Merge pull request #7591 from magento-arcticfoxes/B2B-2204

B2B-2204: Implement Toggle For Enabling/Disabling Session Support for…

Author: joanhe

app/code/Magento/DirectoryGraphQl/Controller/HttpHeaderProcessor/CurrencyProcessor.php

@@ -30,6 +30,7 @@ class CurrencyProcessor implements HttpHeaderProcessorInterface
 
     /**
      * @var SessionManagerInterface
+     * @deprecated
      */
     private $session;
 
@@ -65,37 +66,21 @@ public function __construct(
     public function processHeaderValue(string $headerValue) : void
     {
         try {
-            if (!empty($headerValue)) {
-                $headerCurrency = strtoupper(ltrim(rtrim($headerValue)));
-                /** @var \Magento\Store\Model\Store $currentStore */
-                $currentStore = $this->storeManager->getStore();
-                if (in_array($headerCurrency, $currentStore->getAvailableCurrencyCodes(true))) {
-                    $currentStore->setCurrentCurrencyCode($headerCurrency);
-                } else {
-                    /** @var \Magento\Store\Model\Store $store */
-                    $store = $this->storeManager->getStore() ?? $this->storeManager->getDefaultStoreView();
-                    //skip store not found exception as it will be handled in graphql validation
-                    $this->logger->warning(__('Currency not allowed for store %1', [$store->getCode()]));
-                    $this->httpContext->setValue(
-                        HttpContext::CONTEXT_CURRENCY,
-                        $headerCurrency,
-                        $store->getDefaultCurrency()->getCode()
-                    );
-                }
+            $currentStore = $this->storeManager->getStore();
+            $defaultCode = $currentStore->getDefaultCurrency()->getCode();
+            if (empty($headerValue)) {
+                $this->httpContext->setValue(
+                    HttpContext::CONTEXT_CURRENCY,
+                    $currentStore->getCurrentCurrency()->getCode(),
+                    $defaultCode
+                );
             } else {
-                if ($this->session->getCurrencyCode()) {
-                    /** @var \Magento\Store\Model\Store $currentStore */
-                    $currentStore = $this->storeManager->getStore() ?? $this->storeManager->getDefaultStoreView();
-                    $currentStore->setCurrentCurrencyCode($this->session->getCurrencyCode());
-                } else {
-                    /** @var \Magento\Store\Model\Store $store */
-                    $store = $this->storeManager->getStore() ?? $this->storeManager->getDefaultStoreView();
-                    $this->httpContext->setValue(
-                        HttpContext::CONTEXT_CURRENCY,
-                        $store->getCurrentCurrency()->getCode(),
-                        $store->getDefaultCurrency()->getCode()
-                    );
+                $headerCurrency = strtoupper(trim($headerValue));
+                if (!in_array($headerCurrency, $currentStore->getAvailableCurrencyCodes(true))) {
+                    //skip store not found exception as it will be handled in graphql validation
+                    $this->logger->warning(__('Currency not allowed for store %1', [$currentStore->getCode()]));
                 }
+                $this->httpContext->setValue(HttpContext::CONTEXT_CURRENCY, $headerCurrency, $defaultCode);
             }
         } catch (\Magento\Framework\Exception\NoSuchEntityException $e) {
             //skip store not found exception as it will be handled in graphql validation

app/code/Magento/GraphQl/Model/Config/DisableSession.php

@@ -0,0 +1,53 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\GraphQl\Model\Config;
+
+use Magento\Framework\App\Config\ScopeConfigInterface;
+
+/**
+ * Session disable in graphql configuration model.
+ */
+class DisableSession
+{
+    private const XML_PATH_GRAPHQL_DISABLE_SESSION = 'graphql/session/disable';
+
+    /**
+     * @var ScopeConfigInterface
+     */
+    private $scopeConfig;
+
+    /**
+     * @param ScopeConfigInterface $scopeConfig
+     */
+    public function __construct(ScopeConfigInterface $scopeConfig)
+    {
+        $this->scopeConfig = $scopeConfig;
+    }
+
+    /**
+     * Get config value is session disabled for grapqhl area.
+     *
+     * @param string $scopeType
+     * @param null|int|string $scopeCode
+     * @return bool
+     */
+    public function isDisabled($scopeType = ScopeConfigInterface::SCOPE_TYPE_DEFAULT, $scopeCode = null): bool
+    {
+        $value = $this->scopeConfig->getValue(
+            self::XML_PATH_GRAPHQL_DISABLE_SESSION,
+            $scopeType,
+            $scopeCode
+        );
+
+        if ($value === '1') {
+            return true;
+        }
+
+        return false;
+    }
+}

