From 7b523ee3cace09b3d558333b9d4d649574addd5f Mon Sep 17 00:00:00 2001 From: Ji Lu Date: Tue, 30 Apr 2019 17:04:35 -0500 Subject: [PATCH 1/3] MQE-1536: Magento\Install\Test\TestCase\InstallTest is failing - reverting MAGETWO-99210 --- .../lib/Magento/Mtf/Util/Command/Cli.php | 41 ++++++++--- .../Mtf/Util/Command/File/Export/Reader.php | 39 ++++++++--- .../Command/File/Export/ReaderInterface.php | 2 +- .../lib/Magento/Mtf/Util/Command/File/Log.php | 37 +++++++--- .../Mtf/Util/Command/GeneratedCode.php | 39 +++++++++-- .../lib/Magento/Mtf/Util/Command/Locales.php | 42 ++++++++--- .../Magento/Mtf/Util/Command/PathChecker.php | 43 +++++++++--- .../lib/Magento/Mtf/Util/Command/Website.php | 40 +++++++---- .../CurlTransport/BackendDecorator.php | 69 ++++++++++++++----- .../CurlTransport/WebapiDecorator.php | 32 ++++++++- .../Config/Test/Handler/ConfigData/Curl.php | 2 +- dev/tests/functional/utils/authenticate.php | 29 ++++++++ dev/tests/functional/utils/command.php | 32 +++++---- .../utils/deleteMagentoGeneratedCode.php | 14 +++- dev/tests/functional/utils/export.php | 51 +++++++------- dev/tests/functional/utils/locales.php | 34 +++++---- dev/tests/functional/utils/log.php | 32 +++++---- dev/tests/functional/utils/pathChecker.php | 27 ++++---- dev/tests/functional/utils/website.php | 52 +++++++------- 19 files changed, 467 insertions(+), 190 deletions(-) create mode 100644 dev/tests/functional/utils/authenticate.php diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli.php index 8fa22122cce89..f0abd280f3ebc 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli.php @@ -8,6 +8,7 @@ use Magento\Mtf\Util\Protocol\CurlInterface; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * Perform bin/magento commands from command line for functional tests executions. @@ -17,7 +18,7 @@ class Cli /** * Url to command.php. */ - const URL = 'dev/tests/functional/utils/command.php'; + const URL = '/dev/tests/functional/utils/command.php'; /** * Curl transport protocol. @@ -26,12 +27,21 @@ class Cli */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -43,22 +53,31 @@ public function __construct(CurlTransport $transport) */ public function execute($command, $options = []) { - $curl = $this->transport; - $curl->write($this->prepareUrl($command, $options), [], CurlInterface::GET); - $curl->read(); - $curl->close(); + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray($command, $options), + CurlInterface::POST, + [] + ); + $this->transport->read(); + $this->transport->close(); } /** - * Prepare url. + * Prepare parameter array. * * @param string $command * @param array $options [optional] - * @return string + * @return array */ - private function prepareUrl($command, $options = []) + private function prepareParamArray($command, $options = []) { - $command .= ' ' . implode(' ', $options); - return $_ENV['app_frontend_url'] . self::URL . '?command=' . urlencode($command); + if (!empty($options)) { + $command .= ' ' . implode(' ', $options); + } + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'command' => urlencode($command) + ]; } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/Reader.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/Reader.php index d7336b51a18e2..f5b6d681e4f6c 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/Reader.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/Reader.php @@ -3,12 +3,12 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ - namespace Magento\Mtf\Util\Command\File\Export; use Magento\Mtf\ObjectManagerInterface; use Magento\Mtf\Util\Protocol\CurlTransport; use Magento\Mtf\Util\Protocol\CurlInterface; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * File reader for Magento export files. @@ -36,16 +36,29 @@ class Reader implements ReaderInterface */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @param ObjectManagerInterface $objectManager * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler * @param string $template */ - public function __construct(ObjectManagerInterface $objectManager, CurlTransport $transport, $template) - { + public function __construct( + ObjectManagerInterface $objectManager, + CurlTransport $transport, + WebapiDecorator $webapiHandler, + $template + ) { $this->objectManager = $objectManager; $this->template = $template; $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -70,20 +83,28 @@ public function getData() */ private function getFiles() { - $this->transport->write($this->prepareUrl(), [], CurlInterface::GET); + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray(), + CurlInterface::POST, + [] + ); $serializedFiles = $this->transport->read(); $this->transport->close(); // phpcs:ignore Magento2.Security.InsecureFunction - return unserialize($serializedFiles, ['allowed_classes' => false]); + return unserialize($serializedFiles); } /** - * Prepare url. + * Prepare parameter array. * - * @return string + * @return array */ - private function prepareUrl() + private function prepareParamArray() { - return $_ENV['app_frontend_url'] . self::URL . '?template=' . urlencode($this->template); + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'template' => urlencode($this->template) + ]; } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/ReaderInterface.