Merge branch 'master' into magento2.4.x

Author: thomas-kl1

Model/Customer/Anonymize/AccountBlocker.php

@@ -11,12 +11,14 @@
 use Magento\Customer\Model\CustomerRegistry;
 use Magento\Framework\Api\SearchCriteriaBuilder;
 use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\Exception\InputException;
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\Exception\State\InputMismatchException;
 use Magento\Sales\Api\Data\OrderInterface;
+use Magento\Sales\Api\Data\OrderSearchResultInterface;
 use Magento\Sales\Api\OrderRepositoryInterface;
 use Magento\Store\Model\ScopeInterface;
-use Opengento\Gdpr\Model\Customer\Anonymize\AccountBlocker;
 use Opengento\Gdpr\Service\Anonymize\AnonymizerInterface;
 use Opengento\Gdpr\Service\Erase\ProcessorInterface;
 
@@ -29,11 +31,6 @@ final class CustomerDataProcessor implements ProcessorInterface
      */
     private $anonymizer;
 
-    /**
-     * @var AccountBlocker
-     */
-    private $accountBlocker;
-
     /**
      * @var CustomerRepositoryInterface
      */
@@ -61,15 +58,13 @@ final class CustomerDataProcessor implements ProcessorInterface
 
     public function __construct(
         AnonymizerInterface $anonymizer,
-        AccountBlocker $accountBlocker,
         CustomerRepositoryInterface $customerRepository,
         OrderRepositoryInterface $orderRepository,
         SearchCriteriaBuilder $criteriaBuilder,
         CustomerRegistry $customerRegistry,
         ScopeConfigInterface $scopeConfig
     ) {
         $this->anonymizer = $anonymizer;
-        $this->accountBlocker = $accountBlocker;
         $this->customerRepository = $customerRepository;
         $this->orderRepository = $orderRepository;
         $this->criteriaBuilder = $criteriaBuilder;
@@ -84,40 +79,45 @@ public function __construct(
     public function execute(int $customerId): bool
     {
         $isRemoved = false;
-        try {
-            if ($this->shouldRemoveCustomerWithoutOrders()) {
-                $this->criteriaBuilder->addFilter(OrderInterface::CUSTOMER_ID, $customerId);
-                $orderList = $this->orderRepository->getList($this->criteriaBuilder->create());
 
-                if (!$orderList->getTotalCount()) {
-                    $isRemoved = $this->customerRepository->deleteById($customerId);
-                }
+        try {
+            if ($this->shouldRemoveCustomerWithoutOrders() && !$this->fetchOrdersList($customerId)->getTotalCount()) {
+                $isRemoved = $this->customerRepository->deleteById($customerId);
             }
-
-            // Make sure, we don't work with cached customer data, because
-            // saving cached customers may "de-anonymize" related data
-            // like addresses
-            $this->customerRegistry->remove($customerId);
-
             if (!$isRemoved) {
-                $this->accountBlocker->invalid($customerId);
-                $this->customerRepository->save(
-                    $this->anonymizer->anonymize($this->customerRepository->getById($customerId))
-                );
+                $this->anonymizeCustomer($customerId);
             }
-
         } catch (NoSuchEntityException $e) {
             return false;
         }
 
         return true;
     }
 
-    private function shouldRemoveCustomerWithoutOrders(): bool
+    private function fetchOrdersList(int $customerId): OrderSearchResultInterface
+    {
+        $this->criteriaBuilder->addFilter(OrderInterface::CUSTOMER_ID, $customerId);
+
+        return $this->orderRepository->getList($this->criteriaBuilder->create());
+    }
+
+    /**
+     * @param int $customerId
+     * @throws LocalizedException
+     * @throws NoSuchEntityException
+     * @throws InputException
+     * @throws InputMismatchException
+     */
+    private function anonymizeCustomer(int $customerId): void
     {
-        return $this->scopeConfig->isSetFlag(
-            self::CONFIG_PATH_ERASURE_REMOVE_CUSTOMER,
-            ScopeInterface::SCOPE_STORE
+        $this->customerRegistry->remove($customerId);
+        $this->customerRepository->save(
+            $this->anonymizer->anonymize($this->customerRepository->getById($customerId))
         );
     }
+
+    private function shouldRemoveCustomerWithoutOrders(): bool
+    {
+        return $this->scopeConfig->isSetFlag(self::CONFIG_PATH_ERASURE_REMOVE_CUSTOMER, ScopeInterface::SCOPE_STORE);
+    }
 }

