/**
* Prepare collection
*
* @param int $securityEventType
* @param string $accountReference
* @param int $longIp
* @return \Magento\Security\Model\ResourceModel\PasswordResetRequestEvent\Collection
*/
protected function prepareCollection($securityEventType, $accountReference, $longIp)
{
if (null === $longIp) {
$longIp = $this->remoteAddress->getRemoteAddress();
}
$collection = $this->collectionFactory->create($securityEventType, $accountReference, $longIp);
$periodToCheck = $this->securityConfig->getLimitationTimePeriod();
$collection->filterByLifetime($periodToCheck);
return $collection;
}
/**
* Generate url for iframe for trial account popup.
*
* @return string
*/
public function _getIframeFormUrl()
{
$formUrl = \Dotdigitalgroup\Email\Helper\Config::API_CONNECTOR_TRIAL_FORM_URL;
$ipAddress = $this->remoteAddress->getRemoteAddress();
$timezone = $this->_getTimeZoneId();
$culture = $this->_getCultureId();
$company = $this->helper->getWebsiteConfig(\Magento\Store\Model\Information::XML_PATH_STORE_INFO_NAME);
$callback = $this->storeManager->getStore()->getBaseUrl(\Magento\Framework\UrlInterface::URL_TYPE_WEB, true) . 'connector/email/accountcallback';
//query params
$params = ['callback' => $callback, 'company' => $company, 'culture' => $culture, 'timezone' => $timezone, 'ip' => $ipAddress];
$url = $formUrl . '?' . http_build_query($params);
return $url;
}
/**
* {@inheritdoc}
*/
public function check($securityEventType, $accountReference = null, $longIp = null)
{
$isEnabled = $this->securityConfig->getPasswordResetProtectionType() != ResetMethod::OPTION_NONE;
$limitTimeBetweenRequests = $this->securityConfig->getMinTimeBetweenPasswordResetRequests();
if ($isEnabled && $limitTimeBetweenRequests) {
if (null === $longIp) {
$longIp = $this->remoteAddress->getRemoteAddress();
}
$lastRecordCreationTimestamp = $this->loadLastRecordCreationTimestamp($securityEventType, $accountReference, $longIp);
if ($lastRecordCreationTimestamp && $limitTimeBetweenRequests > $this->dateTime->gmtTimestamp() - $lastRecordCreationTimestamp) {
throw new SecurityViolationException(__('Too many password reset requests. Please wait and try again or contact %1.', $this->securityConfig->getCustomerServiceEmail()));
}
}
}
/**
* Get count attempts by ip
*
* @return null|int
*/
public function countAttemptsByRemoteAddress()
{
$ip = $this->_remoteAddress->getRemoteAddress();
if (!$ip) {
return 0;
}
$connection = $this->getConnection();
$select = $connection->select()->from($this->getMainTable(), 'count')->where('type = ?', self::TYPE_REMOTE_ADDRESS)->where('value = ?', $ip);
return $connection->fetchOne($select);
}
/**
* Perform security check
*
* @param int $requestType
* @param string|null $accountReference
* @param int|null $longIp
* @return $this
* @throws SecurityViolationException
*/
public function performSecurityCheck($requestType, $accountReference = null, $longIp = null)
{
if (null === $longIp) {
$longIp = $this->remoteAddress->getRemoteAddress();
}
foreach ($this->securityCheckers as $checker) {
$checker->check($requestType, $accountReference, $longIp);
}
$this->createNewPasswordResetRequestEventRecord($requestType, $accountReference, $longIp);
return $this;
}
/**
* Execute method.