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/ReaderInterface.php index 93f7cf1ce9764..3666e8643efa3 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/ReaderInterface.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Export/ReaderInterface.php @@ -14,7 +14,7 @@ interface ReaderInterface /** * Url to export.php. */ - const URL = 'dev/tests/functional/utils/export.php'; + const URL = '/dev/tests/functional/utils/export.php'; /** * Exporting files as Data object from Magento. diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Log.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Log.php index f4e55682857a2..2539be593a713 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Log.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/File/Log.php @@ -7,6 +7,7 @@ namespace Magento\Mtf\Util\Command\File; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * Get content of log file in var/log folder. @@ -16,7 +17,7 @@ class Log /** * Url to log.php. */ - const URL = 'dev/tests/functional/utils/log.php'; + const URL = '/dev/tests/functional/utils/log.php'; /** * Curl transport protocol. @@ -25,12 +26,21 @@ class Log */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -41,22 +51,29 @@ public function __construct(CurlTransport $transport) */ public function getFileContent($name) { - $curl = $this->transport; - $curl->write($this->prepareUrl($name), [], CurlTransport::GET); - $data = $curl->read(); - $curl->close(); + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray($name), + CurlInterface::POST, + [] + ); + $data = $this->transport->read(); + $this->transport->close(); // phpcs:ignore Magento2.Security.InsecureFunction return unserialize($data); } /** - * Prepare url. + * Prepare parameter array. * * @param string $name - * @return string + * @return array */ - private function prepareUrl($name) + private function prepareParamArray($name) { - return $_ENV['app_frontend_url'] . self::URL . '?name=' . urlencode($name); + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'name' => urlencode($name) + ]; } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/GeneratedCode.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/GeneratedCode.php index dde3409ed1562..a9fefa25ffa24 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/GeneratedCode.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/GeneratedCode.php @@ -7,6 +7,7 @@ use Magento\Mtf\Util\Protocol\CurlInterface; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * GeneratedCode removes generated code of Magento (like generated/code and generated/metadata). @@ -16,7 +17,7 @@ class GeneratedCode /** * Url to deleteMagentoGeneratedCode.php. */ - const URL = 'dev/tests/functional/utils/deleteMagentoGeneratedCode.php'; + const URL = '/dev/tests/functional/utils/deleteMagentoGeneratedCode.php'; /** * Curl transport protocol. @@ -25,12 +26,21 @@ class GeneratedCode */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -40,10 +50,25 @@ public function __construct(CurlTransport $transport) */ public function delete() { - $url = $_ENV['app_frontend_url'] . self::URL; - $curl = $this->transport; - $curl->write($url, [], CurlInterface::GET); - $curl->read(); - $curl->close(); + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray(), + CurlInterface::POST, + [] + ); + $this->transport->read(); + $this->transport->close(); + } + + /** + * Prepare parameter array. + * + * @return array + */ + private function prepareParamArray() + { + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()) + ]; } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Locales.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Locales.php index f669d91f2f2e5..a55d803f43087 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Locales.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Locales.php @@ -7,6 +7,7 @@ use Magento\Mtf\Util\Protocol\CurlInterface; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * Returns array of locales depends on fetching type. @@ -26,7 +27,7 @@ class Locales /** * Url to locales.php. */ - const URL = 'dev/tests/functional/utils/locales.php'; + const URL = '/dev/tests/functional/utils/locales.php'; /** * Curl transport protocol. @@ -35,12 +36,21 @@ class Locales */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @param CurlTransport $transport Curl transport protocol + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -51,12 +61,28 @@ public function __construct(CurlTransport $transport) */ public function getList($type = self::TYPE_ALL) { - $url = $_ENV['app_frontend_url'] . self::URL . '?type=' . $type; - $curl = $this->transport; - $curl->write($url, [], CurlInterface::GET); - $result = $curl->read(); - $curl->close(); - + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray($type), + CurlInterface::POST, + [] + ); + $result = $this->transport->read(); + $this->transport->close(); return explode('|', $result); } + + /** + * Prepare parameter array. + * + * @param string $type + * @return array + */ + private function prepareParamArray($type) + { + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'type' => urlencode($type) + ]; + } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/PathChecker.