public function testGetIfFlagExist() { $this->_requestMock->expects($this->never())->method('getActionName'); $this->_requestMock->expects($this->exactly(3))->method('getRequestedRouteName')->will($this->returnValue('route')); $this->_requestMock->expects($this->exactly(3))->method('getRequestedControllerName')->will($this->returnValue('controller')); $this->_actionFlag->set('action', 'flag', 'value'); $this->assertEquals('value', $this->_actionFlag->get('action', 'flag')); }
/** * Dispatch request * * @param \Magento\Framework\App\Action\Action $subject * @param callable $proceed * @param \Magento\Framework\App\RequestInterface $request * @return \Magento\Framework\App\ResponseInterface */ public function aroundDispatch(\Magento\Framework\App\Action\Action $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request) { if (!$this->_appState->isInstalled()) { $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->_response->setRedirect($this->_url->getUrl('install')); return $this->_response; } return $proceed($request); }
/** * Redirects tracking popup to specific URL * @param \Magento\Framework\Event\Observer $observer * * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $shippingInfoModel = $this->_shippingInfoFactory->create()->loadByHash($this->_request->getParam('hash')); if ($url = $this->shipmentHelper->getTrackingUrlByShippingInfo($shippingInfoModel)) { $controller = $observer->getControllerAction(); $controller->getResponse()->setRedirect($url); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); } return $observer; }
/** * Check CAPTCHA on Contact Us page * * @param \Magento\Framework\Event\Observer $observer * @return void */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'contact_us'; $captcha = $this->_helper->getCaptcha($formId); if ($captcha->isRequired()) { /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getControllerAction(); if (!$captcha->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) { $this->messageManager->addError(__('Incorrect CAPTCHA.')); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->redirect->redirect($controller->getResponse(), 'contact/index/index'); } } }
/** * Performs redirect to login for checkout * @param RedirectLoginInterface $expressRedirect * @param string|null $customerBeforeAuthUrlDefault * @return void */ public function redirectLogin(RedirectLoginInterface $expressRedirect, $customerBeforeAuthUrlDefault = null) { $this->_actionFlag->set('', 'no-dispatch', true); foreach ($expressRedirect->getActionFlagList() as $actionKey => $actionFlag) { $this->_actionFlag->set('', $actionKey, $actionFlag); } $expressRedirect->getResponse()->setRedirect($this->_objectManager->get('Magento\\Framework\\Url\\Helper\\Data')->addRequestParam($expressRedirect->getLoginUrl(), ['context' => 'checkout'])); $customerBeforeAuthUrl = $customerBeforeAuthUrlDefault; if ($expressRedirect->getCustomerBeforeAuthUrl()) { $customerBeforeAuthUrl = $expressRedirect->getCustomerBeforeAuthUrl(); } if ($customerBeforeAuthUrl) { $this->_customerSession->setBeforeAuthUrl($customerBeforeAuthUrl); } }
/** * Check captcha on user login page * * @param \Magento\Framework\Event\Observer $observer * @throws NoSuchEntityException * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'user_login'; $captchaModel = $this->_helper->getCaptcha($formId); $controller = $observer->getControllerAction(); $loginParams = $controller->getRequest()->getPost('login'); $login = is_array($loginParams) && array_key_exists('username', $loginParams) ? $loginParams['username'] : null; if ($captchaModel->isRequired($login)) { $word = $this->captchaStringResolver->resolve($controller->getRequest(), $formId); if (!$captchaModel->isCorrect($word)) { try { $customer = $this->getCustomerRepository()->get($login); $this->getAuthentication()->processAuthenticationFailure($customer->getId()); } catch (NoSuchEntityException $e) { //do nothing as customer existance is validated later in authenticate method } $this->messageManager->addError(__('Incorrect CAPTCHA')); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->_session->setUsername($login); $beforeUrl = $this->_session->getBeforeAuthUrl(); $url = $beforeUrl ? $beforeUrl : $this->_customerUrl->getLoginUrl(); $controller->getResponse()->setRedirect($url); } } $captchaModel->logAttempt($login); return $this; }
/** * Force admin to change password * * @param EventObserver $observer * @return void */ public function execute(EventObserver $observer) { if (!$this->observerConfig->isPasswordChangeForced()) { return; } if (!$this->authSession->isLoggedIn()) { return; } $actionList = ['adminhtml_system_account_index', 'adminhtml_system_account_save', 'adminhtml_auth_logout']; /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getEvent()->getControllerAction(); /** @var \Magento\Framework\App\RequestInterface $request */ $request = $observer->getEvent()->getRequest(); if ($this->authSession->getPciAdminUserIsPasswordExpired()) { if (!in_array($request->getFullActionName(), $actionList)) { if ($this->authorization->isAllowed('Magento_Backend::myaccount')) { $controller->getResponse()->setRedirect($this->url->getUrl('adminhtml/system_account/')); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_POST_DISPATCH, true); } else { /* * if admin password is expired and access to 'My Account' page is denied * than we need to do force logout with error message */ $this->authSession->clearStorage(); $this->session->clearStorage(); $this->messageManager->addErrorMessage(__('Your password has expired; please contact your administrator.')); $controller->getRequest()->setDispatched(false); } } } }