*/
public function execute()
{
$params = $this->getRequest()->getParams();
//if ip is not in range or any of the required params not set send error response
if (!in_array($this->remoteAddress->getRemoteAddress(), $this->ipRange) or !isset($params['accountId']) or !isset($params['apiUser']) or !isset($params['pass'])) {
$this->sendAjaxResponse(true, $this->_getErrorHtml());
}
//if no value to any of the required params send error response
if (empty($params['accountId']) or empty($params['apiUser']) or empty($params['pass'])) {
$this->sendAjaxResponse(true, $this->_getErrorHtml());
}
$apiConfigStatus = $this->saveApiCreds($params['apiUser'], $params['pass']);
$dataFieldsStatus = $this->setupDataFields($params['apiUser'], $params['pass']);
$addressBookStatus = $this->createAddressBooks($params['apiUser'], $params['pass']);
$syncStatus = $this->enableSyncForTrial();
if (isset($params['apiEndpoint'])) {
$this->saveApiEndPoint($params['apiEndpoint']);
}
if ($apiConfigStatus && $dataFieldsStatus && $addressBookStatus && $syncStatus) {
$this->sendAjaxResponse(false, $this->_getSuccessHtml());
} else {
$this->sendAjaxResponse(true, $this->_getErrorHtml());
}
}
/**
* Prepare session environment data for validation
*
* @return array
*/
protected function _getSessionEnvironment()
{
$parts = [self::VALIDATOR_REMOTE_ADDR_KEY => '', self::VALIDATOR_HTTP_VIA_KEY => '', self::VALIDATOR_HTTP_X_FORWARDED_FOR_KEY => '', self::VALIDATOR_HTTP_USER_AGENT_KEY => ''];
// collect ip data
if ($this->_remoteAddress->getRemoteAddress()) {
$parts[self::VALIDATOR_REMOTE_ADDR_KEY] = $this->_remoteAddress->getRemoteAddress();
}
if (isset($_ENV['HTTP_VIA'])) {
$parts[self::VALIDATOR_HTTP_VIA_KEY] = (string) $_ENV['HTTP_VIA'];
}
if (isset($_ENV['HTTP_X_FORWARDED_FOR'])) {
$parts[self::VALIDATOR_HTTP_X_FORWARDED_FOR_KEY] = (string) $_ENV['HTTP_X_FORWARDED_FOR'];
}
// collect user agent data
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$parts[self::VALIDATOR_HTTP_USER_AGENT_KEY] = (string) $_SERVER['HTTP_USER_AGENT'];
}
return $parts;
}
/**
* @param bool $ipToLong
* @dataProvider dataProviderBoolValues
*/
public function testGetRemoteIp($ipToLong)
{
$this->remoteAddressMock->expects($this->once())->method('getRemoteAddress')->will($this->returnValue($ipToLong));
$this->assertEquals($ipToLong, $this->helper->getRemoteIp($ipToLong));
}
/**
* Get checkout quote instance by current session
*
* @return Quote
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
public function getQuote()
{
$this->_eventManager->dispatch('custom_quote_process', ['checkout_session' => $this]);
if ($this->_quote === null) {
$quote = $this->quoteFactory->create();
if ($this->getQuoteId()) {
try {
if ($this->_loadInactive) {
$quote = $this->quoteRepository->get($this->getQuoteId());
} else {
$quote = $this->quoteRepository->getActive($this->getQuoteId());
}
/**
* If current currency code of quote is not equal current currency code of store,
* need recalculate totals of quote. It is possible if customer use currency switcher or
* store switcher.
*/
if ($quote->getQuoteCurrencyCode() != $this->_storeManager->getStore()->getCurrentCurrencyCode()) {
$quote->setStore($this->_storeManager->getStore());
$this->quoteRepository->save($quote->collectTotals());
/*
* We mast to create new quote object, because collectTotals()
* can to create links with other objects.
*/
$quote = $this->quoteRepository->get($this->getQuoteId());
}
} catch (\Magento\Framework\Exception\NoSuchEntityException $e) {
$this->setQuoteId(null);
}
}
if (!$this->getQuoteId()) {
if ($this->_customerSession->isLoggedIn() || $this->_customer) {
$customerId = $this->_customer ? $this->_customer->getId() : $this->_customerSession->getCustomerId();
try {
$quote = $this->quoteRepository->getActiveForCustomer($customerId);
$this->setQuoteId($quote->getId());
} catch (\Magento\Framework\Exception\NoSuchEntityException $e) {
}
} else {
$quote->setIsCheckoutCart(true);
$this->_eventManager->dispatch('checkout_quote_init', ['quote' => $quote]);
}
}
if ($this->_customer) {
$quote->setCustomer($this->_customer);
} elseif ($this->_customerSession->isLoggedIn()) {
$quote->setCustomer($this->customerRepository->getById($this->_customerSession->getCustomerId()));
}
$quote->setStore($this->_storeManager->getStore());
$this->_quote = $quote;
}
if (!$this->isQuoteMasked() && !$this->_customerSession->isLoggedIn() && $this->getQuoteId()) {
$quoteId = $this->getQuoteId();
/** @var $quoteIdMask \Magento\Quote\Model\QuoteIdMask */
$quoteIdMask = $this->quoteIdMaskFactory->create()->load($quoteId, 'quote_id');
if ($quoteIdMask->getMaskedId() === null) {
$quoteIdMask->setQuoteId($quoteId)->save();
}
$this->setIsQuoteMasked(true);
}
$remoteAddress = $this->_remoteAddress->getRemoteAddress();
if ($remoteAddress) {
$this->_quote->setRemoteIp($remoteAddress);
