From c645998d960e1d5fa3a9d307326a828bb4a77698 Mon Sep 17 00:00:00 2001 From: Leon Helmus Date: Wed, 15 Mar 2023 17:39:00 +0100 Subject: [PATCH] Use constructor property promotion in module Replace allmost all properties with constructor property promotion in module Security: https://stitcher.io/blog/constructor-promotion-in-php-8 * Readable code * Make Magento less complex by removing properties which take up a lot of lines. * Imported all classes to make code more readable. I think the code would be a lot cleaner if all modules start using constructor promotions, since of 2.4.6 php 7.4 is dropped we can now make use of it. So let's start on it right now. --- .../Block/Adminhtml/Session/Activity.php | 51 +++++------- .../Config/Backend/Session/SessionSize.php | 8 +- .../Controller/Adminhtml/Session/Activity.php | 4 +- .../Adminhtml/Session/LogoutAll.php | 17 ++-- .../Security/Model/AdminSessionInfo.php | 47 +++++------ .../Security/Model/AdminSessionsManager.php | 64 ++++----------- app/code/Magento/Security/Model/Config.php | 24 ++---- .../Model/Config/Source/ResetMethod.php | 4 +- .../Model/PasswordResetRequestEvent.php | 7 +- .../Model/Plugin/AccountManagement.php | 37 ++------- .../Security/Model/Plugin/AdminUserForm.php | 46 ++++------- .../Magento/Security/Model/Plugin/Auth.php | 28 +++---- .../Security/Model/Plugin/AuthSession.php | 58 ++++---------- .../Security/Model/Plugin/LoginController.php | 30 ++----- .../Model/Plugin/UserValidationRules.php | 19 +++-- .../Model/ResourceModel/AdminSessionInfo.php | 26 +++---- .../AdminSessionInfo/Collection.php | 56 ++++++------- .../PasswordResetRequestEvent.php | 23 +++--- .../PasswordResetRequestEvent/Collection.php | 52 +++++++------ .../CollectionFactory.php | 38 ++------- .../Model/ResourceModel/UserExpiration.php | 25 ++---- .../UserExpiration/Collection.php | 13 +++- .../Model/SecurityChecker/Frequency.php | 38 ++------- .../Model/SecurityChecker/Quantity.php | 27 ++----- .../SecurityCheckerInterface.php | 4 +- .../Magento/Security/Model/SecurityCookie.php | 44 +++-------- .../Security/Model/SecurityManager.php | 78 ++++--------------- .../Magento/Security/Model/UserExpiration.php | 3 +- .../Model/UserExpiration/Validator.php | 26 ++----- .../Security/Model/UserExpirationManager.php | 59 +++----------- .../Observer/AdminUserAuthenticateBefore.php | 19 +---- .../Security/Observer/AfterAdminUserSave.php | 26 ++----- .../Patch/Data/SessionIDColumnCleanUp.php | 23 ++---- app/code/Magento/Security/registration.php | 6 +- 34 files changed, 338 insertions(+), 692 deletions(-) diff --git a/app/code/Magento/Security/Block/Adminhtml/Session/Activity.php b/app/code/Magento/Security/Block/Adminhtml/Session/Activity.php index bd85697330875..bf9c1db0c02cb 100644 --- a/app/code/Magento/Security/Block/Adminhtml/Session/Activity.php +++ b/app/code/Magento/Security/Block/Adminhtml/Session/Activity.php @@ -5,8 +5,15 @@ */ namespace Magento\Security\Block\Adminhtml\Session; +use DateTime; +use IntlDateFormatter; +use Magento\Backend\Block\Template; +use Magento\Backend\Block\Template\Context as TemplateContext; use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress; +use Magento\Security\Model\AdminSessionsManager; use Magento\Security\Model\ConfigInterface; +use Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection as AdminSessionInfoCollection; +use Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory; /** * Block Session Activity @@ -14,51 +21,31 @@ * @api * @since 100.1.0 */ -class Activity extends \Magento\Backend\Block\Template +class Activity extends Template { /** - * @var ConfigInterface - * @since 100.1.0 - */ - protected $securityConfig; - - /** - * @var \Magento\Security\Model\AdminSessionsManager - * @since 100.1.0 - */ - protected $sessionsManager; - - /** - * @var \Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory + * @var CollectionFactory * @since 100.1.0 */ protected $sessionsInfoCollection; /** - * @var RemoteAddress - */ - private $remoteAddress; - - /** - * @param \Magento\Backend\Block\Template\Context $context + * @param TemplateContext $context * @param ConfigInterface $securityConfig - * @param \Magento\Security\Model\AdminSessionsManager $sessionsManager + * @param AdminSessionsManager $sessionsManager * @param RemoteAddress $remoteAddress */ public function __construct( - \Magento\Backend\Block\Template\Context $context, - ConfigInterface $securityConfig, - \Magento\Security\Model\AdminSessionsManager $sessionsManager, - RemoteAddress $remoteAddress + TemplateContext $context, + protected readonly ConfigInterface $securityConfig, + protected readonly AdminSessionsManager $sessionsManager, + private readonly RemoteAddress $remoteAddress ) { parent::__construct($context); - $this->securityConfig = $securityConfig; - $this->sessionsManager = $sessionsManager; - $this->remoteAddress = $remoteAddress; } /** - * @return \Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection + * @return AdminSessionInfoCollection * @since 100.1.0 */ public function getSessionInfoCollection() @@ -96,11 +83,11 @@ public function getRemoteIp() */ public function formatDateTime($time) { - $time = new \DateTime($time); + $time = new DateTime($time); return $this->_localeDate->formatDateTime( $time, - \IntlDateFormatter::MEDIUM, - \IntlDateFormatter::MEDIUM + IntlDateFormatter::MEDIUM, + IntlDateFormatter::MEDIUM ); } } diff --git a/app/code/Magento/Security/Block/Config/Backend/Session/SessionSize.php b/app/code/Magento/Security/Block/Config/Backend/Session/SessionSize.php index 7ccb3c2fd95d7..5976213e6bc8c 100644 --- a/app/code/Magento/Security/Block/Config/Backend/Session/SessionSize.php +++ b/app/code/Magento/Security/Block/Config/Backend/Session/SessionSize.php @@ -22,11 +22,6 @@ */ class SessionSize extends Field { - /** - * @var Json - */ - private $json; - /** * @param Context $context * @param Json $json @@ -34,11 +29,10 @@ class SessionSize extends Field */ public function __construct( Context $context, - Json $json, + private readonly Json $json, array $data = [] ) { parent::__construct($context, $data); - $this->json = $json; } /** diff --git a/app/code/Magento/Security/Controller/Adminhtml/Session/Activity.php b/app/code/Magento/Security/Controller/Adminhtml/Session/Activity.php index 4f464af535c3b..1369cad2679b5 100644 --- a/app/code/Magento/Security/Controller/Adminhtml/Session/Activity.php +++ b/app/code/Magento/Security/Controller/Adminhtml/Session/Activity.php @@ -5,10 +5,12 @@ */ namespace Magento\Security\Controller\Adminhtml\Session; +use Magento\Backend\App\Action; + /** * Admin session activity */ -class Activity extends \Magento\Backend\App\Action +class Activity extends Action { /** * @return void diff --git a/app/code/Magento/Security/Controller/Adminhtml/Session/LogoutAll.php b/app/code/Magento/Security/Controller/Adminhtml/Session/LogoutAll.php index 35d8f22d84d51..7af351a7e8445 100644 --- a/app/code/Magento/Security/Controller/Adminhtml/Session/LogoutAll.php +++ b/app/code/Magento/Security/Controller/Adminhtml/Session/LogoutAll.php @@ -5,19 +5,17 @@ */ namespace Magento\Security\Controller\Adminhtml\Session; +use Exception; +use Magento\Backend\App\Action; use Magento\Backend\App\Action\Context; +use Magento\Framework\Exception\LocalizedException; use Magento\Security\Model\AdminSessionsManager; /** * Admin session logout all */ -class LogoutAll extends \Magento\Backend\App\Action +class LogoutAll extends Action { - /** - * @var AdminSessionsManager - */ - protected $sessionsManager; - /** * Check constructor. * @param Context $context @@ -25,10 +23,9 @@ class LogoutAll extends \Magento\Backend\App\Action */ public function __construct( Context $context, - AdminSessionsManager $sessionsManager + protected readonly AdminSessionsManager $sessionsManager ) { parent::__construct($context); - $this->sessionsManager = $sessionsManager; } /** @@ -39,9 +36,9 @@ public function execute() try { $this->sessionsManager->logoutOtherUserSessions(); $this->messageManager->addSuccessMessage(__('All other open sessions for this account were terminated.')); - } catch (\Magento\Framework\Exception\LocalizedException $e) { + } catch (LocalizedException $e) { $this->messageManager->addErrorMessage($e->getMessage()); - } catch (\Exception $e) { + } catch (Exception $e) { $this->messageManager->addExceptionMessage($e, __("We couldn't logout because of an error.")); } $this->_redirect('*/*/activity'); diff --git a/app/code/Magento/Security/Model/AdminSessionInfo.php b/app/code/Magento/Security/Model/AdminSessionInfo.php index e1ceab6f56278..2bf8b06e81d47 100644 --- a/app/code/Magento/Security/Model/AdminSessionInfo.php +++ b/app/code/Magento/Security/Model/AdminSessionInfo.php @@ -7,6 +7,14 @@ namespace Magento\Security\Model; +use Magento\Framework\Data\Collection\AbstractDb; +use Magento\Framework\Model\AbstractModel; +use Magento\Framework\Model\Context as ModelContext; +use Magento\Framework\Model\ResourceModel\AbstractResource; +use Magento\Framework\Registry; +use Magento\Framework\Stdlib\DateTime\DateTime as DateTimeModel; +use Magento\Security\Model\ResourceModel\AdminSessionInfo as ResourceAdminSessionInfo; + /** * Admin Session Info Model * @@ -18,7 +26,7 @@ * @api * @since 100.1.0 */ -class AdminSessionInfo extends \Magento\Framework\Model\AbstractModel +class AdminSessionInfo extends AbstractModel { /** * Admin session status definition @@ -51,40 +59,27 @@ class AdminSessionInfo extends \Magento\Framework\Model\AbstractModel */ protected $isOtherSessionsTerminated = false; - /** - * @var ConfigInterface - * @since 100.1.0 - */ - protected $securityConfig; - - /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - */ - private $dateTime; - /** * AdminSessionInfo constructor * - * @param \Magento\Framework\Model\Context $context - * @param \Magento\Framework\Registry $registry + * @param ModelContext $context + * @param Registry $registry * @param ConfigInterface $securityConfig - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime - * @param \Magento\Framework\Model\ResourceModel\AbstractResource|null $resource - * @param \Magento\Framework\Data\Collection\AbstractDb|null $resourceCollection + * @param DateTimeModel $dateTime + * @param AbstractResource|null $resource + * @param AbstractDb|null $resourceCollection * @param array $data */ public function __construct( - \Magento\Framework\Model\Context $context, - \Magento\Framework\Registry $registry, - ConfigInterface $securityConfig, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - \Magento\Framework\Model\ResourceModel\AbstractResource $resource = null, - \Magento\Framework\Data\Collection\AbstractDb $resourceCollection = null, + ModelContext $context, + Registry $registry, + protected readonly ConfigInterface $securityConfig, + private readonly DateTimeModel $dateTime, + AbstractResource $resource = null, + AbstractDb $resourceCollection = null, array $data = [] ) { parent::__construct($context, $registry, $resource, $resourceCollection, $data); - $this->securityConfig = $securityConfig; - $this->dateTime = $dateTime; } /** @@ -95,7 +90,7 @@ public function __construct( */ protected function _construct() { - $this->_init(\Magento\Security\Model\ResourceModel\AdminSessionInfo::class); + $this->_init(ResourceAdminSessionInfo::class); } /** diff --git a/app/code/Magento/Security/Model/AdminSessionsManager.php b/app/code/Magento/Security/Model/AdminSessionsManager.php index 1de7fd0795f9c..a244fcd44abf3 100644 --- a/app/code/Magento/Security/Model/AdminSessionsManager.php +++ b/app/code/Magento/Security/Model/AdminSessionsManager.php @@ -10,8 +10,10 @@ use Magento\Backend\Model\Auth\Session; use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress; use Magento\Framework\Stdlib\DateTime; +use Magento\Framework\Stdlib\DateTime\DateTime as DateTimeModel; use Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection; use Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory; +use Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory as AdminSessionInfoCollectionFactory; /** * Admin Sessions Manager Model @@ -33,45 +35,11 @@ class AdminSessionsManager public const LOGOUT_REASON_USER_LOCKED = 10; /** - * @var ConfigInterface - * @since 100.1.0 - */ - protected $securityConfig; - - /** - * @var Session - * @since 100.1.0 - */ - protected $authSession; - - /** - * @var AdminSessionInfoFactory - * @since 100.1.0 - */ - protected $adminSessionInfoFactory; - - /** - * @var \Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory - * @since 100.1.0 - */ - protected $adminSessionInfoCollectionFactory; - - /** - * @var \Magento\Security\Model\AdminSessionInfo + * @var AdminSessionInfo * @since 100.1.0 */ protected $currentSession; - /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - */ - private $dateTime; - - /** - * @var RemoteAddress - */ - private $remoteAddress; - /** * Max lifetime for session prolong to be valid (sec) * @@ -87,23 +55,17 @@ class AdminSessionsManager * @param Session $authSession * @param AdminSessionInfoFactory $adminSessionInfoFactory * @param CollectionFactory $adminSessionInfoCollectionFactory - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime + * @param DateTimeModel $dateTime * @param RemoteAddress $remoteAddress */ public function __construct( - ConfigInterface $securityConfig, - Session $authSession, - \Magento\Security\Model\AdminSessionInfoFactory $adminSessionInfoFactory, - \Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory $adminSessionInfoCollectionFactory, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - RemoteAddress $remoteAddress + protected readonly ConfigInterface $securityConfig, + protected readonly Session $authSession, + protected readonly AdminSessionInfoFactory $adminSessionInfoFactory, + protected readonly AdminSessionInfoCollectionFactory $adminSessionInfoCollectionFactory, + private readonly DateTimeModel $dateTime, + private readonly RemoteAddress $remoteAddress ) { - $this->securityConfig = $securityConfig; - $this->authSession = $authSession; - $this->adminSessionInfoFactory = $adminSessionInfoFactory; - $this->adminSessionInfoCollectionFactory = $adminSessionInfoCollectionFactory; - $this->dateTime = $dateTime; - $this->remoteAddress = $remoteAddress; } /** @@ -253,7 +215,7 @@ public function getLogoutReasonMessage() public function getSessionsForCurrentUser() { return $this->createAdminSessionInfoCollection() - ->filterByUser($this->authSession->getUser()->getId(), \Magento\Security\Model\AdminSessionInfo::LOGGED_IN) + ->filterByUser($this->authSession->getUser()->getId(), AdminSessionInfo::LOGGED_IN) ->filterExpiredSessions($this->securityConfig->getAdminSessionLifetime()) ->loadData(); } @@ -271,13 +233,13 @@ public function logoutOtherUserSessions() $collection = $this->createAdminSessionInfoCollection() ->filterByUser( $user->getId(), - \Magento\Security\Model\AdminSessionInfo::LOGGED_IN, + AdminSessionInfo::LOGGED_IN, $this->authSession->getAdminSessionInfoId() ) ->filterExpiredSessions($this->securityConfig->getAdminSessionLifetime()) ->loadData(); - $collection->setDataToAll('status', \Magento\Security\Model\AdminSessionInfo::LOGGED_OUT_MANUALLY) + $collection->setDataToAll('status', AdminSessionInfo::LOGGED_OUT_MANUALLY) ->save(); } diff --git a/app/code/Magento/Security/Model/Config.php b/app/code/Magento/Security/Model/Config.php index 2135b81eb82b5..82ee072e52524 100644 --- a/app/code/Magento/Security/Model/Config.php +++ b/app/code/Magento/Security/Model/Config.php @@ -5,6 +5,8 @@ */ namespace Magento\Security\Model; +use Magento\Backend\Model\Auth\Session as AuthSession; +use Magento\Framework\App\Area; use Magento\Framework\App\Config\ScopeConfigInterface; use Magento\Framework\Config\ScopeInterface; use Magento\Store\Model\ScopeInterface as StoreScopeInterface; @@ -32,7 +34,7 @@ class Config implements ConfigInterface /** * Configuration path to fronted area * @deprecated - * @see \Magento\Security\Model\Config::XML_PATH_FRONTEND_AREA + * @see Config::XML_PATH_FRONTEND_AREA */ const XML_PATH_FRONTED_AREA = self::XML_PATH_FRONTEND_AREA; @@ -61,16 +63,6 @@ class Config implements ConfigInterface */ const XML_PATH_EMAIL_RECIPIENT = 'contact/email/recipient_email'; - /** - * @var ScopeConfigInterface - */ - private $scopeConfig; - - /** - * @var ScopeInterface - */ - private $scope; - /** * SecurityConfig constructor. * @@ -78,11 +70,9 @@ class Config implements ConfigInterface * @param ScopeInterface $scope */ public function __construct( - ScopeConfigInterface $scopeConfig, - ScopeInterface $scope + private readonly ScopeConfigInterface $scopeConfig, + private readonly ScopeInterface $scope ) { - $this->scopeConfig = $scopeConfig; - $this->scope = $scope; } /** @@ -128,7 +118,7 @@ public function isAdminAccountSharingEnabled() */ public function getAdminSessionLifetime() { - return (int) $this->scopeConfig->getValue(\Magento\Backend\Model\Auth\Session::XML_PATH_SESSION_LIFETIME); + return (int) $this->scopeConfig->getValue(AuthSession::XML_PATH_SESSION_LIFETIME); } /** @@ -138,7 +128,7 @@ public function getAdminSessionLifetime() */ protected function getXmlPathPrefix() { - if ($this->scope->getCurrentScope() == \Magento\Framework\App\Area::AREA_ADMINHTML) { + if ($this->scope->getCurrentScope() == Area::AREA_ADMINHTML) { return self::XML_PATH_ADMIN_AREA; } return self::XML_PATH_FRONTEND_AREA; diff --git a/app/code/Magento/Security/Model/Config/Source/ResetMethod.php b/app/code/Magento/Security/Model/Config/Source/ResetMethod.php index b925262747fd0..cfd5b5ec3b132 100644 --- a/app/code/Magento/Security/Model/Config/Source/ResetMethod.php +++ b/app/code/Magento/Security/Model/Config/Source/ResetMethod.php @@ -6,11 +6,13 @@ namespace Magento\Security\Model\Config\Source; +use Magento\Framework\Option\ArrayInterface; + /** * Source model for setting "Limit Password Reset Requests Method" * */ -class ResetMethod implements \Magento\Framework\Option\ArrayInterface +class ResetMethod implements ArrayInterface { const OPTION_BY_IP_AND_EMAIL = 1; const OPTION_BY_IP = 2; diff --git a/app/code/Magento/Security/Model/PasswordResetRequestEvent.php b/app/code/Magento/Security/Model/PasswordResetRequestEvent.php index 09c2a1601adbf..54a01fbf33ddd 100644 --- a/app/code/Magento/Security/Model/PasswordResetRequestEvent.php +++ b/app/code/Magento/Security/Model/PasswordResetRequestEvent.php @@ -5,6 +5,9 @@ */ namespace Magento\Security\Model; +use Magento\Framework\Model\AbstractModel; +use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent as ResourcePasswordResetRequestEvent; + /** * PasswordResetRequestEvent Model * @@ -19,7 +22,7 @@ * @api * @since 100.1.0 */ -class PasswordResetRequestEvent extends \Magento\Framework\Model\AbstractModel +class PasswordResetRequestEvent extends AbstractModel { /** * Type of the event under a security control definition @@ -43,6 +46,6 @@ class PasswordResetRequestEvent extends \Magento\Framework\Model\AbstractModel */ protected function _construct() { - $this->_init(\Magento\Security\Model\ResourceModel\PasswordResetRequestEvent::class); + $this->_init(ResourcePasswordResetRequestEvent::class); } } diff --git a/app/code/Magento/Security/Model/Plugin/AccountManagement.php b/app/code/Magento/Security/Model/Plugin/AccountManagement.php index 9476bf46df338..04288940d76d0 100644 --- a/app/code/Magento/Security/Model/Plugin/AccountManagement.php +++ b/app/code/Magento/Security/Model/Plugin/AccountManagement.php @@ -6,7 +6,9 @@ namespace Magento\Security\Model\Plugin; use Magento\Customer\Model\AccountManagement as AccountManagementOriginal; +use Magento\Framework\App\Area; use Magento\Framework\App\ObjectManager; +use Magento\Framework\App\RequestInterface; use Magento\Framework\Config\ScopeInterface; use Magento\Framework\Exception\SecurityViolationException; use Magento\Security\Model\PasswordResetRequestEvent; @@ -17,43 +19,20 @@ */ class AccountManagement { - /** - * @var \Magento\Framework\App\RequestInterface - */ - protected $request; - - /** - * @var SecurityManager - */ - protected $securityManager; - - /** - * @var int - */ - protected $passwordRequestEvent; - - /** - * @var ScopeInterface - */ - private $scope; - /** * AccountManagement constructor. * - * @param \Magento\Framework\App\RequestInterface $request + * @param RequestInterface $request * @param SecurityManager $securityManager * @param int $passwordRequestEvent * @param ScopeInterface $scope */ public function __construct( - \Magento\Framework\App\RequestInterface $request, - \Magento\Security\Model\SecurityManager $securityManager, - $passwordRequestEvent = PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST, - ScopeInterface $scope = null + protected readonly RequestInterface $request, + protected readonly SecurityManager $securityManager, + protected $passwordRequestEvent = PasswordResetRequestEvent::CUSTOMER_PASSWORD_RESET_REQUEST, + private ?ScopeInterface $scope = null ) { - $this->request = $request; - $this->securityManager = $securityManager; - $this->passwordRequestEvent = $passwordRequestEvent; $this->scope = $scope ?: ObjectManager::getInstance()->get(ScopeInterface::class); } @@ -73,7 +52,7 @@ public function beforeInitiatePasswordReset( $template, $websiteId = null ) { - if ($this->scope->getCurrentScope() == \Magento\Framework\App\Area::AREA_FRONTEND + if ($this->scope->getCurrentScope() == Area::AREA_FRONTEND || $this->passwordRequestEvent == PasswordResetRequestEvent::ADMIN_PASSWORD_RESET_REQUEST) { $this->securityManager->performSecurityCheck( $this->passwordRequestEvent, diff --git a/app/code/Magento/Security/Model/Plugin/AdminUserForm.php b/app/code/Magento/Security/Model/Plugin/AdminUserForm.php index 0c024d15ef4ae..343630bd6bb06 100644 --- a/app/code/Magento/Security/Model/Plugin/AdminUserForm.php +++ b/app/code/Magento/Security/Model/Plugin/AdminUserForm.php @@ -7,31 +7,20 @@ namespace Magento\Security\Model\Plugin; +use Closure; +use IntlDateFormatter; +use Magento\Framework\Data\Form as FormData; use Magento\Framework\Stdlib\DateTime\TimezoneInterface; use Magento\Security\Model\ResourceModel\UserExpiration; +use Magento\Security\Model\UserExpiration as ModelUserExpiration; use Magento\Security\Model\UserExpirationFactory; +use Magento\User\Block\User\Edit\Tab\Main; /** * Add the `expires_at` form field to the User main form. */ class AdminUserForm { - - /** - * @var TimezoneInterface - */ - private $localeDate; - - /** - * @var UserExpiration - */ - private $userExpirationResource; - - /** - * @var UserExpirationFactory - */ - private $userExpirationFactory; - /** * UserForm constructor. * @@ -40,34 +29,31 @@ class AdminUserForm * @param UserExpiration $userExpirationResource */ public function __construct( - TimezoneInterface $localeDate, - UserExpirationFactory $userExpirationFactory, - UserExpiration $userExpirationResource + private readonly TimezoneInterface $localeDate, + private readonly UserExpirationFactory $userExpirationFactory, + private readonly UserExpiration $userExpirationResource ) { - $this->localeDate = $localeDate; - $this->userExpirationResource = $userExpirationResource; - $this->userExpirationFactory = $userExpirationFactory; } /** * Add the `expires_at` field to the admin user edit form. * - * @param \Magento\User\Block\User\Edit\Tab\Main $subject - * @param \Closure $proceed + * @param Main $subject + * @param Closure $proceed * @return mixed */ public function aroundGetFormHtml( - \Magento\User\Block\User\Edit\Tab\Main $subject, - \Closure $proceed + Main $subject, + Closure $proceed ) { - /** @var \Magento\Framework\Data\Form $form */ + /** @var FormData $form */ $form = $subject->getForm(); if (is_object($form)) { $dateFormat = $this->localeDate->getDateFormat( - \IntlDateFormatter::MEDIUM + IntlDateFormatter::MEDIUM ); $timeFormat = $this->localeDate->getTimeFormat( - \IntlDateFormatter::MEDIUM + IntlDateFormatter::MEDIUM ); $fieldset = $form->getElement('base_fieldset'); $userIdField = $fieldset->getElements()->searchById('user_id'); @@ -104,7 +90,7 @@ public function aroundGetFormHtml( */ private function loadUserExpirationByUserId($userId) { - /** @var \Magento\Security\Model\UserExpiration $userExpiration */ + /** @var ModelUserExpiration $userExpiration */ $userExpiration = $this->userExpirationFactory->create(); $this->userExpirationResource->load($userExpiration, $userId); return $userExpiration->getExpiresAt(); diff --git a/app/code/Magento/Security/Model/Plugin/Auth.php b/app/code/Magento/Security/Model/Plugin/Auth.php index b388ef6115867..a6a1f6d006462 100644 --- a/app/code/Magento/Security/Model/Plugin/Auth.php +++ b/app/code/Magento/Security/Model/Plugin/Auth.php @@ -5,6 +5,8 @@ */ namespace Magento\Security\Model\Plugin; +use Magento\Backend\Model\Auth as BackendAuth; +use Magento\Framework\Message\ManagerInterface; use Magento\Security\Model\AdminSessionsManager; /** @@ -12,36 +14,24 @@ */ class Auth { - /** - * @var AdminSessionsManager - */ - protected $sessionsManager; - - /** - * @var \Magento\Framework\Message\ManagerInterface - */ - protected $messageManager; - /** * @param AdminSessionsManager $sessionsManager - * @param \Magento\Framework\Message\ManagerInterface $messageManager + * @param ManagerInterface $messageManager */ public function __construct( - AdminSessionsManager $sessionsManager, - \Magento\Framework\Message\ManagerInterface $messageManager + protected readonly AdminSessionsManager $sessionsManager, + protected readonly ManagerInterface $messageManager ) { - $this->sessionsManager = $sessionsManager; - $this->messageManager = $messageManager; } /** * Add warning message if other sessions terminated * - * @param \Magento\Backend\Model\Auth $authModel + * @param BackendAuth $authModel * @return void * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ - public function afterLogin(\Magento\Backend\Model\Auth $authModel) + public function afterLogin(BackendAuth $authModel) { $this->sessionsManager->processLogin(); if ($this->sessionsManager->getCurrentSession()->isOtherSessionsTerminated()) { @@ -52,11 +42,11 @@ public function afterLogin(\Magento\Backend\Model\Auth $authModel) /** * Handle logout process * - * @param \Magento\Backend\Model\Auth $authModel + * @param BackendAuth $authModel * @return void * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ - public function beforeLogout(\Magento\Backend\Model\Auth $authModel) + public function beforeLogout(BackendAuth $authModel) { $this->sessionsManager->processLogout(); } diff --git a/app/code/Magento/Security/Model/Plugin/AuthSession.php b/app/code/Magento/Security/Model/Plugin/AuthSession.php index 6dc5e796d8950..b91f50faa5388 100644 --- a/app/code/Magento/Security/Model/Plugin/AuthSession.php +++ b/app/code/Magento/Security/Model/Plugin/AuthSession.php @@ -5,8 +5,13 @@ */ namespace Magento\Security\Model\Plugin; +use Closure; use Magento\Backend\Model\Auth\Session; +use Magento\Framework\App\ObjectManager; +use Magento\Framework\App\RequestInterface; +use Magento\Framework\Message\ManagerInterface; use Magento\Security\Model\AdminSessionsManager; +use Magento\Security\Model\SecurityCookie; use Magento\Security\Model\UserExpirationManager; /** @@ -15,61 +20,32 @@ class AuthSession { /** - * @var \Magento\Framework\App\RequestInterface - */ - private $request; - - /** - * @var \Magento\Framework\Message\ManagerInterface - */ - private $messageManager; - - /** - * @var AdminSessionsManager - */ - private $sessionsManager; - - /** - * @var \Magento\Security\Model\SecurityCookie - */ - protected $securityCookie; - - /** - * @var UserExpirationManager - */ - private $userExpirationManager; - - /** - * @param \Magento\Framework\App\RequestInterface $request - * @param \Magento\Framework\Message\ManagerInterface $messageManager + * @param RequestInterface $request + * @param ManagerInterface $messageManager * @param AdminSessionsManager $sessionsManager - * @param \Magento\Security\Model\SecurityCookie $securityCookie + * @param SecurityCookie $securityCookie * @param UserExpirationManager|null $userExpirationManager */ public function __construct( - \Magento\Framework\App\RequestInterface $request, - \Magento\Framework\Message\ManagerInterface $messageManager, - AdminSessionsManager $sessionsManager, - \Magento\Security\Model\SecurityCookie $securityCookie, - \Magento\Security\Model\UserExpirationManager $userExpirationManager = null + private readonly RequestInterface $request, + private readonly ManagerInterface $messageManager, + private readonly AdminSessionsManager $sessionsManager, + protected readonly SecurityCookie $securityCookie, + private ?UserExpirationManager $userExpirationManager = null ) { - $this->request = $request; - $this->messageManager = $messageManager; - $this->sessionsManager = $sessionsManager; - $this->securityCookie = $securityCookie; $this->userExpirationManager = $userExpirationManager ?: - \Magento\Framework\App\ObjectManager::getInstance() - ->get(\Magento\Security\Model\UserExpirationManager::class); + ObjectManager::getInstance() + ->get(UserExpirationManager::class); } /** * Admin Session prolong functionality * * @param Session $session - * @param \Closure $proceed + * @param Closure $proceed * @return mixed */ - public function aroundProlong(Session $session, \Closure $proceed) + public function aroundProlong(Session $session, Closure $proceed) { if (!$this->sessionsManager->getCurrentSession()->isLoggedInStatus()) { $session->destroy(); diff --git a/app/code/Magento/Security/Model/Plugin/LoginController.php b/app/code/Magento/Security/Model/Plugin/LoginController.php index ba1a18c4f0c06..64eaa83f0ecb8 100644 --- a/app/code/Magento/Security/Model/Plugin/LoginController.php +++ b/app/code/Magento/Security/Model/Plugin/LoginController.php @@ -5,8 +5,10 @@ */ namespace Magento\Security\Model\Plugin; +use Magento\Framework\Message\ManagerInterface; use Magento\Security\Model\AdminSessionsManager; use Magento\Backend\Controller\Adminhtml\Auth\Login; +use Magento\Security\Model\SecurityCookie; /** * Magento\Backend\Controller\Adminhtml\Auth\Login decorator @@ -14,33 +16,15 @@ class LoginController { /** - * @var \Magento\Framework\Message\ManagerInterface - */ - private $messageManager; - - /** - * @var AdminSessionsManager - */ - private $sessionsManager; - - /** - * @var \Magento\Security\Model\SecurityCookie - */ - private $securityCookie; - - /** - * @param \Magento\Framework\Message\ManagerInterface $messageManager + * @param ManagerInterface $messageManager * @param AdminSessionsManager $sessionsManager - * @param \Magento\Security\Model\SecurityCookie $securityCookie + * @param SecurityCookie $securityCookie */ public function __construct( - \Magento\Framework\Message\ManagerInterface $messageManager, - AdminSessionsManager $sessionsManager, - \Magento\Security\Model\SecurityCookie $securityCookie + private readonly ManagerInterface $messageManager, + private readonly AdminSessionsManager $sessionsManager, + private readonly SecurityCookie $securityCookie ) { - $this->messageManager = $messageManager; - $this->sessionsManager = $sessionsManager; - $this->securityCookie = $securityCookie; } /** diff --git a/app/code/Magento/Security/Model/Plugin/UserValidationRules.php b/app/code/Magento/Security/Model/Plugin/UserValidationRules.php index 7fddbb21200f4..7086f533e352f 100644 --- a/app/code/Magento/Security/Model/Plugin/UserValidationRules.php +++ b/app/code/Magento/Security/Model/Plugin/UserValidationRules.php @@ -7,35 +7,34 @@ namespace Magento\Security\Model\Plugin; +use Magento\Framework\Validator\DataObject as ValidatorDataObject; use Magento\Security\Model\UserExpiration\Validator; +use Magento\User\Model\UserValidationRules as ModelUserValidationRules; /** * \Magento\User\Model\UserValidationRules decorator */ class UserValidationRules { - /**@var Validator */ - private $validator; - /** * UserValidationRules constructor. * * @param Validator $validator */ - public function __construct(Validator $validator) - { - $this->validator = $validator; + public function __construct( + private readonly Validator $validator + ) { } /** * Add the Expires At validator to user validation rules. * - * @param \Magento\User\Model\UserValidationRules $userValidationRules - * @param \Magento\Framework\Validator\DataObject $result - * @return \Magento\Framework\Validator\DataObject + * @param ModelUserValidationRules $userValidationRules + * @param ValidatorDataObject $result + * @return ValidatorDataObject * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ - public function afterAddUserInfoRules(\Magento\User\Model\UserValidationRules $userValidationRules, $result) + public function afterAddUserInfoRules(ModelUserValidationRules $userValidationRules, $result) { return $result->addRule($this->validator, 'expires_at'); } diff --git a/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo.php b/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo.php index 98e7aa84fb262..b193711bbba85 100644 --- a/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo.php +++ b/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo.php @@ -7,32 +7,30 @@ namespace Magento\Security\Model\ResourceModel; +use Magento\Framework\Exception\LocalizedException; +use Magento\Framework\Model\ResourceModel\Db\AbstractDb; +use Magento\Framework\Model\ResourceModel\Db\Context as DbContext; +use Magento\Framework\Stdlib\DateTime; + /** * Admin Session Info mysql resource * * @api * @since 100.1.0 */ -class AdminSessionInfo extends \Magento\Framework\Model\ResourceModel\Db\AbstractDb +class AdminSessionInfo extends AbstractDb { /** - * @var \Magento\Framework\Stdlib\DateTime - * @since 100.1.0 - */ - protected $dateTime; - - /** - * @param \Magento\Framework\Model\ResourceModel\Db\Context $context - * @param \Magento\Framework\Stdlib\DateTime $dateTime + * @param DbContext $context + * @param DateTime $dateTime * @param null|string $connectionName */ public function __construct( - \Magento\Framework\Model\ResourceModel\Db\Context $context, - \Magento\Framework\Stdlib\DateTime $dateTime, + DbContext $context, + protected readonly DateTime $dateTime, $connectionName = null ) { parent::__construct($context, $connectionName); - $this->dateTime = $dateTime; } /** @@ -51,7 +49,7 @@ protected function _construct() * * @param int $timestamp * @return $this - * @throws \Magento\Framework\Exception\LocalizedException + * @throws LocalizedException * @since 100.1.0 */ public function deleteSessionsOlderThen($timestamp) @@ -73,7 +71,7 @@ public function deleteSessionsOlderThen($timestamp) * @param array $excludedSessionIds * @param int|null $updateOlderThen * @return int The number of affected rows. - * @throws \Magento\Framework\Exception\LocalizedException + * @throws LocalizedException * @since 100.1.0 */ public function updateStatusByUserId( diff --git a/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo/Collection.php b/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo/Collection.php index aee9010f468f4..a88569cf4c9ac 100644 --- a/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo/Collection.php +++ b/app/code/Magento/Security/Model/ResourceModel/AdminSessionInfo/Collection.php @@ -7,13 +7,24 @@ namespace Magento\Security\Model\ResourceModel\AdminSessionInfo; +use Magento\Framework\Data\Collection\Db\FetchStrategyInterface; +use Magento\Framework\Data\Collection\EntityFactoryInterface; +use Magento\Framework\DB\Adapter\AdapterInterface; +use Magento\Framework\Event\ManagerInterface; +use Magento\Framework\Model\ResourceModel\Db\AbstractDb; +use Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection; +use Magento\Framework\Stdlib\DateTime\DateTime; +use Magento\Security\Model\AdminSessionInfo as ModelAdminSessionInfo; +use Magento\Security\Model\ResourceModel\AdminSessionInfo as ResourceAdminSessionInfo; +use Psr\Log\LoggerInterface; + /** * Admin Session Info collection * * @api * @since 100.1.0 */ -class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection +class Collection extends AbstractCollection { /** * @var string @@ -22,31 +33,24 @@ class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\Ab protected $_idFieldName = 'id'; /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - * @since 100.1.0 - */ - protected $dateTime; - - /** - * @param \Magento\Framework\Data\Collection\EntityFactoryInterface $entityFactory - * @param \Psr\Log\LoggerInterface $logger - * @param \Magento\Framework\Data\Collection\Db\FetchStrategyInterface $fetchStrategy - * @param \Magento\Framework\Event\ManagerInterface $eventManager - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime - * @param \Magento\Framework\DB\Adapter\AdapterInterface|null $connection - * @param \Magento\Framework\Model\ResourceModel\Db\AbstractDb|null $resource + * @param EntityFactoryInterface $entityFactory + * @param LoggerInterface $logger + * @param FetchStrategyInterface $fetchStrategy + * @param ManagerInterface $eventManager + * @param DateTime $dateTime + * @param AdapterInterface|null $connection + * @param AbstractDb|null $resource */ public function __construct( - \Magento\Framework\Data\Collection\EntityFactoryInterface $entityFactory, - \Psr\Log\LoggerInterface $logger, - \Magento\Framework\Data\Collection\Db\FetchStrategyInterface $fetchStrategy, - \Magento\Framework\Event\ManagerInterface $eventManager, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - \Magento\Framework\DB\Adapter\AdapterInterface $connection = null, - \Magento\Framework\Model\ResourceModel\Db\AbstractDb $resource = null + EntityFactoryInterface $entityFactory, + LoggerInterface $logger, + FetchStrategyInterface $fetchStrategy, + ManagerInterface $eventManager, + protected readonly DateTime $dateTime, + AdapterInterface $connection = null, + AbstractDb $resource = null ) { parent::__construct($entityFactory, $logger, $fetchStrategy, $eventManager, $connection, $resource); - $this->dateTime = $dateTime; } /** @@ -58,8 +62,8 @@ public function __construct( protected function _construct() { $this->_init( - \Magento\Security\Model\AdminSessionInfo::class, - \Magento\Security\Model\ResourceModel\AdminSessionInfo::class + ModelAdminSessionInfo::class, + ResourceAdminSessionInfo::class ); } @@ -82,7 +86,7 @@ public function updateActiveSessionsStatus( return $this->getResource()->updateStatusByUserId( $status, $userId, - [\Magento\Security\Model\AdminSessionInfo::LOGGED_IN], + [ModelAdminSessionInfo::LOGGED_IN], [$sessionIdToExclude], $updateOlderThen ); @@ -99,7 +103,7 @@ public function updateActiveSessionsStatus( */ public function filterByUser( $userId, - $status = \Magento\Security\Model\AdminSessionInfo::LOGGED_IN, + $status = ModelAdminSessionInfo::LOGGED_IN, $sessionIdToExclude = null ) { $this->addFieldToFilter('user_id', $userId); diff --git a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent.php b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent.php index ba1af428316d5..843f48e9b4ea4 100644 --- a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent.php +++ b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent.php @@ -6,28 +6,27 @@ namespace Magento\Security\Model\ResourceModel; +use Magento\Framework\Exception\LocalizedException; +use Magento\Framework\Model\ResourceModel\Db\AbstractDb; +use Magento\Framework\Model\ResourceModel\Db\Context as DbContext; +use Magento\Framework\Stdlib\DateTime; + /** * Password reset request event mysql resource model */ -class PasswordResetRequestEvent extends \Magento\Framework\Model\ResourceModel\Db\AbstractDb +class PasswordResetRequestEvent extends AbstractDb { /** - * @var \Magento\Framework\Stdlib\DateTime - */ - protected $dateTime; - - /** - * @param \Magento\Framework\Model\ResourceModel\Db\Context $context - * @param \Magento\Framework\Stdlib\DateTime $dateTime + * @param DbContext $context + * @param DateTime $dateTime * @param null $connectionName */ public function __construct( - \Magento\Framework\Model\ResourceModel\Db\Context $context, - \Magento\Framework\Stdlib\DateTime $dateTime, + DbContext $context, + protected readonly DateTime $dateTime, $connectionName = null ) { parent::__construct($context, $connectionName); - $this->dateTime = $dateTime; } /** @@ -45,7 +44,7 @@ protected function _construct() * * @param int $timestamp * @return $this - * @throws \Magento\Framework\Exception\LocalizedException + * @throws LocalizedException */ public function deleteRecordsOlderThen($timestamp) { diff --git a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/Collection.php b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/Collection.php index ffa3ddcccf5c9..0c468a46ab9a6 100644 --- a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/Collection.php +++ b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/Collection.php @@ -5,13 +5,24 @@ */ namespace Magento\Security\Model\ResourceModel\PasswordResetRequestEvent; +use Magento\Framework\Data\Collection\Db\FetchStrategyInterface; +use Magento\Framework\Data\Collection\EntityFactoryInterface; +use Magento\Framework\DB\Adapter\AdapterInterface; +use Magento\Framework\Event\ManagerInterface; +use Magento\Framework\Model\ResourceModel\Db\AbstractDb; +use Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection; +use Magento\Framework\Stdlib\DateTime\DateTime; +use Magento\Security\Model\PasswordResetRequestEvent as ModelPasswordResetRequestEvent; +use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent as ResourcePasswordResetRequestEvent; +use Psr\Log\LoggerInterface; + /** * Password reset request event collection * * @api * @since 100.1.0 */ -class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection +class Collection extends AbstractCollection { /** * @var string @@ -20,31 +31,24 @@ class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\Ab protected $_idFieldName = 'id'; /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - * @since 100.1.0 - */ - protected $dateTime; - - /** - * @param \Magento\Framework\Data\Collection\EntityFactoryInterface $entityFactory - * @param \Psr\Log\LoggerInterface $logger - * @param \Magento\Framework\Data\Collection\Db\FetchStrategyInterface $fetchStrategy - * @param \Magento\Framework\Event\ManagerInterface $eventManager - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime - * @param \Magento\Framework\DB\Adapter\AdapterInterface|null $connection - * @param \Magento\Framework\Model\ResourceModel\Db\AbstractDb|null $resource + * @param EntityFactoryInterface $entityFactory + * @param LoggerInterface $logger + * @param FetchStrategyInterface $fetchStrategy + * @param ManagerInterface $eventManager + * @param DateTime $dateTime + * @param AdapterInterface|null $connection + * @param AbstractDb|null $resource */ public function __construct( - \Magento\Framework\Data\Collection\EntityFactoryInterface $entityFactory, - \Psr\Log\LoggerInterface $logger, - \Magento\Framework\Data\Collection\Db\FetchStrategyInterface $fetchStrategy, - \Magento\Framework\Event\ManagerInterface $eventManager, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - \Magento\Framework\DB\Adapter\AdapterInterface $connection = null, - \Magento\Framework\Model\ResourceModel\Db\AbstractDb $resource = null + EntityFactoryInterface $entityFactory, + LoggerInterface $logger, + FetchStrategyInterface $fetchStrategy, + ManagerInterface $eventManager, + protected readonly DateTime $dateTime, + AdapterInterface $connection = null, + AbstractDb $resource = null ) { parent::__construct($entityFactory, $logger, $fetchStrategy, $eventManager, $connection, $resource); - $this->dateTime = $dateTime; } /** @@ -56,8 +60,8 @@ public function __construct( protected function _construct() { $this->_init( - \Magento\Security\Model\PasswordResetRequestEvent::class, - \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent::class + ModelPasswordResetRequestEvent::class, + ResourcePasswordResetRequestEvent::class ); } diff --git a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/CollectionFactory.php b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/CollectionFactory.php index 910441399d29a..c82028a784f98 100644 --- a/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/CollectionFactory.php +++ b/app/code/Magento/Security/Model/ResourceModel/PasswordResetRequestEvent/CollectionFactory.php @@ -5,54 +5,30 @@ */ namespace Magento\Security\Model\ResourceModel\PasswordResetRequestEvent; +use Magento\Framework\ObjectManagerInterface; use Magento\Security\Model\Config\Source\ResetMethod; use Magento\Security\Model\ConfigInterface; /** - * Factory class for @see \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection + * Factory class for @see Collection * * @api * @since 100.1.0 */ class CollectionFactory { - /** - * Object Manager instance - * - * @var \Magento\Framework\ObjectManagerInterface - * @since 100.1.0 - */ - protected $objectManager = null; - - /** - * Instance name to create - * - * @var string - * @since 100.1.0 - */ - protected $instanceName = null; - - /** - * @var ConfigInterface - * @since 100.1.0 - */ - protected $securityConfig; - /** * CollectionFactory constructor. * - * @param \Magento\Framework\ObjectManagerInterface $objectManager + * @param ObjectManagerInterface $objectManager * @param ConfigInterface $securityConfig - * @param string $instanceName + * @param string $instanceName Instance name to create */ public function __construct( - \Magento\Framework\ObjectManagerInterface $objectManager, - ConfigInterface $securityConfig, - $instanceName = Collection::class + protected readonly ObjectManagerInterface $objectManager, + protected readonly ConfigInterface $securityConfig, + protected $instanceName = Collection::class ) { - $this->objectManager = $objectManager; - $this->securityConfig = $securityConfig; - $this->instanceName = $instanceName; } /** diff --git a/app/code/Magento/Security/Model/ResourceModel/UserExpiration.php b/app/code/Magento/Security/Model/ResourceModel/UserExpiration.php index 240dda2f0dfb9..8345fd64262c3 100644 --- a/app/code/Magento/Security/Model/ResourceModel/UserExpiration.php +++ b/app/code/Magento/Security/Model/ResourceModel/UserExpiration.php @@ -7,6 +7,8 @@ namespace Magento\Security\Model\ResourceModel; +use DateTime; +use Exception; use Magento\Framework\App\ObjectManager; use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Model\AbstractModel; @@ -29,16 +31,6 @@ class UserExpiration extends AbstractDb */ protected $_isPkAutoIncrement = false; - /** - * @var TimezoneInterface - */ - private $timezone; - - /** - * @var LocalizedDateToUtcConverterInterface - */ - private $localizedDateToUtcConverter; - /** * @param