filter = $ builder
525
593
->setField (Customer::EMAIL )
@@ -573,7 +641,7 @@ public function testSearchCustomersUsingGETEmptyFilter()
573
641
*/
574
642
public function testSearchCustomersMultipleFiltersWithSort ()
575
643
{
576
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
644
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
577
645
$ customerData1 = $ this ->_createCustomer ();
578
646
$ customerData2 = $ this ->_createCustomer ();
579
647
$ filter1 = $ builder ->setField (Customer::EMAIL )
@@ -590,7 +658,7 @@ public function testSearchCustomersMultipleFiltersWithSort()
590
658
591
659
/**@var \Magento\Framework\Api\SortOrderBuilder $sortOrderBuilder */
592
660
$ sortOrderBuilder = Bootstrap::getObjectManager ()->create (
593
- \ Magento \ Framework \ Api \ SortOrderBuilder::class
661
+ SortOrderBuilder::class
594
662
);
595
663
/** @var SortOrder $sortOrder */
596
664
$ sortOrder = $ sortOrderBuilder ->setField (Customer::EMAIL )->setDirection (SortOrder::SORT_ASC )->create ();
@@ -622,7 +690,7 @@ public function testSearchCustomersMultipleFiltersWithSort()
622
690
public function testSearchCustomersMultipleFiltersWithSortUsingGET ()
623
691
{
624
692
$ this ->_markTestAsRestOnly ('SOAP test is covered in testSearchCustomers ' );
625
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
693
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
626
694
$ customerData1 = $ this ->_createCustomer ();
627
695
$ customerData2 = $ this ->_createCustomer ();
628
696
$ filter1 = $ builder ->setField (Customer::EMAIL )
@@ -658,7 +726,7 @@ public function testSearchCustomersMultipleFiltersWithSortUsingGET()
658
726
*/
659
727
public function testSearchCustomersNonExistentMultipleFilters ()
660
728
{
661
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
729
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
662
730
$ customerData1 = $ this ->_createCustomer ();
663
731
$ customerData2 = $ this ->_createCustomer ();
664
732
$ filter1 = $ filter1 = $ builder ->setField (Customer::EMAIL )
@@ -696,7 +764,7 @@ public function testSearchCustomersNonExistentMultipleFilters()
696
764
public function testSearchCustomersNonExistentMultipleFiltersGET ()
697
765
{
698
766
$ this ->_markTestAsRestOnly ('SOAP test is covered in testSearchCustomers ' );
699
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
767
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
700
768
$ customerData1 = $ this ->_createCustomer ();
701
769
$ customerData2 = $ this ->_createCustomer ();
702
770
$ filter1 = $ filter1 = $ builder ->setField (Customer::EMAIL )
@@ -732,7 +800,7 @@ public function testSearchCustomersMultipleFilterGroups()
732
800
$ customerData1 = $ this ->_createCustomer ();
733
801
734
802
/** @var \Magento\Framework\Api\FilterBuilder $builder */
735
- $ builder = Bootstrap::getObjectManager ()->create (\ Magento \ Framework \ Api \ FilterBuilder::class);
803
+ $ builder = Bootstrap::getObjectManager ()->create (FilterBuilder::class);
736
804
$ filter1 = $ builder ->setField (Customer::EMAIL )
737
805
->setValue ($ customerData1 [Customer::EMAIL ])
738
806
->create ();
0 commit comments