Skip to content

Commit 083765e

Browse files
committed
NEXT-21034 - Dont restore permissions
1 parent ed56bf1 commit 083765e

File tree

4 files changed

+24
-29
lines changed

4 files changed

+24
-29
lines changed

Diff for: src/Core/Framework/Api/Controller/SalesChannelProxyController.php

+1
Original file line numberDiff line numberDiff line change
@@ -198,6 +198,7 @@ public function assignCustomer(Request $request, Context $context): Response
198198
PlatformRequest::HEADER_CONTEXT_TOKEN => $salesChannelContext->getToken(),
199199
], \JSON_THROW_ON_ERROR);
200200
$response = new Response();
201+
$response->headers->set('content-type', 'application/json');
201202
$response->setContent($content ?: null);
202203

203204
return $response;

Diff for: src/Core/System/SalesChannel/Context/CartRestorer.php

+2-1
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ public function restore(string $customerId, SalesChannelContext $currentContext)
4646
$customerId
4747
);
4848

49-
if (empty($customerPayload) || !($customerPayload['expired'] ?? false) && $customerPayload['token'] === $currentContext->getToken()) {
49+
if (empty($customerPayload) || !empty($customerPayload['permissions']) || !($customerPayload['expired'] ?? false) && $customerPayload['token'] === $currentContext->getToken()) {
5050
return $this->replaceContextToken($customerId, $currentContext);
5151
}
5252

@@ -114,6 +114,7 @@ private function replaceContextToken(string $customerId, SalesChannelContext $cu
114114
'customerId' => $customerId,
115115
'billingAddressId' => null,
116116
'shippingAddressId' => null,
117+
'permissions' => [],
117118
],
118119
$currentContext->getSalesChannel()->getId(),
119120
$customerId

Diff for: src/Core/System/SalesChannel/Context/SalesChannelContextPersister.php

+5-2
Original file line numberDiff line numberDiff line change
@@ -32,11 +32,14 @@ public function __construct(Connection $connection, EventDispatcherInterface $ev
3232
$this->lifetimeInterval = $lifetimeInterval ?? 'P1D';
3333
}
3434

35-
public function save(string $token, array $parameters, string $salesChannelId, ?string $customerId = null): void
35+
public function save(string $token, array $newParameters, string $salesChannelId, ?string $customerId = null): void
3636
{
3737
$existing = $this->load($token, $salesChannelId, $customerId);
3838

39-
$parameters = array_replace_recursive($existing, $parameters);
39+
$parameters = array_replace_recursive($existing, $newParameters);
40+
if (isset($newParameters['permissions']) && $newParameters['permissions'] === []) {
41+
$parameters['permissions'] = [];
42+
}
4043

4144
unset($parameters['token']);
4245

Diff for: src/Core/System/Test/SalesChannel/Context/CartRestorerTest.php

+16-26
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,10 @@
1212
use Shopware\Core\Checkout\Cart\LineItem\LineItemCollection;
1313
use Shopware\Core\Checkout\Cart\SalesChannel\CartService;
1414
use Shopware\Core\Checkout\Customer\CustomerEntity;
15-
use Shopware\Core\Checkout\Payment\Cart\PaymentHandler\PrePayment;
1615
use Shopware\Core\Content\Product\Aggregate\ProductVisibility\ProductVisibilityDefinition;
1716
use Shopware\Core\Defaults;
1817
use Shopware\Core\Framework\Context;
19-
use Shopware\Core\Framework\DataAbstractionLayer\EntityRepositoryInterface;
2018
use Shopware\Core\Framework\DataAbstractionLayer\Search\Criteria;
21-
use Shopware\Core\Framework\DataAbstractionLayer\Search\Filter\EqualsFilter;
2219
use Shopware\Core\Framework\Feature;
2320
use Shopware\Core\Framework\Test\TestCaseBase\IntegrationTestBehaviour;
2421
use Shopware\Core\Framework\Util\Random;
@@ -33,6 +30,7 @@
3330
use Shopware\Core\Test\TestDefaults;
3431
use Symfony\Component\EventDispatcher\EventDispatcher;
3532
use Symfony\Contracts\EventDispatcher\Event;
33+
use function json_encode;
3634

3735
class CartRestorerTest extends TestCase
3836
{
@@ -325,33 +323,25 @@ public function testCartMergedEventIsFiredWithCustomerCart(): void
325323
static::assertEquals(5, $p2->getQuantity());
326324
}
327325

328-
private function getStateId(string $state, string $machine)
326+
public function testPermissionsAreIgnoredOnRestoer(): void
329327
{
330-
return $this->getContainer()->get(Connection::class)
331-
->fetchColumn('
332-
SELECT LOWER(HEX(state_machine_state.id))
333-
FROM state_machine_state
334-
INNER JOIN state_machine
335-
ON state_machine.id = state_machine_state.state_machine_id
336-
AND state_machine.technical_name = :machine
337-
WHERE state_machine_state.technical_name = :state
338-
', [
339-
'state' => $state,
340-
'machine' => $machine,
341-
]);
342-
}
328+
$currentContextToken = Random::getAlphanumericString(32);
343329

344-
private function getPrePaymentMethodId(): string
345-
{
346-
/** @var EntityRepositoryInterface $repository */
347-
$repository = $this->getContainer()->get('payment_method.repository');
330+
$currentContext = $this->createSalesChannelContext($currentContextToken, []);
348331

349-
$criteria = (new Criteria())
350-
->setLimit(1)
351-
->addFilter(new EqualsFilter('active', true))
352-
->addFilter(new EqualsFilter('handlerIdentifier', PrePayment::class));
332+
$con = $this->getContainer()->get(Connection::class);
333+
334+
$con->insert('sales_channel_api_context', [
335+
'token' => Random::getAlphanumericString(32),
336+
'payload' => json_encode(['expired' => false, 'customerId' => $this->customerId, 'permissions' => ['foo']], \JSON_THROW_ON_ERROR),
337+
'sales_channel_id' => Uuid::fromHexToBytes($currentContext->getSalesChannelId()),
338+
'customer_id' => Uuid::fromHexToBytes($this->customerId),
339+
'updated_at' => (new \DateTime())->format(Defaults::STORAGE_DATE_TIME_FORMAT),
340+
]);
341+
342+
$restoreContext = $this->cartRestorer->restore($this->customerId, $currentContext);
353343

354-
return $repository->searchIds($criteria, Context::createDefaultContext())->getIds()[0];
344+
static::assertSame([], $restoreContext->getPermissions());
355345
}
356346

357347
private function createProduct(Context $context): string

0 commit comments

Comments
 (0)