From 3fe16b8849bcde9b142472c4dfac526f1c024fd4 Mon Sep 17 00:00:00 2001 From: Thomas Klein Date: Fri, 2 Jul 2021 23:47:20 +0200 Subject: [PATCH] fix #99 Remove plugin account --- Controller/AbstractPrivacy.php | 51 ++++++++++++++++++++++++++++++-- Controller/Privacy/Download.php | 14 ++++----- Controller/Privacy/Erase.php | 14 ++++----- Controller/Privacy/ErasePost.php | 12 +++----- Controller/Privacy/Export.php | 14 ++++----- Controller/Privacy/UndoErase.php | 10 ++----- etc/frontend/di.xml | 3 -- 7 files changed, 71 insertions(+), 47 deletions(-) diff --git a/Controller/AbstractPrivacy.php b/Controller/AbstractPrivacy.php index 213e955e..dbc903bb 100644 --- a/Controller/AbstractPrivacy.php +++ b/Controller/AbstractPrivacy.php @@ -7,8 +7,55 @@ namespace Opengento\Gdpr\Controller; -use Magento\Customer\Controller\AccountInterface; +use Magento\Customer\Model\Session; +use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; +use Magento\Framework\Controller\ResultFactory; +use Magento\Framework\Exception\NotFoundException; +use Magento\Framework\Message\ManagerInterface; +use Opengento\Gdpr\Model\Config; -abstract class AbstractPrivacy extends AbstractAction implements AccountInterface +/** + * This class is introduced to handle customer authentication verification. + * We can't use the default AccountInterface or AccountPlugin + * as they requires the action to inherit the default Magento AbstractAction + * which is deprecated and which suffer of performance issues + */ +abstract class AbstractPrivacy extends AbstractAction { + /** + * @var Session + */ + protected $customerSession; + + /** + * @var Http + */ + private $response; + + public function __construct( + RequestInterface $request, + ResultFactory $resultFactory, + ManagerInterface $messageManager, + Config $config, + Session $customerSession, + Http $response + ) { + $this->customerSession = $customerSession; + $this->response = $response; + parent::__construct($request, $resultFactory, $messageManager, $config); + } + + public function execute() + { + return $this->customerSession->authenticate() ? $this->defaultAction() : $this->response; + } + + /** + * @throws NotFoundException + */ + private function defaultAction() + { + return $this->isAllowed() ? $this->executeAction() : $this->forwardNoRoute(); + } } diff --git a/Controller/Privacy/Download.php b/Controller/Privacy/Download.php index 2bd6888c..f63f70d5 100755 --- a/Controller/Privacy/Download.php +++ b/Controller/Privacy/Download.php @@ -12,6 +12,7 @@ use Magento\Framework\App\Action\HttpGetActionInterface; use Magento\Framework\App\Filesystem\DirectoryList; use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; use Magento\Framework\App\Response\Http\FileFactory; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\Controller\ResultFactory; @@ -35,24 +36,19 @@ class Download extends AbstractPrivacy implements HttpGetActionInterface */ private $exportRepository; - /** - * @var Session - */ - private $customerSession; - public function __construct( RequestInterface $request, ResultFactory $resultFactory, ManagerInterface $messageManager, Config $config, + Http $response, + Session $customerSession, FileFactory $fileFactory, - ExportEntityRepositoryInterface $exportRepository, - Session $customerSession + ExportEntityRepositoryInterface $exportRepository ) { $this->fileFactory = $fileFactory; $this->exportRepository = $exportRepository; - $this->customerSession = $customerSession; - parent::__construct($request, $resultFactory, $messageManager, $config); + parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response); } protected function isAllowed(): bool diff --git a/Controller/Privacy/Erase.php b/Controller/Privacy/Erase.php index 5444186f..1bebb92e 100755 --- a/Controller/Privacy/Erase.php +++ b/Controller/Privacy/Erase.php @@ -10,6 +10,7 @@ use Magento\Customer\Model\Session; use Magento\Framework\App\Action\HttpGetActionInterface; use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\Controller\ResultFactory; use Magento\Framework\Message\ManagerInterface; @@ -20,11 +21,6 @@ class Erase extends AbstractPrivacy implements HttpGetActionInterface { - /** - * @var Session - */ - private $session; - /** * @var EraseEntityCheckerInterface */ @@ -35,12 +31,12 @@ public function __construct( ResultFactory $resultFactory, ManagerInterface $messageManager, Config $config, - Session $session, + Session $customerSession, + Http $response, EraseEntityCheckerInterface $eraseCustomerChecker ) { - $this->session = $session; $this->eraseCustomerChecker = $eraseCustomerChecker; - parent::__construct($request, $resultFactory, $messageManager, $config); + parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response); } protected function isAllowed(): bool @@ -50,7 +46,7 @@ protected function isAllowed(): bool protected function executeAction() { - if ($this->eraseCustomerChecker->exists((int) $this->session->getCustomerId(), 'customer')) { + if ($this->eraseCustomerChecker->exists((int) $this->customerSession->getCustomerId(), 'customer')) { $this->messageManager->addErrorMessage(new Phrase('Your account is already being removed.')); /** @var Redirect $resultRedirect */ $resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT); diff --git a/Controller/Privacy/ErasePost.php b/Controller/Privacy/ErasePost.php index d3cb11a3..4ad8ad33 100755 --- a/Controller/Privacy/ErasePost.php +++ b/Controller/Privacy/ErasePost.php @@ -12,6 +12,7 @@ use Magento\Customer\Model\Session; use Magento\Framework\App\Action\HttpPostActionInterface; use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\Controller\ResultFactory; use Magento\Framework\Exception\InvalidEmailOrPasswordException; @@ -33,11 +34,6 @@ class ErasePost extends AbstractPrivacy implements HttpPostActionInterface */ private $authentication; - /** - * @var Session - */ - private $customerSession; - /** * @var ActionInterface */ @@ -53,16 +49,16 @@ public function __construct( ResultFactory $resultFactory, ManagerInterface $messageManager, Config $config, - AuthenticationInterface $authentication, Session $customerSession, + Http $response, + AuthenticationInterface $authentication, ActionInterface $action, ContextBuilder $actionContextBuilder ) { $this->authentication = $authentication; - $this->customerSession = $customerSession; $this->action = $action; $this->actionContextBuilder = $actionContextBuilder; - parent::__construct($request, $resultFactory, $messageManager, $config); + parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response); } protected function isAllowed(): bool diff --git a/Controller/Privacy/Export.php b/Controller/Privacy/Export.php index 73a73206..da0ba9b0 100755 --- a/Controller/Privacy/Export.php +++ b/Controller/Privacy/Export.php @@ -11,6 +11,7 @@ use Magento\Customer\Model\Session; use Magento\Framework\App\Action\HttpGetActionInterface; use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\Controller\ResultFactory; use Magento\Framework\Exception\AlreadyExistsException; @@ -35,24 +36,19 @@ class Export extends AbstractPrivacy implements HttpGetActionInterface */ private $actionContextBuilder; - /** - * @var Session - */ - private $customerSession; - public function __construct( RequestInterface $request, ResultFactory $resultFactory, ManagerInterface $messageManager, Config $config, + Session $customerSession, + Http $response, ActionInterface $action, - ContextBuilder $actionContextBuilder, - Session $customerSession + ContextBuilder $actionContextBuilder ) { $this->action = $action; $this->actionContextBuilder = $actionContextBuilder; - $this->customerSession = $customerSession; - parent::__construct($request, $resultFactory, $messageManager, $config); + parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response); } protected function isAllowed(): bool diff --git a/Controller/Privacy/UndoErase.php b/Controller/Privacy/UndoErase.php index 4b3ea43b..dadbd25a 100755 --- a/Controller/Privacy/UndoErase.php +++ b/Controller/Privacy/UndoErase.php @@ -11,6 +11,7 @@ use Magento\Customer\Model\Session; use Magento\Framework\App\Action\HttpPostActionInterface; use Magento\Framework\App\RequestInterface; +use Magento\Framework\App\Response\Http; use Magento\Framework\Controller\Result\Redirect; use Magento\Framework\Controller\ResultFactory; use Magento\Framework\Exception\LocalizedException; @@ -24,11 +25,6 @@ class UndoErase extends AbstractPrivacy implements HttpPostActionInterface { - /** - * @var Session - */ - private $customerSession; - /** * @var ActionInterface */ @@ -45,13 +41,13 @@ public function __construct( ManagerInterface $messageManager, Config $config, Session $customerSession, + Http $response, ActionInterface $action, ContextBuilder $actionContextBuilder ) { - $this->customerSession = $customerSession; $this->action = $action; $this->actionContextBuilder = $actionContextBuilder; - parent::__construct($request, $resultFactory, $messageManager, $config); + parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response); } protected function isAllowed(): bool diff --git a/etc/frontend/di.xml b/etc/frontend/di.xml index 2d501ae7..defe7395 100644 --- a/etc/frontend/di.xml +++ b/etc/frontend/di.xml @@ -40,9 +40,6 @@ - - - Magento\Sales\Controller\Guest\OrderLoader