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/PathChecker.php index fd1f746a6f09c..4b12f6eec87aa 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/PathChecker.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/PathChecker.php @@ -7,6 +7,7 @@ use Magento\Mtf\Util\Protocol\CurlInterface; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * PathChecker checks that path to file or directory exists. @@ -16,7 +17,7 @@ class PathChecker /** * Url to checkPath.php. */ - const URL = 'dev/tests/functional/utils/pathChecker.php'; + const URL = '/dev/tests/functional/utils/pathChecker.php'; /** * Curl transport protocol. @@ -26,11 +27,21 @@ class PathChecker private $transport; /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + + /** + * @constructor * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -41,12 +52,28 @@ public function __construct(CurlTransport $transport) */ public function pathExists($path) { - $url = $_ENV['app_frontend_url'] . self::URL . '?path=' . urlencode($path); - $curl = $this->transport; - $curl->write($url, [], CurlInterface::GET); - $result = $curl->read(); - $curl->close(); - + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray($path), + CurlInterface::POST, + [] + ); + $result = $this->transport->read(); + $this->transport->close(); return strpos($result, 'path exists: true') !== false; } + + /** + * Prepare parameter array. + * + * @param string $path + * @return array + */ + private function prepareParamArray($path) + { + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'path' => urlencode($path) + ]; + } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Website.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Website.php index 7d73634c0360d..fec20bb2a8715 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Website.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Website.php @@ -3,11 +3,11 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ - namespace Magento\Mtf\Util\Command; use Magento\Mtf\Util\Protocol\CurlInterface; use Magento\Mtf\Util\Protocol\CurlTransport; +use Magento\Mtf\Util\Protocol\CurlTransport\WebapiDecorator; /** * Perform Website folder creation for functional tests executions. @@ -17,7 +17,7 @@ class Website /** * Url to website.php. */ - const URL = 'dev/tests/functional/utils/website.php'; + const URL = '/dev/tests/functional/utils/website.php'; /** * Curl transport protocol. @@ -26,13 +26,22 @@ class Website */ private $transport; + /** + * Webapi handler. + * + * @var WebapiDecorator + */ + private $webapiHandler; + /** * @constructor * @param CurlTransport $transport + * @param WebapiDecorator $webapiHandler */ - public function __construct(CurlTransport $transport) + public function __construct(CurlTransport $transport, WebapiDecorator $webapiHandler) { $this->transport = $transport; + $this->webapiHandler = $webapiHandler; } /** @@ -43,21 +52,28 @@ public function __construct(CurlTransport $transport) */ public function create($websiteCode) { - $curl = $this->transport; - $curl->addOption(CURLOPT_HEADER, 1); - $curl->write($this->prepareUrl($websiteCode), [], CurlInterface::GET); - $curl->read(); - $curl->close(); + $this->transport->addOption(CURLOPT_HEADER, 1); + $this->transport->write( + rtrim(str_replace('index.php', '', $_ENV['app_frontend_url']), '/') . self::URL, + $this->prepareParamArray($websiteCode), + CurlInterface::POST, + [] + ); + $this->transport->read(); + $this->transport->close(); } /** - * Prepare url. + * Prepare parameter array. * * @param string $websiteCode - * @return string + * @return array */ - private function prepareUrl($websiteCode) + private function prepareParamArray($websiteCode) { - return $_ENV['app_frontend_url'] . self::URL . '?website_code=' . urlencode($websiteCode); + return [ + 'token' => urlencode($this->webapiHandler->getWebapiToken()), + 'website_code' => urlencode($websiteCode) + ]; } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php index b1c552370835c..5999b52141f05 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php @@ -63,24 +63,59 @@ public function __construct(CurlTransport $transport, DataInterface $configurati */ protected function authorize() { - // Perform GET to backend url so form_key is set - $url = $_ENV['app_backend_url']; - $this->transport->write($url, [], CurlInterface::GET); - $this->read(); - - $url = $_ENV['app_backend_url'] . $this->configuration->get('application/0/backendLoginUrl/0/value'); - $data = [ - 'login[username]' => $this->configuration->get('application/0/backendLogin/0/value'), - 'login[password]' => $this->configuration->get('application/0/backendPassword/0/value'), - 'form_key' => $this->formKey, - ]; - $this->transport->write($url, $data, CurlInterface::POST); - $response = $this->read(); - if (strpos($response, 'login-form') !