$xForwardIp = $this->request->getServer('HTTP_X_FORWARDED_FOR');
$this->_quote->setXForwardedFor($xForwardIp);
}
return $this->_quote;
}
/**
* Return count of sent in last period by IP address
*
* @param bool $increment - flag, increase count before return value
* @return int
*/
protected function _sentCountByIp($increment = false)
{
$time = time();
$period = $this->_sendfriendData->getPeriod();
$websiteId = $this->_storeManager->getStore()->getWebsiteId();
if ($increment) {
// delete expired logs
$this->_getResource()->deleteLogsBefore($time - $period);
// add new item
$this->_getResource()->addSendItem($this->remoteAddress->getRemoteAddress(true), $time, $websiteId);
}
return $this->_getResource()->getSendCount($this, $this->remoteAddress->getRemoteAddress(true), time() - $period, $websiteId);
}
/**
* @param [] $whiteIps
* @param string $remoteIp
* @param bool $isCurrentIp
* @dataProvider isCurrentIpDataProvider
*/
public function testIsCurrentIp($whiteIps, $remoteIp, $isCurrentIp)
{
$this->remoteAddress->expects($this->atLeastOnce())->method('getRemoteAddress')->willReturn($remoteIp);
$this->assertEquals($isCurrentIp, $this->request->isCurrentIp($whiteIps));
}
/**
* Create new record
*
* @return $this
*/
protected function createNewSession()
{
$this->adminSessionInfoFactory->create()->setData(['session_id' => $this->authSession->getSessionId(), 'user_id' => $this->authSession->getUser()->getId(), 'ip' => $this->remoteAddress->getRemoteAddress(), 'status' => AdminSessionInfo::LOGGED_IN])->save();
return $this;
}
/**
* @param array $whiteIps
* @return bool
*/
public function isCurrentIp($whiteIps)
{
$remoteIp = $this->remoteAddress->getRemoteAddress();
return !empty($whiteIps) && !empty($remoteIp) && array_search($remoteIp, $whiteIps) !== false;
}
/**
* Initialize visitor information from server data
*
* @return $this
*/
public function initServerData()
{
$clean = true;
$this->addData(['server_addr' => $this->serverAddress->getServerAddress(true), 'remote_addr' => $this->remoteAddress->getRemoteAddress(true), 'http_secure' => $this->storeManager->getStore()->isCurrentlySecure(), 'http_host' => $this->httpHeader->getHttpHost($clean), 'http_user_agent' => $this->httpHeader->getHttpUserAgent($clean), 'http_accept_language' => $this->httpHeader->getHttpAcceptLanguage($clean), 'http_accept_charset' => $this->httpHeader->getHttpAcceptCharset($clean), 'request_uri' => $this->httpHeader->getRequestUri($clean), 'http_referer' => $this->httpHeader->getHttpReferer($clean)]);
return $this;
}
public function testGetRemoteAddress()
{
$this->assertEquals(false, $this->_helper->getRemoteAddress());
}
/**
* Get checkout quote instance by current session
*
* @return Quote
*/
public function getQuote()
{
$this->_eventManager->dispatch('custom_quote_process', array('checkout_session' => $this));
if ($this->_quote === null) {
/** @var $quote Quote */
$quote = $this->_quoteFactory->create()->setStoreId($this->_storeManager->getStore()->getId());
if ($this->getQuoteId()) {
if ($this->_loadInactive) {
$quote->load($this->getQuoteId());
} else {
$quote->loadActive($this->getQuoteId());
}
if ($quote->getId()) {
/**
* If current currency code of quote is not equal current currency code of store,
* need recalculate totals of quote. It is possible if customer use currency switcher or
* store switcher.
*/
if ($quote->getQuoteCurrencyCode() != $this->_storeManager->getStore()->getCurrentCurrencyCode()) {
$quote->setStore($this->_storeManager->getStore());
$quote->collectTotals()->save();
/*
* We mast to create new quote object, because collectTotals()
* can to create links with other objects.
*/
$quote = $this->_quoteFactory->create()->setStoreId($this->_storeManager->getStore()->getId());
$quote->load($this->getQuoteId());
}
} else {
$this->setQuoteId(null);
}
}
if (!$this->getQuoteId()) {
if ($this->_customerSession->isLoggedIn() || $this->_customer) {
$customerId = $this->_customer ? $this->_customer->getId() : $this->_customerSession->getCustomerId();
$quote->loadByCustomer($customerId);
$this->setQuoteId($quote->getId());
} else {
$quote->setIsCheckoutCart(true);
$this->_eventManager->dispatch('checkout_quote_init', array('quote' => $quote));
}
}
if ($this->getQuoteId()) {
if ($this->_customer) {
$quote->setCustomerData($this->_customer);
} else {
if ($this->_customerSession->isLoggedIn()) {
$quote->setCustomerData($this->_customerSession->getCustomerDataObject());
}
}
}
$quote->setStore($this->_storeManager->getStore());
$this->_quote = $quote;
}
if ($remoteAddr = $this->_remoteAddress->getRemoteAddress()) {
$this->_quote->setRemoteIp($remoteAddr);
$xForwardIp = $this->request->getServer('HTTP_X_FORWARDED_FOR');
$this->_quote->setXForwardedFor($xForwardIp);
}
return $this->_quote;
}
/**
* @return string
*/
public function getRemoteIp()
{
return $this->remoteAddress->getRemoteAddress(false);
}
