public function testGetIfFlagExist()
{
$this->_requestMock->expects($this->never())->method('getActionName');
$this->_requestMock->expects($this->exactly(3))->method('getRequestedRouteName')->will($this->returnValue('route'));
$this->_requestMock->expects($this->exactly(3))->method('getRequestedControllerName')->will($this->returnValue('controller'));
$this->_actionFlag->set('action', 'flag', 'value');
$this->assertEquals('value', $this->_actionFlag->get('action', 'flag'));
}
/**
* Dispatch request
*
* @param \Magento\Framework\App\Action\Action $subject
* @param callable $proceed
* @param \Magento\Framework\App\RequestInterface $request
* @return \Magento\Framework\App\ResponseInterface
*/
public function aroundDispatch(\Magento\Framework\App\Action\Action $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request)
{
if (!$this->_appState->isInstalled()) {
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->_response->setRedirect($this->_url->getUrl('install'));
return $this->_response;
}
return $proceed($request);
}
/**
* Redirects tracking popup to specific URL
* @param \Magento\Framework\Event\Observer $observer
*
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$shippingInfoModel = $this->_shippingInfoFactory->create()->loadByHash($this->_request->getParam('hash'));
if ($url = $this->shipmentHelper->getTrackingUrlByShippingInfo($shippingInfoModel)) {
$controller = $observer->getControllerAction();
$controller->getResponse()->setRedirect($url);
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
}
return $observer;
}
/**
* Check CAPTCHA on Contact Us page
*
* @param \Magento\Framework\Event\Observer $observer
* @return void
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'contact_us';
$captcha = $this->_helper->getCaptcha($formId);
if ($captcha->isRequired()) {
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getControllerAction();
if (!$captcha->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) {
$this->messageManager->addError(__('Incorrect CAPTCHA.'));
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->redirect->redirect($controller->getResponse(), 'contact/index/index');
}
}
}
/**
* Performs redirect to login for checkout
* @param RedirectLoginInterface $expressRedirect
* @param string|null $customerBeforeAuthUrlDefault
* @return void
*/
public function redirectLogin(RedirectLoginInterface $expressRedirect, $customerBeforeAuthUrlDefault = null)
{
$this->_actionFlag->set('', 'no-dispatch', true);
foreach ($expressRedirect->getActionFlagList() as $actionKey => $actionFlag) {
$this->_actionFlag->set('', $actionKey, $actionFlag);
}
$expressRedirect->getResponse()->setRedirect($this->_objectManager->get('Magento\\Framework\\Url\\Helper\\Data')->addRequestParam($expressRedirect->getLoginUrl(), ['context' => 'checkout']));
$customerBeforeAuthUrl = $customerBeforeAuthUrlDefault;
if ($expressRedirect->getCustomerBeforeAuthUrl()) {
$customerBeforeAuthUrl = $expressRedirect->getCustomerBeforeAuthUrl();
}
if ($customerBeforeAuthUrl) {
$this->_customerSession->setBeforeAuthUrl($customerBeforeAuthUrl);
}
}
/**
* Check captcha on user login page
*
* @param \Magento\Framework\Event\Observer $observer
* @throws NoSuchEntityException
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'user_login';
$captchaModel = $this->_helper->getCaptcha($formId);
$controller = $observer->getControllerAction();
$loginParams = $controller->getRequest()->getPost('login');
$login = is_array($loginParams) && array_key_exists('username', $loginParams) ? $loginParams['username'] : null;
if ($captchaModel->isRequired($login)) {
$word = $this->captchaStringResolver->resolve($controller->getRequest(), $formId);
if (!$captchaModel->isCorrect($word)) {
try {
$customer = $this->getCustomerRepository()->get($login);
$this->getAuthentication()->processAuthenticationFailure($customer->getId());
} catch (NoSuchEntityException $e) {
//do nothing as customer existance is validated later in authenticate method
}
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->_session->setUsername($login);
$beforeUrl = $this->_session->getBeforeAuthUrl();
$url = $beforeUrl ? $beforeUrl : $this->_customerUrl->getLoginUrl();
$controller->getResponse()->setRedirect($url);
}
}
$captchaModel->logAttempt($login);
return $this;
}
/**
* Force admin to change password
*
* @param EventObserver $observer
* @return void
*/
public function execute(EventObserver $observer)
{
if (!$this->observerConfig->isPasswordChangeForced()) {
return;
}
if (!$this->authSession->isLoggedIn()) {
return;
}
$actionList = ['adminhtml_system_account_index', 'adminhtml_system_account_save', 'adminhtml_auth_logout'];
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getEvent()->getControllerAction();
/** @var \Magento\Framework\App\RequestInterface $request */
$request = $observer->getEvent()->getRequest();
if ($this->authSession->getPciAdminUserIsPasswordExpired()) {
if (!in_array($request->getFullActionName(), $actionList)) {
if ($this->authorization->isAllowed('Magento_Backend::myaccount')) {
$controller->getResponse()->setRedirect($this->url->getUrl('adminhtml/system_account/'));
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_POST_DISPATCH, true);
} else {
/*
* if admin password is expired and access to 'My Account' page is denied
* than we need to do force logout with error message
*/
$this->authSession->clearStorage();
$this->session->clearStorage();
$this->messageManager->addErrorMessage(__('Your password has expired; please contact your administrator.'));
$controller->getRequest()->setDispatched(false);
}
}
}
}
/**
* Check Captcha On Forgot Password Page
*
* @param \Magento\Framework\Event\Observer $observer
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$captchaModel = $this->helper->getCaptcha(self::FORM_ID);
if ($captchaModel->isRequired()) {
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getControllerAction();