Model/Customer/Anonymize/Processor/CustomerDataProcessor.php

@@ -0,0 +1,108 @@
+<?php
+/**
+ * Copyright © OpenGento, All rights reserved.
+ * See LICENSE bundled with this library for license details.
+ */
+declare(strict_types=1);
+
+namespace Opengento\Gdpr\Plugin;
+
+use Magento\Customer\Controller\AccountInterface;
+use Magento\Customer\Model\Session;
+use Magento\Framework\App\ActionInterface;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Message\ManagerInterface;
+use Magento\Framework\Phrase;
+use Magento\Framework\Stdlib\Cookie\CookieMetadataFactory;
+use Magento\Framework\Stdlib\CookieManagerInterface;
+use Opengento\Gdpr\Api\Data\EraseEntityInterface;
+use Opengento\Gdpr\Model\ResourceModel\EraseEntity\CollectionFactory;
+use Psr\Log\LoggerInterface;
+
+final class SessionChecker
+{
+    /**
+     * @var CollectionFactory
+     */
+    private $collectionFactory;
+
+    /**
+     * @var Session
+     */
+    private $session;
+
+    /**
+     * @var CookieManagerInterface
+     */
+    private $cookieManager;
+
+    /**
+     * @var CookieMetadataFactory
+     */
+    private $cookieMetadataFactory;
+
+    /**
+     * @var ManagerInterface
+     */
+    private $messageManager;
+
+    /**
+     * @var LoggerInterface
+     */
+    private $logger;
+
+    public function __construct(
+        CollectionFactory $collectionFactory,
+        Session $session,
+        CookieManagerInterface $cookieManager,
+        CookieMetadataFactory $cookieMetadataFactory,
+        ManagerInterface $messageManager,
+        LoggerInterface $logger
+    ) {
+        $this->collectionFactory = $collectionFactory;
+        $this->session = $session;
+        $this->cookieManager = $cookieManager;
+        $this->cookieMetadataFactory = $cookieMetadataFactory;
+        $this->messageManager = $messageManager;
+        $this->logger = $logger;
+    }
+
+    public function aroundExecute(ActionInterface $action, callable $proceed, ...$arguments)
+    {
+        if ($this->session->isLoggedIn() && $this->isErased()) {
+            $this->messageManager->addNoticeMessage(
+                new Phrase('Your account have been erased and you have signed out.')
+            );
+            $this->logout();
+
+            if ($action instanceof AccountInterface) {
+                return $this->session->authenticate();
+            }
+        }
+
+        return $proceed(...$arguments);
+    }
+
+    private function logout(): void
+    {
+        $this->session->logout();
+        $metadata = $this->cookieMetadataFactory->createCookieMetadata();
+        $metadata->setPath('/');
+
+        try {
+            $this->cookieManager->deleteCookie('mage-cache-sessid', $metadata);
+        } catch (LocalizedException $e) {
+            $this->logger->error($e->getLogMessage(), $e->getTrace());
+        }
+    }
+
+    private function isErased(): bool
+    {
+        $collection = $this->collectionFactory->create();
+        $collection->addFieldToFilter(EraseEntityInterface::ENTITY_ID, $this->session->getCustomerId());
+        $collection->addFieldToFilter(EraseEntityInterface::ENTITY_TYPE, 'customer');
+        $collection->addFieldToFilter(EraseEntityInterface::STATE, EraseEntityInterface::STATE_COMPLETE);
+
+        return (bool) $collection->getSize();
+    }
+}

Plugin/SessionChecker.php

@@ -32,7 +32,7 @@
             </field>
             <field id="delay" type="text" translate="label comment" showInDefault="1" showInWebsite="1" showInStore="1" sortOrder="30" canRestore="1">
                 <label>Erasure Delay</label>
-                <comment>Erasure delay in minute before the execution by the cron.</comment>
+                <comment>Erasure delay in minute before the execution by the cron. From 60 to 43800.</comment>
                 <validate>validate-number validate-number-range number-range-60-43800</validate>
                 <depends>
                     <field id="gdpr/erasure/enabled">1</field>

etc/adminhtml/system/erasure.xml

@@ -78,4 +78,7 @@
             <argument name="action" xsi:type="object">Opengento\Gdpr\Model\Action\ExportCreateAction</argument>
         </arguments>
     </type>
+    <type name="Magento\Framework\App\ActionInterface">
+        <plugin name="opengento_gdpr_customer_session_checker" type="Opengento\Gdpr\Plugin\SessionChecker" sortOrder="10"/>
+    </type>
 </config>

etc/frontend/di.xml

@@ -44,6 +44,7 @@
 "Impossible to process the erasure: %1","Unmöglich, die Löschung zu verarbeiten: %1"
 "An export entity already exists for the entity type ""%1"" with ID ""%2"".","Für den Entitätstyp ""%1"" mit der ID ""%2"" existiert bereits eine Exportentität."
 "State ""%1"" does not exists.","Der Zustand ""%1"" ist nicht vorhanden."
+"Your account have been erased and you have signed out.","Ihr Konto wurde gelöscht und Sie haben sich abgemeldet."
 "* Required Fields","* Erforderliche Felder"
 "Confirm password to continue","Passwort bestätigen, um fortzufahren"
 "Password","Kennwort"
@@ -96,7 +97,7 @@
 "Erasure","Löschung"
 "It will enable the erase action to the storefront.","Es wird die Löschaktion bis zur Storefront ermöglicht."
 "Erasure Delay","Verzögerung der Löschung"
-"Erasure delay in minute before the execution by the cron.","Löschverzögerung in Minuten vor der Ausführung durch den Cron."
+"Erasure delay in minute before the execution by the cron. From 60 to 43800.","Löschverzögerung in Minuten vor der Ausführung durch den Cron. Von 60 bis 43800."
 "Erase Entity Cron Schedule","Cron-Zeitplan für das Löschen der Entität "
 "Entities Lifetime","Entitäten Lebensdauer"
 "The time is in days.","Die Zeit wird in Tagen angegeben."