Context $context * @param TimezoneInterface $timezone @@ -47,12 +39,11 @@ class UserExpiration extends AbstractDb */ public function __construct( Context $context, - TimezoneInterface $timezone, + private TimezoneInterface $timezone, ?string $connectionName = null, - ?LocalizedDateToUtcConverterInterface $localizedDateToUtcConverter = null + private ?LocalizedDateToUtcConverterInterface $localizedDateToUtcConverter = null ) { parent::__construct($context, $connectionName); - $this->timezone = $timezone; $this->localizedDateToUtcConverter = $localizedDateToUtcConverter ?: ObjectManager::getInstance() ->get(LocalizedDateToUtcConverterInterface::class); } @@ -76,7 +67,7 @@ protected function _construct() */ protected function _beforeSave(AbstractModel $userExpiration) { - /** @var $userExpiration UserExpirationModel */ + /** @var UserExpirationModel $userExpiration */ $expiresAt = $userExpiration->getExpiresAt(); $utcValue = strtotime($expiresAt) ? $this->timezone->convertConfigTimeToUtc($expiresAt) @@ -91,13 +82,13 @@ protected function _beforeSave(AbstractModel $userExpiration) * * @param AbstractModel $userExpiration * @return $this|AbstractDb - * @throws \Exception + * @throws Exception */ protected function _afterLoad(AbstractModel $userExpiration) { - /** @var $userExpiration UserExpirationModel */ + /** @var UserExpirationModel $userExpiration */ if ($userExpiration->getExpiresAt()) { - $date = new \DateTime($userExpiration->getExpiresAt()); + $date = new DateTime($userExpiration->getExpiresAt()); $storeValue = $this->timezone->date($date); $userExpiration->setExpiresAt($storeValue->format('Y-m-d H:i:s')); } diff --git a/app/code/Magento/Security/Model/ResourceModel/UserExpiration/Collection.php b/app/code/Magento/Security/Model/ResourceModel/UserExpiration/Collection.php index 2f2971bc90225..66579697adbd1 100644 --- a/app/code/Magento/Security/Model/ResourceModel/UserExpiration/Collection.php +++ b/app/code/Magento/Security/Model/ResourceModel/UserExpiration/Collection.php @@ -7,10 +7,15 @@ namespace Magento\Security\Model\ResourceModel\UserExpiration; +use DateTime; +use Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection; +use Magento\Security\Model\ResourceModel\UserExpiration as ResourceUserExpiration; +use Magento\Security\Model\UserExpiration as ModelUserExpiration; + /** * Admin user expiration collection */ -class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\AbstractCollection +class Collection extends AbstractCollection { /** * @var string @@ -25,8 +30,8 @@ class Collection extends \Magento\Framework\Model\ResourceModel\Db\Collection\Ab protected function _construct() { $this->_init( - \Magento\Security\Model\UserExpiration::class, - \Magento\Security\Model\ResourceModel\UserExpiration::class + ModelUserExpiration::class, + ResourceUserExpiration::class ); } @@ -37,7 +42,7 @@ protected function _construct() */ public function addActiveExpiredUsersFilter(): Collection { - $currentTime = new \DateTime(); + $currentTime = new DateTime(); $currentTime->format('Y-m-d H:i:s'); $this->getSelect()->joinLeft( ['user' => $this->getTable('admin_user')], diff --git a/app/code/Magento/Security/Model/SecurityChecker/Frequency.php b/app/code/Magento/Security/Model/SecurityChecker/Frequency.php index 917a254983f0d..db2e0d6b91a7d 100644 --- a/app/code/Magento/Security/Model/SecurityChecker/Frequency.php +++ b/app/code/Magento/Security/Model/SecurityChecker/Frequency.php @@ -8,8 +8,10 @@ use Magento\Framework\Exception\SecurityViolationException; use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress; +use Magento\Framework\Stdlib\DateTime\DateTime as DateTimeModel; use Magento\Security\Model\Config\Source\ResetMethod; use Magento\Security\Model\ConfigInterface; +use Magento\Security\Model\PasswordResetRequestEvent; use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory; /** @@ -17,42 +19,18 @@ */ class Frequency implements SecurityCheckerInterface { - /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - */ - private $dateTime; - - /** - * @var \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory - */ - private $collectionFactory; - - /** - * @var ConfigInterface - */ - private $securityConfig; - - /** - * @var RemoteAddress - */ - private $remoteAddress; - /** * @param ConfigInterface $securityConfig * @param CollectionFactory $collectionFactory - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime + * @param DateTimeModel $dateTime * @param RemoteAddress $remoteAddress */ public function __construct( - ConfigInterface $securityConfig, - CollectionFactory $collectionFactory, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - RemoteAddress $remoteAddress + private readonly ConfigInterface $securityConfig, + private readonly CollectionFactory $collectionFactory, + private readonly DateTimeModel $dateTime, + private readonly RemoteAddress $remoteAddress ) { - $this->securityConfig = $securityConfig; - $this->collectionFactory = $collectionFactory; - $this->dateTime = $dateTime; - $this->remoteAddress = $remoteAddress; } /** @@ -97,7 +75,7 @@ public function check($securityEventType, $accountReference = null, $longIp = nu private function loadLastRecordCreationTimestamp($securityEventType, $accountReference, $longIp) { $collection = $this->collectionFactory->create($securityEventType, $accountReference, $longIp); - /** @var \Magento\Security\Model\PasswordResetRequestEvent $record */ + /** @var PasswordResetRequestEvent $record */ $record = $collection->filterLastItem()->getFirstItem(); return (int) strtotime($record->getCreatedAt() ?? ''); diff --git a/app/code/Magento/Security/Model/SecurityChecker/Quantity.php b/app/code/Magento/Security/Model/SecurityChecker/Quantity.php index 5d72ba261f316..e135ddbbd18f5 100644 --- a/app/code/Magento/Security/Model/SecurityChecker/Quantity.php +++ b/app/code/Magento/Security/Model/SecurityChecker/Quantity.php @@ -10,6 +10,7 @@ use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress; use Magento\Security\Model\Config\Source\ResetMethod; use Magento\Security\Model\ConfigInterface; +use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection as PasswordResetRequestEventCollection; use Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory; /** @@ -17,34 +18,16 @@ */ class Quantity implements SecurityCheckerInterface { - /** - * @var \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\CollectionFactory - */ - protected $collectionFactory; - - /** - * @var ConfigInterface - */ - protected $securityConfig; - - /** - * @var RemoteAddress - */ - private $remoteAddress; - /** * @param ConfigInterface $securityConfig * @param CollectionFactory $collectionFactory * @param RemoteAddress $remoteAddress */ public function __construct( - ConfigInterface $securityConfig, - CollectionFactory $collectionFactory, - RemoteAddress $remoteAddress + protected readonly ConfigInterface $securityConfig, + protected readonly CollectionFactory $collectionFactory, + private readonly RemoteAddress $remoteAddress ) { - $this->securityConfig = $securityConfig; - $this->collectionFactory = $collectionFactory; - $this->remoteAddress = $remoteAddress; } /** @@ -74,7 +57,7 @@ public function check($securityEventType, $accountReference = null, $longIp = nu * @param int $securityEventType * @param string $accountReference * @param int $longIp - * @return \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection + * @return PasswordResetRequestEventCollection */ protected function prepareCollection($securityEventType, $accountReference, $longIp) { diff --git a/app/code/Magento/Security/Model/SecurityChecker/SecurityCheckerInterface.php b/app/code/Magento/Security/Model/SecurityChecker/SecurityCheckerInterface.php index 373c95682fa7e..9941bd8967cd3 100644 --- a/app/code/Magento/Security/Model/SecurityChecker/SecurityCheckerInterface.php +++ b/app/code/Magento/Security/Model/SecurityChecker/SecurityCheckerInterface.php @@ -5,6 +5,8 @@ */ namespace Magento\Security\Model\SecurityChecker; +use Magento\Framework\Exception\SecurityViolationException; + /** * Interface for validation of reset password action * @@ -20,7 +22,7 @@ interface SecurityCheckerInterface * @param string|null $accountReference * @param int|null $longIp * @return void - * @throws \Magento\Framework\Exception\SecurityViolationException + * @throws SecurityViolationException * @since 100.1.0 */ public function check($securityEventType, $accountReference = null, $longIp = null); diff --git a/app/code/Magento/Security/Model/SecurityCookie.php b/app/code/Magento/Security/Model/SecurityCookie.php index a39450f047ba1..f2fcacb9bd7e0 100644 --- a/app/code/Magento/Security/Model/SecurityCookie.php +++ b/app/code/Magento/Security/Model/SecurityCookie.php @@ -5,7 +5,11 @@ */ namespace Magento\Security\Model; +use Magento\Backend\Helper\Data as BackendHelper; use Magento\Framework\Stdlib\Cookie\CookieReaderInterface; +use Magento\Framework\Stdlib\Cookie\PhpCookieManager; +use Magento\Framework\Stdlib\Cookie\PublicCookieMetadata; +use Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory; /** * Manager for a cookie with logout reason @@ -22,41 +26,17 @@ class SecurityCookie const LOGOUT_REASON_CODE_COOKIE_NAME = 'loggedOutReasonCode'; /** - * @var \Magento\Framework\Stdlib\Cookie\PhpCookieManager - */ - private $phpCookieManager; - - /** - * @var \Magento\Backend\Helper\Data - */ - private $backendData; - - /** - * @var \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory - */ - private $cookieMetadataFactory; - - /** - * @var CookieReaderInterface - */ - private $cookieReader; - - /** - * @param \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager - * @param \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory + * @param PhpCookieManager $phpCookieManager + * @param PublicCookieMetadataFactory $cookieMetadataFactory * @param CookieReaderInterface $cookieReader - * @param \Magento\Backend\Helper\Data $backendData + * @param BackendHelper $backendData */ public function __construct( - \Magento\Framework\Stdlib\Cookie\PhpCookieManager $phpCookieManager, - \Magento\Framework\Stdlib\Cookie\PublicCookieMetadataFactory $cookieMetadataFactory, - CookieReaderInterface $cookieReader, - \Magento\Backend\Helper\Data $backendData + private readonly PhpCookieManager $phpCookieManager, + private readonly PublicCookieMetadataFactory $cookieMetadataFactory, + private readonly CookieReaderInterface $cookieReader, + private readonly BackendHelper $backendData ) { - $this->phpCookieManager = $phpCookieManager; - $this->cookieMetadataFactory = $cookieMetadataFactory; - $this->cookieReader = $cookieReader; - $this->backendData = $backendData; } /** @@ -115,7 +95,7 @@ public function deleteLogoutReasonCookie() /** * Create Cookie Metadata instance * - * @return \Magento\Framework\Stdlib\Cookie\PublicCookieMetadata + * @return PublicCookieMetadata */ private function createCookieMetaData() { diff --git a/app/code/Magento/Security/Model/SecurityManager.php b/app/code/Magento/Security/Model/SecurityManager.php index 4c9c0da19c290..84cc980e4d1e5 100644 --- a/app/code/Magento/Security/Model/SecurityManager.php +++ b/app/code/Magento/Security/Model/SecurityManager.php @@ -5,8 +5,11 @@ */ namespace Magento\Security\Model; +use Magento\Framework\Event\ManagerInterface as EventManagerInterface; +use Magento\Framework\Exception\LocalizedException; use Magento\Framework\Exception\SecurityViolationException; use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress; +use Magento\Framework\Stdlib\DateTime\DateTime; use Magento\Security\Model\SecurityChecker\SecurityCheckerInterface; /** @@ -24,77 +27,30 @@ class SecurityManager */ const SECURITY_CONTROL_RECORDS_LIFE_TIME = 86400; - /** - * @var ConfigInterface - * @since 100.1.0 - */ - protected $securityConfig; - - /** - * @var \Magento\Security\Model\PasswordResetRequestEventFactory - * @since 100.1.0 - */ - protected $passwordResetRequestEventFactory; - - /** - * @var ResourceModel\PasswordResetRequestEvent\CollectionFactory - * @since 100.1.0 - */ - protected $passwordResetRequestEventCollectionFactory; - - /** - * @var SecurityCheckerInterface[] - * @since 100.1.0 - */ - protected $securityCheckers; - - /** - * @var \Magento\Framework\Event\ManagerInterface - */ - private $eventManager; - - /** - * @var \Magento\Framework\Stdlib\DateTime\DateTime - */ - private $dateTime; - - /** - * @var RemoteAddress - */ - private $remoteAddress; - /** * SecurityManager constructor. * * @param ConfigInterface $securityConfig - * @param \Magento\Security\Model\PasswordResetRequestEventFactory $passwordResetRequestEventFactory + * @param PasswordResetRequestEventFactory $passwordResetRequestEventFactory * @param ResourceModel\PasswordResetRequestEvent\CollectionFactory $passwordResetRequestEventCollectionFactory - * @param \Magento\Framework\Event\ManagerInterface $eventManager - * @param \Magento\Framework\Stdlib\DateTime\DateTime $dateTime + * @param EventManagerInterface $eventManager + * @param DateTime $dateTime * @param RemoteAddress $remoteAddress - * @param array $securityCheckers - * @throws \Magento\Framework\Exception\LocalizedException + * @param SecurityCheckerInterface[] $securityCheckers + * @throws LocalizedException */ public function __construct( - ConfigInterface $securityConfig, - \Magento\Security\Model\PasswordResetRequestEventFactory $passwordResetRequestEventFactory, - ResourceModel\PasswordResetRequestEvent\CollectionFactory $passwordResetRequestEventCollectionFactory, - \Magento\Framework\Event\ManagerInterface $eventManager, - \Magento\Framework\Stdlib\DateTime\DateTime $dateTime, - RemoteAddress $remoteAddress, - $securityCheckers = [] + protected readonly ConfigInterface $securityConfig, + protected readonly PasswordResetRequestEventFactory $passwordResetRequestEventFactory, + protected readonly ResourceModel\PasswordResetRequestEvent\CollectionFactory $passwordResetRequestEventCollectionFactory, + private readonly EventManagerInterface $eventManager, + private readonly DateTime $dateTime, + private readonly RemoteAddress $remoteAddress, + protected $securityCheckers = [] ) { - $this->securityConfig = $securityConfig; - $this->passwordResetRequestEventFactory = $passwordResetRequestEventFactory; - $this->passwordResetRequestEventCollectionFactory = $passwordResetRequestEventCollectionFactory; - $this->securityCheckers = $securityCheckers; - $this->eventManager = $eventManager; - $this->dateTime = $dateTime; - $this->remoteAddress = $remoteAddress; - foreach ($this->securityCheckers as $checker) { if (!($checker instanceof SecurityCheckerInterface)) { - throw new \Magento\Framework\Exception\LocalizedException( + throw new LocalizedException( __('Incorrect Security Checker class. It has to implement SecurityCheckerInterface') ); } @@ -151,7 +107,7 @@ public function cleanExpiredRecords() */ protected function createNewPasswordResetRequestEventRecord($requestType, $accountReference, $longIp) { - /** @var \Magento\Security\Model\PasswordResetRequestEventFactory $passwordResetRequestEvent */ + /** @var PasswordResetRequestEventFactory $passwordResetRequestEvent */ $passwordResetRequestEvent = $this->passwordResetRequestEventFactory->create(); $passwordResetRequestEvent->setRequestType($requestType) ->setAccountReference($accountReference) diff --git a/app/code/Magento/Security/Model/UserExpiration.php b/app/code/Magento/Security/Model/UserExpiration.php index e6c711b7ac049..6322306859c93 100644 --- a/app/code/Magento/Security/Model/UserExpiration.php +++ b/app/code/Magento/Security/Model/UserExpiration.php @@ -10,6 +10,7 @@ use Magento\Framework\Model\AbstractExtensibleModel; use Magento\Security\Api\Data\UserExpirationExtensionInterface; use Magento\Security\Api\Data\UserExpirationInterface; +use Magento\Security\Model\ResourceModel\UserExpiration as ResourceUserExpiration; /** * Admin User Expiration model. @@ -24,7 +25,7 @@ class UserExpiration extends AbstractExtensibleModel implements UserExpirationIn */ protected function _construct() { - $this->_init(\Magento\Security\Model\ResourceModel\UserExpiration::class); + $this->_init(ResourceUserExpiration::class); } /** diff --git a/app/code/Magento/Security/Model/UserExpiration/Validator.php b/app/code/Magento/Security/Model/UserExpiration/Validator.php index 7535169a8b764..d27ff721ab92a 100644 --- a/app/code/Magento/Security/Model/UserExpiration/Validator.php +++ b/app/code/Magento/Security/Model/UserExpiration/Validator.php @@ -7,6 +7,7 @@ namespace Magento\Security\Model\UserExpiration; +use Exception; use Magento\Framework\App\ObjectManager; use Magento\Framework\Stdlib\DateTime\DateTime; use Magento\Framework\Stdlib\DateTime\Timezone\LocalizedDateToUtcConverterInterface; @@ -20,33 +21,16 @@ */ class Validator extends AbstractValidator { - /** - * @var TimezoneInterface - */ - private $timezone; - - /** - * @var DateTime - */ - private $dateTime; - - /** - * @var LocalizedDateToUtcConverterInterface - */ - private $localizedDateToUtcConverter; - /** * @param TimezoneInterface $timezone * @param DateTime $dateTime * @param LocalizedDateToUtcConverterInterface|null $localizedDateToUtcConverter */ public function __construct( - TimezoneInterface $timezone, - DateTime $dateTime, - ?LocalizedDateToUtcConverterInterface $localizedDateToUtcConverter = null + private readonly TimezoneInterface $timezone, + private readonly DateTime $dateTime, + private ?LocalizedDateToUtcConverterInterface $localizedDateToUtcConverter = null ) { - $this->timezone = $timezone; - $this->dateTime = $dateTime; $this->localizedDateToUtcConverter = $localizedDateToUtcConverter ?: ObjectManager::getInstance() ->get(LocalizedDateToUtcConverterInterface::class); } @@ -56,7 +40,7 @@ public function __construct( * * @param string $value * @return bool - * @throws \Exception + * @throws Exception */ public function isValid($value) { diff --git a/app/code/Magento/Security/Model/UserExpirationManager.php b/app/code/Magento/Security/Model/UserExpirationManager.php index 667ff4841165c..9899f7bdb24e3 100644 --- a/app/code/Magento/Security/Model/UserExpirationManager.php +++ b/app/code/Magento/Security/Model/UserExpirationManager.php @@ -9,6 +9,8 @@ use Magento\Backend\Model\Auth\Session; use Magento\Framework\Stdlib\DateTime\DateTime; +use Magento\Security\Api\Data\UserExpirationInterface; +use Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection as AdminSessionInfoCollection; use Magento\Security\Model\ResourceModel\AdminSessionInfo\CollectionFactory as AdminSessionCollectionFactory; use Magento\Security\Model\ResourceModel\UserExpiration\Collection as ExpiredUsersCollection; use