app/code/Magento/GraphQl/Plugin/DisableSession.php

@@ -0,0 +1,65 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\GraphQl\Plugin;
+
+use Magento\Framework\App\Area;
+use Magento\Framework\App\State;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Session\SessionStartChecker;
+use Magento\GraphQl\Model\Config\DisableSession as DisableSessionConfig;
+
+/**
+ * Disable session in graphql area if configured.
+ */
+class DisableSession
+{
+    /**
+     * @var DisableSessionConfig
+     */
+    private $disableSessionConfig;
+
+    /**
+     * @var State
+     */
+    private $appState;
+
+    /**
+     * @param DisableSessionConfig $disableSessionConfig
+     * @param State $appState
+     */
+    public function __construct(
+        DisableSessionConfig $disableSessionConfig,
+        State $appState
+    ) {
+        $this->disableSessionConfig = $disableSessionConfig;
+        $this->appState = $appState;
+    }
+
+    /**
+     * Prevents session starting while in graphql area and session is disabled in config.
+     *
+     * @param SessionStartChecker $subject
+     * @param bool $result
+     * @return bool
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     * @SuppressWarnings(PHPMD.EmptyCatchBlock)
+     */
+    public function afterCheck(SessionStartChecker $subject, bool $result): bool
+    {
+        if (!$result) {
+            return false;
+        }
+        try {
+            if ($this->appState->getAreaCode() === Area::AREA_GRAPHQL && $this->disableSessionConfig->isDisabled()) {
+                $result = false;
+            }
+        } catch (LocalizedException $e) {} finally { //@codingStandardsIgnoreLine
+            return $result;
+        }
+    }
+}

app/code/Magento/GraphQl/Test/Unit/Model/Config/DisableSessionTest.php

@@ -0,0 +1,67 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\GraphQl\Test\Unit\Model\Config;
+
+use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
+use Magento\GraphQl\Model\Config\DisableSession;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Test for DisableSession config model.
+ */
+class DisableSessionTest extends TestCase
+{
+    /**
+     * @var ScopeConfigInterface|MockObject
+     */
+    private $scopeConfigMock;
+
+    /**
+     * @var DisableSession
+     */
+    private $model;
+
+    /**
+     * @inheirtDoc
+     */
+    public function setUp(): void
+    {
+        $this->scopeConfigMock = $this->getMockForAbstractClass(ScopeConfigInterface::class);
+        $this->model = (new ObjectManager($this))->getObject(
+            DisableSession::class,
+            ['scopeConfig' => $this->scopeConfigMock]
+        );
+    }
+
+    /**
+     * @dataProvider disableSessionDataProvider
+     */
+    public function testisSessionDisabled($configValue, $expectedResult)
+    {
+        $this->scopeConfigMock->expects($this->any())->method('getValue')->willReturn($configValue);
+        $this->assertEquals($expectedResult, $this->model->isDisabled());
+    }
+
+    /**
+     * Data provider for session disabled config test.
+     * @return array[]
+     */
+    public function disableSessionDataProvider()
+    {
+        return [
+            ['configValue' => '1', true],
+            ['configValue' => '0', false],
+            ['configValue' => '11', false],
+            ['configValue' => null, false],
+            ['configValue' => '', false],
+            ['configValue' => 'adfjsadf', false],
+        ];
+    }
+}

