Skip to content
This repository has been archived by the owner on Dec 19, 2019. It is now read-only.

Added validation for store id in CMS Block #870

Closed
wants to merge 7 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions app/code/Magento/CmsGraphQl/Model/Resolver/Blocks.php
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
use Magento\Framework\GraphQl\Exception\GraphQlNoSuchEntityException;
use Magento\Framework\GraphQl\Query\ResolverInterface;
use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
use Magento\Store\Api\Data\StoreInterface;

/**
* CMS blocks field resolver, used for GraphQL request processing
Expand Down Expand Up @@ -46,7 +47,8 @@ public function resolve(
) {

$blockIdentifiers = $this->getBlockIdentifiers($args);
$blocksData = $this->getBlocksData($blockIdentifiers);
$currentStore = $context->getExtensionAttributes()->getStore();
$blocksData = $this->getBlocksData($blockIdentifiers, $currentStore);

$resultData = [
'items' => $blocksData,
Expand Down Expand Up @@ -74,15 +76,15 @@ private function getBlockIdentifiers(array $args): array
* Get blocks data
*
* @param array $blockIdentifiers
* @param StoreInterface $currentStore
* @return array
* @throws GraphQlNoSuchEntityException
*/
private function getBlocksData(array $blockIdentifiers): array
private function getBlocksData(array $blockIdentifiers, StoreInterface $currentStore): array
{
$blocksData = [];
foreach ($blockIdentifiers as $blockIdentifier) {
try {
$blocksData[$blockIdentifier] = $this->blockDataProvider->getData($blockIdentifier);
$blocksData[$blockIdentifier] = $this->blockDataProvider->getData($blockIdentifier, $currentStore);
} catch (NoSuchEntityException $e) {
$blocksData[$blockIdentifier] = new GraphQlNoSuchEntityException(__($e->getMessage()), $e);
}
Expand Down
35 changes: 25 additions & 10 deletions app/code/Magento/CmsGraphQl/Model/Resolver/DataProvider/Block.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,12 @@

namespace Magento\CmsGraphQl\Model\Resolver\DataProvider;

use Magento\Cms\Api\BlockRepositoryInterface;
use Magento\Cms\Api\Data\BlockInterface;
use Magento\Cms\Model\Block as BlockModel;
use Magento\Cms\Model\ResourceModel\Block\Collection as BlockCollection;
use Magento\Cms\Model\ResourceModel\Block\CollectionFactory as BlockCollectionFactory;
use Magento\Framework\Exception\NoSuchEntityException;
use Magento\Store\Api\Data\StoreInterface;
use Magento\Widget\Model\Template\FilterEmulate;

/**
Expand All @@ -18,38 +21,50 @@
class Block
{
/**
* @var BlockRepositoryInterface
* @var FilterEmulate
*/
private $blockRepository;
private $widgetFilter;

/**
* @var FilterEmulate
* @var BlockCollectionFactory
*/
private $widgetFilter;
private $blockCollectionFactory;

/**
* @param BlockRepositoryInterface $blockRepository
* @param BlockCollectionFactory $blockCollectionFactory
* @param FilterEmulate $widgetFilter
*/
public function __construct(
BlockRepositoryInterface $blockRepository,
BlockCollectionFactory $blockCollectionFactory,
FilterEmulate $widgetFilter
) {
$this->blockRepository = $blockRepository;
$this->widgetFilter = $widgetFilter;
$this->blockCollectionFactory = $blockCollectionFactory;
}

/**
* Get block data
*
* @param string $blockIdentifier
* @param StoreInterface $currentStore
* @return array
* @throws NoSuchEntityException
*/
public function getData(string $blockIdentifier): array
public function getData(string $blockIdentifier, StoreInterface $currentStore): array
{
$block = $this->blockRepository->getById($blockIdentifier);
$filterBy = BlockInterface::IDENTIFIER;
$storeId = (int)$currentStore->getId();
if (is_numeric($blockIdentifier)) {
$filterBy = BlockInterface::BLOCK_ID;
}

/** @var BlockCollection $collection */
$collection = $this->blockCollectionFactory->create();
$collection->addFieldToFilter($filterBy, ["eq" => $blockIdentifier]);
$collection->addFieldToFilter("store_id", ["eq" => $storeId]);

/** @var BlockModel $block */
$block = $collection->getFirstItem();
if (false === $block->isActive()) {
throw new NoSuchEntityException(
__('The CMS block with the "%1" ID doesn\'t exist.', $blockIdentifier)
Expand Down
1 change: 1 addition & 0 deletions app/code/Magento/CmsGraphQl/composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
"require": {
"php": "~7.1.3||~7.2.0||~7.3.0",
"magento/framework": "*",
"magento/module-store": "*",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"magento/module-store": "*",
"magento/module-store": "*",

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

??? I don't see any changes or comment @lenaorobei

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

magento/module-store is redundant dependency

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I don't set it, I get the error: Module Magento\CmsGraphQl has undeclared dependencies: hard [Magento\Store]

"magento/module-cms": "*",
"magento/module-widget": "*"
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -203,4 +203,32 @@ public function testGetEnabledAndDisabledCmsBlockInOneRequest()
$responseData['errors'][0]['message']
);
}

/**
* Verify the message when CMS Block exists but not available for a store view.
*
* @magentoApiDataFixture Magento/Cms/_files/blocks.php
* @magentoApiDataFixture Magento/Store/_files/second_store.php
* @expectedException \Exception
* @expectedExceptionMessage The CMS block with the "enabled_block" ID doesn't exist.
*/
public function testGetCmsBlockByIdentifierWithDifferentStoreView()
{
$query =
<<<QUERY
{
cmsBlocks(identifiers: "enabled_block") {
items {
identifier
title
content
}
}
}
QUERY;

$nonExistingStoreCode = "fixture_second_store";
$headerMapInvalidStoreCode = ['Store' => $nonExistingStoreCode];
$this->graphQlQuery($query, [], '', $headerMapInvalidStoreCode);
}
}