== false) { + // There are situations where magento application backend url could be slightly different from the environment + // variable we know. It could be intentionally (e.g. InstallTest) or unintentionally. We would still want tests + // to run in this case. + // When the original app_backend_url does not work, we will try 4 variants of the it. i.e. with and without + // url rewrite, http and https. + $urls = []; + $originalUrl = rtrim($_ENV['app_backend_url'], '/') . '/'; + $urls[] = $originalUrl; + // It could be the case that the page needs a refresh, so we will try the original one twice. + $urls[] = $originalUrl; + if (strpos($originalUrl, '/index.php') !== false) { + $url2 = str_replace('/index.php', '', $originalUrl); + } else { + $url2 = $originalUrl . 'index.php/'; + } + $urls[] = $url2; + if (strpos($originalUrl, 'https') !== false) { + $urls[] = str_replace('https', 'http', $originalUrl); + $urls[] = str_replace('https', 'http', $url2); + } else { + $urls[] = str_replace('http', 'https', $originalUrl); + $urls[] = str_replace('http', 'https', $url2); + } + + $isAuthorized = false; + foreach ($urls as $url) { + try { + // Perform GET to backend url so form_key is set + $this->transport->write($url, [], CurlInterface::GET); + $this->read(); + + $authUrl = $url . $this->configuration->get('application/0/backendLoginUrl/0/value'); + $data = [ + 'login[username]' => $this->configuration->get('application/0/backendLogin/0/value'), + 'login[password]' => $this->configuration->get('application/0/backendPassword/0/value'), + 'form_key' => $this->formKey, + ]; + + $this->transport->write($authUrl, $data, CurlInterface::POST); + $response = $this->read(); + if (strpos($response, 'login-form') !== false) { + continue; + } + $isAuthorized = true; + $_ENV['app_backend_url'] = $url; + break; + } catch (\Exception $e) { + continue; + } + } + if ($isAuthorized == false) { // phpcs:ignore Magento2.Exceptions.DirectThrow - throw new \Exception( - 'Admin user cannot be logged in by curl handler!' - ); + throw new \Exception('Admin user cannot be logged in by curl handler!'); } } diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/WebapiDecorator.php b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/WebapiDecorator.php index 3aa756904ab00..df5ab45a3f96d 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/WebapiDecorator.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/WebapiDecorator.php @@ -70,6 +70,13 @@ class WebapiDecorator implements CurlInterface */ protected $response; + /** + * Webapi token. + * + * @var string + */ + protected $webapiToken; + /** * @construct * @param ObjectManager $objectManager @@ -110,6 +117,9 @@ protected function init() $integration->persist(); $this->setConfiguration($integration); + $this->webapiToken = $integration->getToken(); + } else { + $this->webapiToken = $integrationToken; } } @@ -161,7 +171,13 @@ protected function setConfiguration(Integration $integration) */ protected function isValidIntegration() { - $this->write($_ENV['app_frontend_url'] . 'rest/V1/modules', [], CurlInterface::GET); + $url = rtrim($_ENV['app_frontend_url'], '/'); + if (strpos($url, 'index.php') === false) { + $url .= '/index.php/rest/V1/modules'; + } else { + $url .= '/rest/V1/modules'; + } + $this->write($url, [], CurlInterface::GET); $response = json_decode($this->read(), true); return (null !== $response) && !isset($response['message']); @@ -219,4 +235,18 @@ public function close() { $this->transport->close(); } + + /** + * Return webapiToken. + * + * @return string + */ + public function getWebapiToken() + { + // Request token if integration is no longer valid + if (!$this->isValidIntegration()) { + $this->init(); + } + return $this->webapiToken; + } } diff --git a/dev/tests/functional/tests/app/Magento/Config/Test/Handler/ConfigData/Curl.php b/dev/tests/functional/tests/app/Magento/Config/Test/Handler/ConfigData/Curl.php index 66587879848a3..0d89a1d4eba6e 100644 --- a/dev/tests/functional/tests/app/Magento/Config/Test/Handler/ConfigData/Curl.php +++ b/dev/tests/functional/tests/app/Magento/Config/Test/Handler/ConfigData/Curl.php @@ -123,9 +123,9 @@ protected function prepareConfigPath(array $input) */ protected function applyConfigSettings(array $data, $section) { - $url = $this->getUrl($section); $curl = new BackendDecorator(new CurlTransport(), $this->_configuration); $curl->addOption(CURLOPT_HEADER, 1); + $url = $this->getUrl($section); $curl->write($url, $data); $response = $curl->read(); $curl->close(); diff --git a/dev/tests/functional/utils/authenticate.php b/dev/tests/functional/utils/authenticate.php new file mode 100644 index 0000000000000..15851f6e8000a --- /dev/null +++ b/dev/tests/functional/utils/authenticate.php @@ -0,0 +1,29 @@ +create($_SERVER); + $tokenModel = $magentoObjectManager->get(\Magento\Integration\Model\Oauth\Token::class); + + $tokenPassedIn = $token; + // Token returned will be null if the token we passed in is invalid + $tokenFromMagento = $tokenModel->loadByToken($tokenPassedIn)->getToken(); + if (!empty($tokenFromMagento) && ($tokenFromMagento == $tokenPassedIn)) { + return true; + } else { + return false; + } +} diff --git a/dev/tests/functional/utils/command.php b/dev/tests/functional/utils/command.php index 99025dd1cffcc..a3f6d1e19b4e9 100644 --- a/dev/tests/functional/utils/command.php +++ b/dev/tests/functional/utils/command.php @@ -3,7 +3,8 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ - +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; // phpcs:ignore Magento2.Security.IncludeFile require_once __DIR__ . '/../../../../app/bootstrap.php'; @@ -11,18 +12,21 @@ use Symfony\Component\Console\Output\NullOutput; // phpcs:ignore Magento2.Security.Superglobal -if (isset($_GET['command'])) { - // phpcs:ignore Magento2.Security.Superglobal - $command = urldecode($_GET['command']); - // phpcs:ignore Magento2.Security.Superglobal - $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER); - // phpcs:ignore Magento2.Security.Superglobal - $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER); - $cli = $magentoObjectManager->create(\Magento\Framework\Console\Cli::class); - $input = new StringInput($command); - $input->setInteractive(false); - $output = new NullOutput(); - $cli->doRun($input, $output); +if (!empty($_POST['token']) && !empty($_POST['command'])) { + if (authenticate(urldecode($_POST['token']))) { + $command = urldecode($_POST['command']); + // phpcs:ignore Magento2.Security.Superglobal + $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER); + // phpcs:ignore Magento2.Security.Superglobal + $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER); + $cli = $magentoObjectManager->create(\Magento\Framework\Console\Cli::class); + $input = new StringInput(escapeshellcmd($command)); + $input->setInteractive(false); + $output = new NullOutput(); + $cli->doRun($input, $output); + } else { + echo "Command not unauthorized."; + } } else { - throw new \InvalidArgumentException("Command GET parameter is not set."); + echo "'token' or 'command' parameter is not set."; } diff --git a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php b/dev/tests/functional/utils/deleteMagentoGeneratedCode.php index 17260bd1da635..dcdedcbeeb04a 100644 --- a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php +++ b/dev/tests/functional/utils/deleteMagentoGeneratedCode.php @@ -3,6 +3,16 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.InsecureFunction -exec('rm -rf ../../../../generated/*'); +if (!empty($_POST['token']) && !empty($_POST['path'])) { + if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.InsecureFunction + exec('rm -rf ../../../../generated/*'); + } else { + echo "Command not unauthorized."; + } +} else { + echo "'token' parameter is not set."; +} diff --git a/dev/tests/functional/utils/export.php b/dev/tests/functional/utils/export.php index fa50bc729d0f6..5cdc74c880a76 100644 --- a/dev/tests/functional/utils/export.php +++ b/dev/tests/functional/utils/export.php @@ -3,32 +3,35 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.Superglobal -if (!isset($_GET['template'])) { - // phpcs:ignore Magento2.Exceptions.DirectThrow - throw new \InvalidArgumentException('Argument "template" must be set.'); -} +if (!empty($_POST['token']) && !empty($_POST['template'])) { + if (authenticate(urldecode($_POST['token']))) { + $varDir = '../../../../var/'; + $template = urldecode($_POST['template']); + // phpcs:ignore Magento2.Functions.DiscouragedFunction + $fileList = scandir($varDir, SCANDIR_SORT_NONE); + $files = []; -$varDir = '../../../../var/export/'; -// phpcs:ignore Magento2.Security.Superglobal -$template = urldecode($_GET['template']); -// phpcs:ignore Magento2.Functions.DiscouragedFunction -$fileList = scandir($varDir, SCANDIR_SORT_NONE); -$files = []; + foreach ($fileList as $fileName) { + if (preg_match("`$template`", $fileName) === 1) { + $filePath = $varDir . $fileName; + $files[] = [ + // phpcs:ignore Magento2.Functions.DiscouragedFunction + 'content' => file_get_contents($filePath), + 'name' => $fileName, + // phpcs:ignore Magento2.Functions.DiscouragedFunction + 'date' => filectime($filePath), + ]; + } + } -foreach ($fileList as $fileName) { - if (preg_match("`$template`", $fileName) === 1) { - $filePath = $varDir . $fileName; - $files[] = [ - // phpcs:ignore Magento2.Functions.DiscouragedFunction - 'content' => file_get_contents($filePath), - 'name' => $fileName, - // phpcs:ignore Magento2.Functions.DiscouragedFunction - 'date' => filectime($filePath), - ]; + // phpcs:ignore Magento2.Security.LanguageConstruct, Magento2.Security.InsecureFunction + echo