app/code/Magento/GraphQl/Test/Unit/Plugin/DisableSessionTest.php

@@ -0,0 +1,126 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\GraphQl\Test\Unit\Plugin;
+
+use Magento\Framework\App\State;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\Session\SessionStartChecker;
+use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
+use Magento\GraphQl\Model\Config\DisableSession;
+use Magento\GraphQl\Plugin\DisableSession as DisableSessionPlugin;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Test for DisableSession plugin.
+ */
+class DisableSessionTest extends TestCase
+{
+    /**
+     * @var DisableSession|MockObject
+     */
+    private $disableSessionConfigMock;
+
+    /**
+     * @var State|MockObject
+     */
+    private $appStateMock;
+
+    /**
+     * @var DisableSessionPlugin
+     */
+    private $model;
+
+    /**
+     * @var SessionStartChecker|MockObject
+     */
+    private $sessionStartCheckerMock;
+
+    public function setUp(): void
+    {
+        $this->disableSessionConfigMock = $this->createMock(DisableSession::class);
+        $this->appStateMock = $this->createMock(State::class);
+        $this->sessionStartCheckerMock = $this->createMock(SessionStartChecker::class);
+        $this->model = (new ObjectManager($this))->getObject(
+            DisableSessionPlugin::class,
+            [
+                'disableSessionConfig' => $this->disableSessionConfigMock,
+                'appState' => $this->appStateMock
+            ]
+        );
+    }
+
+    /**
+     * Test afterCheck plugin result over original method result.
+     *
+     * @param string $area
+     * @param bool $config
+     * @param bool $methodResult
+     * @param bool $expectedResult
+     * @return void
+     * @dataProvider testAfterCheckDataProvider
+     */
+    public function testAfterCheck(string $area, bool $config, bool $methodResult, bool $expectedResult)
+    {
+        $this->disableSessionConfigMock->expects($this->any())->method('isDisabled')->willReturn($config);
+        $this->appStateMock->expects($this->any())->method('getAreaCode')->willReturn($area);
+        $this->assertEquals($expectedResult, $this->model->afterCheck($this->sessionStartCheckerMock, $methodResult));
+    }
+
+    /**
+     * Data provider for testAfterCheck.
+     *
+     * @return array[]
+     */
+    public function testAfterCheckDataProvider()
+    {
+        return [
+            ['area' => 'graphql', 'config' => true, 'methodResult' =>  false, 'expected' => false],
+            ['area' => 'graphql', 'config' => true, 'methodResult' =>  true, 'expected' => false],
+            ['area' => 'graphql', 'config' => false, 'methodResult' =>  true, 'expected' => true],
+            ['area' => 'graphql', 'config' => false, 'methodResult' =>  false, 'expected' => false],
+            ['area' => 'other', 'config' => false, 'methodResult' =>  false, 'expected' => false],
+            ['area' => 'other', 'config' => true, 'methodResult' =>  false, 'expected' => false],
+            ['area' => 'other', 'config' => true, 'methodResult' =>  true, 'expected' => true],
+            ['area' => 'other', 'config' => false, 'methodResult' =>  true, 'expected' => true],
+        ];
+    }
+
+    /**
+     * Test afterCheck plugin result over original method result when no area code set.
+     *
+     * @param bool $config
+     * @param bool $methodResult
+     * @param bool $expectedResult
+     * @return void
+     * @dataProvider testAfterCheckDataProviderNoAreaCode
+     */
+    public function testAfterCheckNoArea(bool $config, bool $methodResult, bool $expectedResult)
+    {
+        $this->disableSessionConfigMock->expects($this->any())->method('isDisabled')->willReturn($config);
+        $this->appStateMock->expects($this->any())
+            ->method('getAreaCode')
+            ->willThrowException(new LocalizedException(__('Are code not set')));
+        $this->assertEquals($expectedResult, $this->model->afterCheck($this->sessionStartCheckerMock, $methodResult));
+    }
+
+    /**
+     * Data provider for testAfterCheck.
+     *
+     * @return array[]
+     */
+    public function testAfterCheckDataProviderNoAreaCode()
+    {
+        return [
+            ['config' => true, 'methodResult' =>  true, 'expected' => true],
+            ['config' => true, 'methodResult' =>  false, 'expected' => false],
+            ['config' => false, 'methodResult' =>  true, 'expected' => true],
+            ['config' => false, 'methodResult' =>  false, 'expected' => false],
+        ];
+    }
+}

app/code/Magento/GraphQl/etc/adminhtml/system.xml

@@ -26,6 +26,14 @@
                     </depends>
                 </field>
             </group>
+            <group id="graphql_session" translate="label" type="text" sortOrder="20" showInDefault="0" showInWebsite="0" showInStore="0">
+                <label>GraphQl Session Management</label>
+                <field id="disabled" translate="label" type="select" sortOrder="20" showInDefault="0" showInWebsite="0" showInStore="0">
+                    <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                    <label>Disable session</label>
+                    <config_path>graphql/session/disable</config_path>
+                </field>
+            </group>
         </section>
     </system>
 </config>