[Api][Cart] Fix for Cart access tests #11830
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Tomanhez
commented
Sep 10, 2020
Tomanhez
commented
| Q | A |
|---|---|
| Branch? | 1.8 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| License | MIT |
Tomanhez
force-pushed
the
fix-for-authorization
branch
from
4650cdd
to
fb8168d
Compare
lchrusciel
reviewed
Sep 10, 2020
src/Sylius/Bundle/ApiBundle/Doctrine/QueryItemExtension/OrderMethodsItemExtension.php
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/Doctrine/QueryItemExtension/OrderMethodsItemExtension.php
Outdated
Show resolved
Hide resolved
Tomanhez
force-pushed
the
fix-for-authorization
branch
9 times, most recently
from
b89007f
to
19f0a19
Compare
Tomanhez
changed the title
AdamKasp
reviewed
Sep 16, 2020
features/cart/shopping_cart/allowing_access_only_for_correctly_logged_in_users.feature
Outdated
Show resolved
Hide resolved
features/cart/shopping_cart/clearing_cart_after_logging_out.feature
Outdated
Show resolved
Hide resolved
features/cart/shopping_cart/clearing_cart_after_logging_out.feature
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/Context/CartVisitorsCustomerContext.php
Outdated
Show resolved
Hide resolved
GSadee
requested changes
Sep 17, 2020
features/cart/shopping_cart/allowing_access_only_for_correctly_logged_in_users.feature
Outdated
Show resolved
Hide resolved
features/cart/shopping_cart/clearing_cart_after_logging_out.feature
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/CommandHandler/PickupCartHandler.php
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/Doctrine/QueryItemExtension/OrderGetMethodItemExtension.php
Outdated
Show resolved
Hide resolved
Tomanhez
force-pushed
the
fix-for-authorization
branch
from
19f0a19
to
c384acf
Compare
lchrusciel
reviewed
Sep 22, 2020
src/Sylius/Bundle/ApiBundle/Doctrine/QueryItemExtension/OrderGetMethodItemExtension.php
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/CommandHandler/PickupCartHandler.php
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/CommandHandler/Checkout/AddressOrderHandler.php
Outdated
Show resolved
Hide resolved
src/Sylius/Bundle/ApiBundle/Doctrine/QueryItemExtension/OrderMethodsItemExtension.php
Outdated
Show resolved
Hide resolved
Tomanhez
force-pushed
the
fix-for-authorization
branch
from
365f0f7
to
51eb736
Compare
AdamKasp
reviewed
Sep 23, 2020
GSadee
reviewed
Sep 23, 2020
src/Sylius/Bundle/ApiBundle/CommandHandler/Checkout/AddressOrderHandler.php
Outdated
Show resolved
Hide resolved
Tomanhez
force-pushed
the
fix-for-authorization
branch
2 times, most recently
from
365b8df
to
0efc057
Compare
Tomanhez
commented
Sep 23, 2020
| @@ -11,7 +11,7 @@ Feature: Checking out as guest with a registered email | |||
| And the store allows paying offline | |||
| And there is a customer account "john@example.com" | |||
|
|
|||
| @ui @api | |||
There was a problem hiding this comment.
This step is temporarily disabled and will be fixed in next iteration, We have secured the customers cart against operating by unauthorized visitor. But now user that has account in shop and try to buy something without login can't do this. Blocked by query in OrderGetMethodItemExtension.php and OrderMethodsItemExtension.php , As a visitor the query allow to get or to set order for situation when: customer == null or customer.user == null, but in this specific case should allow to continue shops when customer.user == certainUser, Possibility solution: create context that will be store customer id after addressing step.
Tomanhez
force-pushed
the
fix-for-authorization
branch
from
0efc057
to
0045578
Compare
GSadee
approved these changes
Sep 23, 2020
|
Thanks, Tomasz! 🎉 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.