serialize($files); + } else { + echo "Command not unauthorized."; } +} else { + echo "'token' or 'template' parameter is not set."; } - -// phpcs:ignore Magento2.Security.LanguageConstruct, Magento2.Security.InsecureFunction -echo serialize($files); diff --git a/dev/tests/functional/utils/locales.php b/dev/tests/functional/utils/locales.php index 11e1e2b70fa50..97c8932a9e6c0 100644 --- a/dev/tests/functional/utils/locales.php +++ b/dev/tests/functional/utils/locales.php @@ -3,20 +3,26 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.Superglobal -if (isset($_GET['type']) && $_GET['type'] == 'deployed') { - // phpcs:ignore Magento2.Security.Superglobal - $themePath = isset($_GET['theme_path']) ? $_GET['theme_path'] : 'adminhtml/Magento/backend'; - $directory = __DIR__ . '/../../../../pub/static/' . $themePath; - // phpcs:ignore Magento2.Functions.DiscouragedFunction - $locales = array_diff(scandir($directory), ['..', '.']); +if (!empty($_POST['token'])) { + if (authenticate(urldecode($_POST['token']))) { + if ($_POST['type'] == 'deployed') { + $themePath = isset($_POST['theme_path']) ? $_POST['theme_path'] : 'adminhtml/Magento/backend'; + $directory = __DIR__ . '/../../../../pub/static/' . $themePath; + $locales = array_diff(scandir($directory), ['..', '.']); + } else { + // phpcs:ignore Magento2.Security.IncludeFile + require_once __DIR__ . DIRECTORY_SEPARATOR . 'bootstrap.php'; + $localeConfig = $magentoObjectManager->create(\Magento\Framework\Locale\Config::class); + $locales = $localeConfig->getAllowedLocales(); + } + // phpcs:ignore Magento2.Security.LanguageConstruct + echo implode('|', $locales); + } else { + echo "Command not unauthorized."; + } } else { - // phpcs:ignore Magento2.Security.IncludeFile - require_once __DIR__ . DIRECTORY_SEPARATOR . 'bootstrap.php'; - $localeConfig = $magentoObjectManager->create(\Magento\Framework\Locale\Config::class); - $locales = $localeConfig->getAllowedLocales(); + echo "'token' parameter is not set."; } - -// phpcs:ignore Magento2.Security.LanguageConstruct -echo implode('|', $locales); diff --git a/dev/tests/functional/utils/log.php b/dev/tests/functional/utils/log.php index 30783ae8e1d28..cec2e1c0ad211 100644 --- a/dev/tests/functional/utils/log.php +++ b/dev/tests/functional/utils/log.php @@ -3,21 +3,23 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ - declare(strict_types=1); -// phpcs:ignore Magento2.Security.Superglobal -if (!isset($_GET['name'])) { - // phpcs:ignore Magento2.Exceptions.DirectThrow - throw new \InvalidArgumentException( - 'The name of log file is required for getting logs.' - ); -} +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.Superglobal -$name = urldecode($_GET['name']); -if (preg_match('/\.\.(\\\|\/)/', $name)) { - throw new \InvalidArgumentException('Invalid log file name'); -} +if (!empty($_POST['token']) && !empty($_POST['name'])) { + if (authenticate(urldecode($_POST['token']))) { + $name = urldecode($_POST['name']); + if (preg_match('/\.\.(\\\|\/)/', $name)) { + // phpcs:ignore Magento2.Exceptions.DirectThrow + throw new \InvalidArgumentException('Invalid log file name'); + } -// phpcs:ignore Magento2.Security.InsecureFunction, Magento2.Functions.DiscouragedFunction, Magento2.Security.LanguageConstruct -echo serialize(file_get_contents('../../../../var/log' .'/' .$name)); + // phpcs:ignore Magento2.Security.InsecureFunction, Magento2.Functions.DiscouragedFunction, Magento2.Security.LanguageConstruct + echo serialize(file_get_contents('../../../../var/log' . '/' . $name)); + } else { + echo "Command not unauthorized."; + } +} else { + echo "'token' or 'name' parameter is not set."; +} diff --git a/dev/tests/functional/utils/pathChecker.php b/dev/tests/functional/utils/pathChecker.php index 217cf90af0a56..ed1949d71768d 100644 --- a/dev/tests/functional/utils/pathChecker.php +++ b/dev/tests/functional/utils/pathChecker.php @@ -3,20 +3,23 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.Superglobal -if (isset($_GET['path'])) { - // phpcs:ignore Magento2.Security.Superglobal - $path = urldecode($_GET['path']); - // phpcs:ignore Magento2.Functions.DiscouragedFunction - if (file_exists('../../../../' . $path)) { - // phpcs:ignore Magento2.Security.LanguageConstruct - echo 'path exists: true'; +if (!empty($_POST['token']) && !empty($_POST['path'])) { + if (authenticate(urldecode($_POST['token']))) { + $path = urldecode($_POST['path']); + // phpcs:ignore Magento2.Functions.DiscouragedFunction + if (file_exists('../../../../' . $path)) { + // phpcs:ignore Magento2.Security.LanguageConstruct + echo 'path exists: true'; + } else { + // phpcs:ignore Magento2.Security.LanguageConstruct + echo 'path exists: false'; + } } else { - // phpcs:ignore Magento2.Security.LanguageConstruct - echo 'path exists: false'; + echo "Command not unauthorized."; } } else { - // phpcs:ignore Magento2.Exceptions.DirectThrow - throw new \InvalidArgumentException("GET parameter 'path' is not set."); + echo "'token' or 'path' parameter