Magento\Security\Model\ResourceModel\UserExpiration\CollectionFactory as UserExpirationCollectionFactory; @@ -22,37 +24,6 @@ */ class UserExpirationManager { - - /** - * @var DateTime - */ - private $dateTime; - - /** - * @var ConfigInterface - */ - private $securityConfig; - - /** - * @var ResourceModel\AdminSessionInfo\CollectionFactory - */ - private $adminSessionInfoCollectionFactory; - - /** - * @var Session - */ - private $authSession; - - /** - * @var ResourceModel\UserExpiration\CollectionFactory - */ - private $userExpirationCollectionFactory; - - /** - * @var UserCollectionFactory - */ - private $userCollectionFactory; - /** * UserExpirationManager constructor. * @@ -64,19 +35,13 @@ class UserExpirationManager * @param DateTime $dateTime */ public function __construct( - Session $authSession, - ConfigInterface $securityConfig, - AdminSessionCollectionFactory $adminSessionInfoCollectionFactory, - UserExpirationCollectionFactory $userExpirationCollectionFactory, - UserCollectionFactory $userCollectionFactory, - DateTime $dateTime + private readonly Session $authSession, + private readonly ConfigInterface $securityConfig, + private readonly AdminSessionCollectionFactory $adminSessionInfoCollectionFactory, + private readonly UserExpirationCollectionFactory $userExpirationCollectionFactory, + private readonly UserCollectionFactory $userCollectionFactory, + private readonly DateTime $dateTime ) { - $this->dateTime = $dateTime; - $this->securityConfig = $securityConfig; - $this->adminSessionInfoCollectionFactory = $adminSessionInfoCollectionFactory; - $this->authSession = $authSession; - $this->userExpirationCollectionFactory = $userExpirationCollectionFactory; - $this->userCollectionFactory = $userCollectionFactory; } /** @@ -111,12 +76,12 @@ private function processExpiredUsers(ExpiredUsersCollection $expiredRecords): vo { if ($expiredRecords->getSize() > 0) { // get all active sessions for the users and set them to logged out - /** @var \Magento\Security\Model\ResourceModel\AdminSessionInfo\Collection $currentSessions */ + /** @var AdminSessionInfoCollection $currentSessions */ $currentSessions = $this->adminSessionInfoCollectionFactory->create() ->addFieldToFilter('user_id', ['in' => $expiredRecords->getAllIds()]) ->filterExpiredSessions($this->securityConfig->getAdminSessionLifetime()); - /** @var \Magento\Security\Model\AdminSessionInfo $currentSession */ - $currentSessions->setDataToAll('status', \Magento\Security\Model\AdminSessionInfo::LOGGED_OUT) + /** @var AdminSessionInfo $currentSession */ + $currentSessions->setDataToAll('status', AdminSessionInfo::LOGGED_OUT) ->save(); } @@ -139,7 +104,7 @@ private function processExpiredUsers(ExpiredUsersCollection $expiredRecords): vo public function isUserExpired(string $userId): bool { $isExpired = false; - /** @var \Magento\Security\Api\Data\UserExpirationInterface $expiredRecord */ + /** @var UserExpirationInterface $expiredRecord */ $expiredRecord = $this->userExpirationCollectionFactory->create() ->addExpiredRecordsForUserFilter($userId) ->getFirstItem(); diff --git a/app/code/Magento/Security/Observer/AdminUserAuthenticateBefore.php b/app/code/Magento/Security/Observer/AdminUserAuthenticateBefore.php index 2d0f7bc0f0ac0..6161828e4fbb9 100644 --- a/app/code/Magento/Security/Observer/AdminUserAuthenticateBefore.php +++ b/app/code/Magento/Security/Observer/AdminUserAuthenticateBefore.php @@ -11,6 +11,7 @@ use Magento\Framework\Event\ObserverInterface; use Magento\Framework\Exception\Plugin\AuthenticationException; use Magento\Security\Model\UserExpirationManager; +use Magento\User\Model\User; use Magento\User\Model\UserFactory; /** @@ -18,16 +19,6 @@ */ class AdminUserAuthenticateBefore implements ObserverInterface { - /** - * @var UserExpirationManager - */ - private $userExpirationManager; - - /** - * @var UserFactory - */ - private $userFactory; - /** * AdminUserAuthenticateBefore constructor. * @@ -35,11 +26,9 @@ class AdminUserAuthenticateBefore implements ObserverInterface * @param UserFactory $userFactory */ public function __construct( - UserExpirationManager $userExpirationManager, - UserFactory $userFactory + private readonly UserExpirationManager $userExpirationManager, + private readonly UserFactory $userFactory ) { - $this->userExpirationManager = $userExpirationManager; - $this->userFactory = $userFactory; } /** @@ -53,7 +42,7 @@ public function execute(Observer $observer) { $username = $observer->getEvent()->getUsername(); $user = $this->userFactory->create(); - /** @var \Magento\User\Model\User $user */ + /** @var User $user */ $user->loadByUsername($username); if ($user->getId() && $this->userExpirationManager->isUserExpired($user->getId())) { diff --git a/app/code/Magento/Security/Observer/AfterAdminUserSave.php b/app/code/Magento/Security/Observer/AfterAdminUserSave.php index 096b0f85f5056..17e79f2d3828b 100644 --- a/app/code/Magento/Security/Observer/AfterAdminUserSave.php +++ b/app/code/Magento/Security/Observer/AfterAdminUserSave.php @@ -9,24 +9,17 @@ use Magento\Framework\Event\Observer; use Magento\Framework\Event\ObserverInterface; +use Magento\Framework\Exception\AlreadyExistsException; use Magento\Security\Model\ResourceModel\UserExpiration as UserExpirationResource; +use Magento\Security\Model\UserExpiration; use Magento\Security\Model\UserExpirationFactory; +use Magento\User\Model\User; /** * Save UserExpiration on admin user record. */ class AfterAdminUserSave implements ObserverInterface { - /** - * @var UserExpirationFactory - */ - private $userExpirationFactory; - - /** - * @var UserExpirationResource - */ - private $userExpirationResource; - /** * AfterAdminUserSave constructor. * @@ -34,12 +27,9 @@ class AfterAdminUserSave implements ObserverInterface * @param UserExpirationResource $userExpirationResource */ public function __construct( - UserExpirationFactory $userExpirationFactory, - UserExpirationResource $userExpirationResource + private readonly UserExpirationFactory $userExpirationFactory, + private readonly UserExpirationResource $userExpirationResource ) { - - $this->userExpirationFactory = $userExpirationFactory; - $this->userExpirationResource = $userExpirationResource; } /** @@ -47,15 +37,15 @@ public function __construct( * * @param Observer $observer * @return void - * @throws \Magento\Framework\Exception\AlreadyExistsException + * @throws AlreadyExistsException */ public function execute(Observer $observer) { - /* @var $user \Magento\User\Model\User */ + /* @var User $user */ $user = $observer->getEvent()->getObject(); if ($user->getId() && $user->hasData('expires_at')) { $expiresAt = $user->getExpiresAt(); - /** @var \Magento\Security\Model\UserExpiration $userExpiration */ + /** @var UserExpiration $userExpiration */ $userExpiration = $this->userExpirationFactory->create(); $this->userExpirationResource->load($userExpiration, $user->getId()); diff --git a/app/code/Magento/Security/Setup/Patch/Data/SessionIDColumnCleanUp.php b/app/code/Magento/Security/Setup/Patch/Data/SessionIDColumnCleanUp.php index f868698505609..78fc8e95812be 100644 --- a/app/code/Magento/Security/Setup/Patch/Data/SessionIDColumnCleanUp.php +++ b/app/code/Magento/Security/Setup/Patch/Data/SessionIDColumnCleanUp.php @@ -4,39 +4,30 @@ * See COPYING.txt for license details. */ declare(strict_types=1); + namespace Magento\Security\Setup\Patch\Data; use Magento\Framework\DB\Adapter\Pdo\Mysql; use Magento\Framework\Setup\ModuleDataSetupInterface; use Magento\Framework\Setup\Patch\DataPatchInterface; use Psr\Log\LoggerInterface; +use Throwable; +use Zend_Db_Statement_Exception; /** * Class Clean Up Data Removes unused data */ class SessionIDColumnCleanUp implements DataPatchInterface { - /** - * @var ModuleDataSetupInterface - */ - private $moduleDataSetup; - - /** - * @var LoggerInterface - */ - private $logger; - /** * RemoveData constructor. * @param ModuleDataSetupInterface $moduleDataSetup * @param LoggerInterface $logger */ public function __construct( - ModuleDataSetupInterface $moduleDataSetup, - LoggerInterface $logger + private readonly ModuleDataSetupInterface $moduleDataSetup, + private readonly LoggerInterface $logger ) { - $this->moduleDataSetup = $moduleDataSetup; - $this->logger = $logger; } /** @@ -46,7 +37,7 @@ public function apply() { try { $this->cleanAdminUserSessionTable(); - } catch (\Throwable $e) { + } catch (Throwable $e) { $this->logger->warning( 'Security module SessionIDColumnCleanUp patch experienced an error and could not be completed.' . ' Please submit a support ticket or email us at security@magento.com.' @@ -61,7 +52,7 @@ public function apply() /** * Remove session id from admin_user_session table. * - * @throws \Zend_Db_Statement_Exception + * @throws Zend_Db_Statement_Exception */ private function cleanAdminUserSessionTable() { diff --git a/app/code/Magento/Security/registration.php b/app/code/Magento/Security/registration.php index 80cc28f8d2103..899ffc03510cf 100644 --- a/app/code/Magento/Security/registration.php +++ b/app/code/Magento/Security/registration.php @@ -6,4 +6,8 @@ use Magento\Framework\Component\ComponentRegistrar; -ComponentRegistrar::register(ComponentRegistrar::MODULE, 'Magento_Security', __DIR__); +ComponentRegistrar::register( + ComponentRegistrar::MODULE, + 'Magento_Security', + __DIR__ +);