if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), self::FORM_ID))) {
try {
$customer = $this->customerRepository->getById($this->customerSession->getCustomerId());
$this->accountManagementHelper->processCustomerLockoutData($customer->getId());
$this->customerRepository->save($customer);
} catch (NoSuchEntityException $e) {
//do nothing as customer existance is validated later in authenticate method
}
$this->workWithLock();
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->redirect->redirect($controller->getResponse(), '*/*/edit');
}
}
$customer = $this->customerSession->getCustomer();
$login = $customer->getEmail();
$captchaModel->logAttempt($login);
return $this;
}
/**
* Check Captcha On Forgot Password Page
*
* @param \Magento\Framework\Event\Observer $observer
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$captchaModel = $this->helper->getCaptcha(self::FORM_ID);
if ($captchaModel->isRequired()) {
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getControllerAction();
if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), self::FORM_ID))) {
$customerId = $this->customerSession->getCustomerId();
$this->authentication->processAuthenticationFailure($customerId);
if ($this->authentication->isLocked($customerId)) {
$this->customerSession->logout();
$this->customerSession->start();
$message = __('The account is locked. Please wait and try again or contact %1.', $this->scopeConfig->getValue('contact/email/recipient_email'));
$this->messageManager->addError($message);
}
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->redirect->redirect($controller->getResponse(), '*/*/edit');
}
}
$customer = $this->customerSession->getCustomer();
$login = $customer->getEmail();
$captchaModel->logAttempt($login);
return $this;
}
/**
* Check Captcha On Checkout as Guest Page
*
* @param \Magento\Framework\Event\Observer $observer
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'guest_checkout';
$captchaModel = $this->_helper->getCaptcha($formId);
$checkoutMethod = $this->_typeOnepage->getQuote()->getCheckoutMethod();
if ($checkoutMethod == \Magento\Checkout\Model\Type\Onepage::METHOD_GUEST) {
if ($captchaModel->isRequired()) {
$controller = $observer->getControllerAction();
if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) {
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$result = ['error' => 1, 'message' => __('Incorrect CAPTCHA')];
$controller->getResponse()->representJson($this->jsonHelper->jsonEncode($result));
}
}
}
return $this;
}
/**
* Check Captcha On User Login Page
*
* @param \Magento\Framework\Event\Observer $observer
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'user_create';
$captchaModel = $this->_helper->getCaptcha($formId);
if ($captchaModel->isRequired()) {
/** @var \Magento\Framework\App\Action\Action $controller */
$controller = $observer->getControllerAction();
if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) {
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->_session->setCustomerFormData($controller->getRequest()->getPostValue());
$url = $this->_urlManager->getUrl('*/*/create', ['_nosecret' => true]);
$controller->getResponse()->setRedirect($this->redirect->error($url));
}
}
return $this;
}
/**
* Check Captcha On User Login Backend Page
*
* @param \Magento\Framework\Event\Observer $observer
* @throws \Magento\Framework\Exception\Plugin\AuthenticationException
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'backend_forgotpassword';
$captchaModel = $this->_helper->getCaptcha($formId);
$controller = $observer->getControllerAction();
$email = (string) $observer->getControllerAction()->getRequest()->getParam('email');
$params = $observer->getControllerAction()->getRequest()->getParams();
if (!empty($email) && !empty($params)) {
if ($captchaModel->isRequired()) {
if (!$captchaModel->isCorrect($this->captchaStringResolver->resolve($controller->getRequest(), $formId))) {
$this->_session->setEmail((string) $controller->getRequest()->getPost('email'));
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$controller->getResponse()->setRedirect($controller->getUrl('*/*/forgotpassword', ['_nosecret' => true]));
}
}
}
return $this;
}
/**
* Check Captcha On User Login Page
*
* @param \Magento\Framework\Event\Observer $observer
* @return $this
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$formId = 'user_login';
$captchaModel = $this->_helper->getCaptcha($formId);
$controller = $observer->getControllerAction();
$loginParams = $controller->getRequest()->getPost('login');
$login = array_key_exists('username', $loginParams) ? $loginParams['username'] : null;
if ($captchaModel->isRequired($login)) {
$word = $this->captchaStringResolver->resolve($controller->getRequest(), $formId);
if (!$captchaModel->isCorrect($word)) {
$this->messageManager->addError(__('Incorrect CAPTCHA'));
$this->_actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
$this->_session->setUsername($login);
$beforeUrl = $this->_session->getBeforeAuthUrl();
$url = $beforeUrl ? $beforeUrl : $this->_customerUrl->getLoginUrl();
$controller->getResponse()->setRedirect($url);
}
}
$captchaModel->logAttempt($login);
return $this;
}
/**
* Checks, whether Magento requires redirection after successful admin login, and redirects user, if needed
*
* @param \Magento\Framework\App\RequestInterface $request
* @return bool
*/
protected function _redirectIfNeededAfterLogin(\Magento\Framework\App\RequestInterface $request)
{
$requestUri = null;
// Checks, whether secret key is required for admin access or request uri is explicitly set
if ($this->_url->useSecretKey()) {
$requestUri = $this->_url->getUrl('*/*/*', ['_current' => true]);
} elseif ($request) {
$requestUri = $request->getRequestUri();
}
if (!$requestUri) {
return false;
}
$this->_response->setRedirect($requestUri);
$this->_actionFlag->set('', \Magento\Framework\App\ActionInterface::FLAG_NO_DISPATCH, true);
return true;
}