is not set."; } diff --git a/dev/tests/functional/utils/website.php b/dev/tests/functional/utils/website.php index 720b4962aedd4..980dd557db6f7 100644 --- a/dev/tests/functional/utils/website.php +++ b/dev/tests/functional/utils/website.php @@ -3,36 +3,40 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ +// phpcs:ignore Magento2.Security.IncludeFile +include __DIR__ . '/authenticate.php'; -// phpcs:ignore Magento2.Security.Superglobal -if (!isset($_GET['website_code'])) { - // phpcs:ignore Magento2.Exceptions.DirectThrow - throw new \Exception("website_code GET parameter is not set."); -} - -// phpcs:ignore Magento2.Security.Superglobal -$websiteCode = urldecode($_GET['website_code']); -$rootDir = '../../../../'; -$websiteDir = $rootDir . 'websites/' . $websiteCode . '/'; -// phpcs:ignore Magento2.Functions.DiscouragedFunction -$contents = file_get_contents($rootDir . 'index.php'); +if (!empty($_POST['token']) && !empty($_POST['website_code'])) { + if (authenticate(urldecode($_POST['token']))) { + $websiteCode = urldecode($_POST['website_code']); + $rootDir = '../../../../'; + $websiteDir = $rootDir . 'websites/' . $websiteCode . '/'; + // phpcs:ignore Magento2.Functions.DiscouragedFunction + $contents = file_get_contents($rootDir . 'index.php'); -$websiteParam = << Date: Thu, 2 May 2019 09:51:35 -0500 Subject: [PATCH 2/3] MQE-1536: Magento\Install\Test\TestCase\InstallTest is failing - reverting MAGETWO-99210 --- .../Mtf/Util/Protocol/CurlTransport/BackendDecorator.php | 1 + dev/tests/functional/utils/authenticate.php | 5 +++++ dev/tests/functional/utils/command.php | 5 +++++ dev/tests/functional/utils/deleteMagentoGeneratedCode.php | 4 ++++ dev/tests/functional/utils/export.php | 7 ++++++- dev/tests/functional/utils/locales.php | 7 +++++++ dev/tests/functional/utils/log.php | 5 +++++ dev/tests/functional/utils/pathChecker.php | 5 +++++ dev/tests/functional/utils/website.php | 5 +++++ 9 files changed, 43 insertions(+), 1 deletion(-) diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php index 5999b52141f05..a9a082e2c0027 100644 --- a/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php +++ b/dev/tests/functional/lib/Magento/Mtf/Util/Protocol/CurlTransport/BackendDecorator.php @@ -109,6 +109,7 @@ protected function authorize() $isAuthorized = true; $_ENV['app_backend_url'] = $url; break; + // phpcs:ignore Magento2.Exceptions.ThrowCatch } catch (\Exception $e) { continue; } diff --git a/dev/tests/functional/utils/authenticate.php b/dev/tests/functional/utils/authenticate.php index 15851f6e8000a..958b692cbd385 100644 --- a/dev/tests/functional/utils/authenticate.php +++ b/dev/tests/functional/utils/authenticate.php @@ -9,12 +9,17 @@ * * @param string $token * @return bool + * + * phpcs:disable Squiz.Functions.GlobalFunction */ function authenticate($token) { + // phpcs:ignore Magento2.Security.IncludeFile require_once __DIR__ . '/../../../../app/bootstrap.php'; + // phpcs:ignore Magento2.Security.Superglobal $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER); + // phpcs:ignore Magento2.Security.Superglobal $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER); $tokenModel = $magentoObjectManager->get(\Magento\Integration\Model\Oauth\Token::class); diff --git a/dev/tests/functional/utils/command.php b/dev/tests/functional/utils/command.php index a3f6d1e19b4e9..9405f4ff7c4ca 100644 --- a/dev/tests/functional/utils/command.php +++ b/dev/tests/functional/utils/command.php @@ -13,20 +13,25 @@ // phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['command'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.Superglobal $command = urldecode($_POST['command']); // phpcs:ignore Magento2.Security.Superglobal $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER); // phpcs:ignore Magento2.Security.Superglobal $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER); $cli = $magentoObjectManager->create(\Magento\Framework\Console\Cli::class); + // phpcs:ignore Magento2.Functions.DiscouragedFunction $input = new StringInput(escapeshellcmd($command)); $input->setInteractive(false); $output = new NullOutput(); $cli->doRun($input, $output); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' or 'command' parameter is not set."; } diff --git a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php b/dev/tests/functional/utils/deleteMagentoGeneratedCode.php index dcdedcbeeb04a..bd4ed828202e1 100644 --- a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php +++ b/dev/tests/functional/utils/deleteMagentoGeneratedCode.php @@ -6,13 +6,17 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['path'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { // phpcs:ignore Magento2.Security.InsecureFunction exec('rm -rf ../../../../generated/*'); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' parameter is not set."; } diff --git a/dev/tests/functional/utils/export.php b/dev/tests/functional/utils/export.php index 5cdc74c880a76..df97c8db48406 100644 --- a/dev/tests/functional/utils/export.php +++ b/dev/tests/functional/utils/export.php @@ -6,9 +6,12 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['template'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { - $varDir = '../../../../var/'; + $varDir = '../../../../var/export/'; + // phpcs:ignore Magento2.Security.Superglobal $template = urldecode($_POST['template']); // phpcs:ignore Magento2.Functions.DiscouragedFunction $fileList = scandir($varDir, SCANDIR_SORT_NONE); @@ -30,8 +33,10 @@ // phpcs:ignore Magento2.Security.LanguageConstruct, Magento2.Security.InsecureFunction echo serialize($files); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' or 'template' parameter is not set."; } diff --git a/dev/tests/functional/utils/locales.php b/dev/tests/functional/utils/locales.php index 97c8932a9e6c0..40781ba8b68ec 100644 --- a/dev/tests/functional/utils/locales.php +++ b/dev/tests/functional/utils/locales.php @@ -6,11 +6,16 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.Superglobal if ($_POST['type'] == 'deployed') { + // phpcs:ignore Magento2.Security.Superglobal $themePath = isset($_POST['theme_path']) ? $_POST['theme_path'] : 'adminhtml/Magento/backend'; $directory = __DIR__ . '/../../../../pub/static/' . $themePath; + // phpcs:ignore Magento2.Functions.DiscouragedFunction $locales = array_diff(scandir($directory), ['..', '.']); } else { // phpcs:ignore Magento2.Security.IncludeFile @@ -21,8 +26,10 @@ // phpcs:ignore Magento2.Security.LanguageConstruct echo implode('|', $locales); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' parameter is not set."; } diff --git a/dev/tests/functional/utils/log.php b/dev/tests/functional/utils/log.php index cec2e1c0ad211..c07f52575504f 100644 --- a/dev/tests/functional/utils/log.php +++ b/dev/tests/functional/utils/log.php @@ -7,8 +7,11 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['name'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.Superglobal $name = urldecode($_POST['name']); if (preg_match('/\.\.(\\\|\/)/', $name)) { // phpcs:ignore Magento2.Exceptions.DirectThrow @@ -18,8 +21,10 @@ // phpcs:ignore Magento2.Security.InsecureFunction, Magento2.Functions.DiscouragedFunction, Magento2.Security.LanguageConstruct echo serialize(file_get_contents('../../../../var/log' . '/' . $name)); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' or 'name' parameter is not set."; } diff --git a/dev/tests/functional/utils/pathChecker.php b/dev/tests/functional/utils/pathChecker.php index ed1949d71768d..d4a59529fac44 100644 --- a/dev/tests/functional/utils/pathChecker.php +++ b/dev/tests/functional/utils/pathChecker.php @@ -6,8 +6,11 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['path'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.Superglobal $path = urldecode($_POST['path']); // phpcs:ignore Magento2.Functions.DiscouragedFunction if (file_exists('../../../../' . $path)) { @@ -18,8 +21,10 @@ echo 'path exists: false'; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' or 'path' parameter is not set."; } diff --git a/dev/tests/functional/utils/website.php b/dev/tests/functional/utils/website.php index 980dd557db6f7..859b60785e49d 100644 --- a/dev/tests/functional/utils/website.php +++ b/dev/tests/functional/utils/website.php @@ -6,8 +6,11 @@ // phpcs:ignore Magento2.Security.IncludeFile include __DIR__ . '/authenticate.php'; +// phpcs:ignore Magento2.Security.Superglobal if (!empty($_POST['token']) && !empty($_POST['website_code'])) { + // phpcs:ignore Magento2.Security.Superglobal if (authenticate(urldecode($_POST['token']))) { + // phpcs:ignore Magento2.Security.Superglobal $websiteCode = urldecode($_POST['website_code']); $rootDir = '../../../../'; $websiteDir = $rootDir . 'websites/' . $websiteCode . '/'; @@ -35,8 +38,10 @@ // phpcs:ignore Magento2.Functions.DiscouragedFunction file_put_contents($websiteDir . 'index.php', $contents); } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "Command not unauthorized."; } } else { + // phpcs:ignore Magento2.Security.LanguageConstruct echo "'token' or 'website_code' parameter is not set."; } From c6b1e108a16a41db59ac2ead340c7089a1c7ca2e Mon Sep 17 00:00:00 2001 From: Kevin Kozan Date: Wed, 1 May 2019 15:22:06 -0500 Subject: [PATCH 3/3] MQE-1532: Bump MFTF version in Magento - Flaky test fix (cherry picked from commit a445230) --- ...rtStorefrontShoppingCartSummaryWithShippingActionGroup.xml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/app/code/Magento/Checkout/Test/Mftf/ActionGroup/AssertStorefrontShoppingCartSummaryWithShippingActionGroup.xml b/app/code/Magento/Checkout/Test/Mftf/ActionGroup/AssertStorefrontShoppingCartSummaryWithShippingActionGroup.xml index 5eb3de3a1af82..dcb683a50125d 100644 --- a/app/code/Magento/Checkout/Test/Mftf/ActionGroup/AssertStorefrontShoppingCartSummaryWithShippingActionGroup.xml +++ b/app/code/Magento/Checkout/Test/Mftf/ActionGroup/AssertStorefrontShoppingCartSummaryWithShippingActionGroup.xml @@ -13,8 +13,6 @@ - - - +