/** * Check Captcha On Forgot Password Page * * @param \Magento\Framework\Event\Observer $observer * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $captchaModel = $this->helper->getCaptcha(self::FORM_ID); if ($captchaModel->isRequired()) { /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getControllerAction(); if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), self::FORM_ID))) { try { $customer = $this->customerRepository->getById($this->customerSession->getCustomerId()); $this->accountManagementHelper->processCustomerLockoutData($customer->getId()); $this->customerRepository->save($customer); } catch (NoSuchEntityException $e) { //do nothing as customer existance is validated later in authenticate method } $this->workWithLock(); $this->messageManager->addError(__('Incorrect CAPTCHA')); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->redirect->redirect($controller->getResponse(), '*/*/edit'); } } $customer = $this->customerSession->getCustomer(); $login = $customer->getEmail(); $captchaModel->logAttempt($login); return $this; }
/** * Check Captcha On Forgot Password Page * * @param \Magento\Framework\Event\Observer $observer * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $captchaModel = $this->helper->getCaptcha(self::FORM_ID); if ($captchaModel->isRequired()) { /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getControllerAction(); if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), self::FORM_ID))) { $customerId = $this->customerSession->getCustomerId(); $this->authentication->processAuthenticationFailure($customerId); if ($this->authentication->isLocked($customerId)) { $this->customerSession->logout(); $this->customerSession->start(); $message = __('The account is locked. Please wait and try again or contact %1.', $this->scopeConfig->getValue('contact/email/recipient_email')); $this->messageManager->addError($message); } $this->messageManager->addError(__('Incorrect CAPTCHA')); $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->redirect->redirect($controller->getResponse(), '*/*/edit'); } } $customer = $this->customerSession->getCustomer(); $login = $customer->getEmail(); $captchaModel->logAttempt($login); return $this; }
/** * Check Captcha On Checkout as Guest Page * * @param \Magento\Framework\Event\Observer $observer * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'guest_checkout'; $captchaModel = $this->_helper->getCaptcha($formId); $checkoutMethod = $this->_typeOnepage->getQuote()->getCheckoutMethod(); if ($checkoutMethod == \Magento\Checkout\Model\Type\Onepage::METHOD_GUEST) { if ($captchaModel->isRequired()) { $controller = $observer->getControllerAction(); if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) { $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $result = ['error' => 1, 'message' => __('Incorrect CAPTCHA')]; $controller->getResponse()->representJson($this->jsonHelper->jsonEncode($result)); } } } return $this; }
/** * Check Captcha On User Login Page * * @param \Magento\Framework\Event\Observer $observer * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'user_create'; $captchaModel = $this->_helper->getCaptcha($formId); if ($captchaModel->isRequired()) { /** @var \Magento\Framework\App\Action\Action $controller */ $controller = $observer->getControllerAction(); if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) { $this->messageManager->addError(__('Incorrect CAPTCHA')); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->_session->setCustomerFormData($controller->getRequest()->getPostValue()); $url = $this->_urlManager->getUrl('*/*/create', ['_nosecret' => true]); $controller->getResponse()->setRedirect($this->redirect->error($url)); } } return $this; }
/** * Check Captcha On User Login Backend Page * * @param \Magento\Framework\Event\Observer $observer * @throws \Magento\Framework\Exception\Plugin\AuthenticationException * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'backend_forgotpassword'; $captchaModel = $this->_helper->getCaptcha($formId); $controller = $observer->getControllerAction(); $email = (string) $observer->getControllerAction()->getRequest()->getParam('email'); $params = $observer->getControllerAction()->getRequest()->getParams(); if (!empty($email) && !empty($params)) { if ($captchaModel->isRequired()) { if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) { $this->_session->setEmail((string) $controller->getRequest()->getPost('email')); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->messageManager->addError(__('Incorrect CAPTCHA')); $controller->getResponse()->setRedirect($controller->getUrl('*/*/forgotpassword', ['_nosecret' => true])); } } } return $this; }
/** * Check Captcha On User Login Page * * @param \Magento\Framework\Event\Observer $observer * @return $this */ public function execute(\Magento\Framework\Event\Observer $observer) { $formId = 'user_login'; $captchaModel = $this->_helper->getCaptcha($formId); $controller = $observer->getControllerAction(); $loginParams = $controller->getRequest()->getPost('login'); $login = array_key_exists('username', $loginParams) ? $loginParams['username'] : null; if ($captchaModel->isRequired($login)) { $word = $this->captchaStringResolver->resolve($controller->getRequest(), $formId); if (!$captchaModel->isCorrect($word)) { $this->messageManager->addError(__('Incorrect CAPTCHA')); $this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true); $this->_session->setUsername($login); $beforeUrl = $this->_session->getBeforeAuthUrl(); $url = $beforeUrl ? $beforeUrl : $this->_customerUrl->getLoginUrl(); $controller->getResponse()->setRedirect($url); } } $captchaModel->logAttempt($login); return $this; }
/** * Checks, whether Magento requires redirection after successful admin login, and redirects user, if needed * * @param \Magento\Framework\App\RequestInterface $request * @return bool */ protected function _redirectIfNeededAfterLogin(\Magento\Framework\App\RequestInterface $request) { $requestUri = null; // Checks, whether secret key is required for admin access or request uri is explicitly set if ($this->_url->useSecretKey()) { $requestUri = $this->_url->getUrl('*/*/*', ['_current' => true]); } elseif ($request) { $requestUri = $request->getRequestUri(); } if (!$requestUri) { return false; } $this->_response->setRedirect($requestUri); $this->_actionFlag->set('', \Magento\Framework\App\ActionInterface::FLAG_NO_DISPATCH, true); return true; }