From 5c5d60ccff593a83c50785cf59e15e2a0ec686ef Mon Sep 17 00:00:00 2001 From: Joan He Date: Tue, 28 Apr 2015 17:29:19 -0500 Subject: [PATCH] MAGETWO-23159: [GITHUB] Area Sessions: Magento 2 Should not Allow "area-less" Sessions During an Area Aware Request #526 --- .../Magento/Backend/Model/Auth/Session.php | 7 +- app/code/Magento/Backend/Model/Session.php | 33 -- .../Magento/Backend/Model/Session/Quote.php | 7 +- .../Test/Unit/Model/Session/QuoteTest.php | 10 +- app/code/Magento/Catalog/Model/Session.php | 2 +- app/code/Magento/Checkout/Model/Session.php | 7 +- app/code/Magento/Customer/Model/Session.php | 7 +- app/code/Magento/Newsletter/Model/Session.php | 2 +- .../Framework/Session/SessionManagerTest.php | 335 +++++++++++------- .../Magento/Framework/Message/Session.php | 2 +- .../Magento/Framework/Session/Generic.php | 34 -- .../Framework/Session/SessionManager.php | 28 +- setup/src/Magento/Setup/Model/Installer.php | 3 + .../Setup/Test/Unit/Model/InstallerTest.php | 9 + 14 files changed, 267 insertions(+), 219 deletions(-) diff --git a/app/code/Magento/Backend/Model/Auth/Session.php b/app/code/Magento/Backend/Model/Auth/Session.php index fec438f70c744..d5cf7e86c4b8a 100644 --- a/app/code/Magento/Backend/Model/Auth/Session.php +++ b/app/code/Magento/Backend/Model/Auth/Session.php @@ -61,9 +61,11 @@ class Session extends \Magento\Framework\Session\SessionManager implements \Mage * @param \Magento\Framework\Session\StorageInterface $storage * @param CookieManagerInterface $cookieManager * @param CookieMetadataFactory $cookieMetadataFactory + * @param \Magento\Framework\App\State $appState * @param \Magento\Framework\Acl\Builder $aclBuilder * @param \Magento\Backend\Model\UrlInterface $backendUrl * @param \Magento\Backend\App\ConfigInterface $config + * @throws \Magento\Framework\Exception\SessionException * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( @@ -75,6 +77,7 @@ public function __construct( \Magento\Framework\Session\StorageInterface $storage, CookieManagerInterface $cookieManager, CookieMetadataFactory $cookieMetadataFactory, + \Magento\Framework\App\State $appState, \Magento\Framework\Acl\Builder $aclBuilder, \Magento\Backend\Model\UrlInterface $backendUrl, \Magento\Backend\App\ConfigInterface $config @@ -90,9 +93,9 @@ public function __construct( $validator, $storage, $cookieManager, - $cookieMetadataFactory + $cookieMetadataFactory, + $appState ); - $this->start(); } /** diff --git a/app/code/Magento/Backend/Model/Session.php b/app/code/Magento/Backend/Model/Session.php index c0719bb2ecf9e..6dd5af4a3c548 100644 --- a/app/code/Magento/Backend/Model/Session.php +++ b/app/code/Magento/Backend/Model/Session.php @@ -9,39 +9,6 @@ class Session extends \Magento\Framework\Session\SessionManager { - /** - * @param \Magento\Framework\App\Request\Http $request - * @param \Magento\Framework\Session\SidResolverInterface $sidResolver - * @param \Magento\Framework\Session\Config\ConfigInterface $sessionConfig - * @param \Magento\Framework\Session\SaveHandlerInterface $saveHandler - * @param \Magento\Framework\Session\ValidatorInterface $validator - * @param \Magento\Framework\Session\StorageInterface $storage - * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager - * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory - */ - public function __construct( - \Magento\Framework\App\Request\Http $request, - \Magento\Framework\Session\SidResolverInterface $sidResolver, - \Magento\Framework\Session\Config\ConfigInterface $sessionConfig, - \Magento\Framework\Session\SaveHandlerInterface $saveHandler, - \Magento\Framework\Session\ValidatorInterface $validator, - \Magento\Framework\Session\StorageInterface $storage, - \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, - \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory - ) { - parent::__construct( - $request, - $sidResolver, - $sessionConfig, - $saveHandler, - $validator, - $storage, - $cookieManager, - $cookieMetadataFactory - ); - $this->start(); - } - /** * Skip path validation in backend area * diff --git a/app/code/Magento/Backend/Model/Session/Quote.php b/app/code/Magento/Backend/Model/Session/Quote.php index 2f1f75ab07e92..16d39fd25e4e1 100644 --- a/app/code/Magento/Backend/Model/Session/Quote.php +++ b/app/code/Magento/Backend/Model/Session/Quote.php @@ -83,11 +83,13 @@ class Quote extends \Magento\Framework\Session\SessionManager * @param \Magento\Framework\Session\StorageInterface $storage * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory + * @param \Magento\Framework\App\State $appState * @param CustomerRepositoryInterface $customerRepository * @param \Magento\Quote\Model\QuoteRepository $quoteRepository * @param \Magento\Sales\Model\OrderFactory $orderFactory * @param \Magento\Store\Model\StoreManagerInterface $storeManager * @param GroupManagementInterface $groupManagement + * @throws \Magento\Framework\Exception\SessionException * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( @@ -99,6 +101,7 @@ public function __construct( \Magento\Framework\Session\StorageInterface $storage, \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory, + \Magento\Framework\App\State $appState, CustomerRepositoryInterface $customerRepository, \Magento\Quote\Model\QuoteRepository $quoteRepository, \Magento\Sales\Model\OrderFactory $orderFactory, @@ -118,9 +121,9 @@ public function __construct( $validator, $storage, $cookieManager, - $cookieMetadataFactory + $cookieMetadataFactory, + $appState ); - $this->start(); if ($this->_storeManager->hasSingleStore()) { $this->setStoreId($this->_storeManager->getStore(true)->getId()); } diff --git a/app/code/Magento/Backend/Test/Unit/Model/Session/QuoteTest.php b/app/code/Magento/Backend/Test/Unit/Model/Session/QuoteTest.php index 13f906bee346b..d092a33375c62 100644 --- a/app/code/Magento/Backend/Test/Unit/Model/Session/QuoteTest.php +++ b/app/code/Magento/Backend/Test/Unit/Model/Session/QuoteTest.php @@ -182,6 +182,13 @@ protected function setUp() '', false ); + $appStateMock = $this->getMock( + 'Magento\Framework\App\State', + [], + [], + '', + false + ); $this->storeManagerMock = $this->getMockForAbstractClass( 'Magento\Store\Model\StoreManagerInterface', [], @@ -201,11 +208,12 @@ protected function setUp() 'storage' => $this->storageMock, 'cookieManager' => $this->cookieManagerMock, 'cookieMetadataFactory' => $this->cookieMetadataFactoryMock, + 'appState' => $appStateMock, 'customerRepository' => $this->customerRepositoryMock, 'quoteRepository' => $this->quoteRepositoryMock, 'orderFactory' => $this->orderFactoryMock, 'storeManager' => $this->storeManagerMock, - 'groupManagement' => $this->groupManagementMock + 'groupManagement' => $this->groupManagementMock, ], '', true diff --git a/app/code/Magento/Catalog/Model/Session.php b/app/code/Magento/Catalog/Model/Session.php index b61175b11e7da..d7a3748c2810b 100644 --- a/app/code/Magento/Catalog/Model/Session.php +++ b/app/code/Magento/Catalog/Model/Session.php @@ -8,6 +8,6 @@ /** * Catalog session model */ -class Session extends \Magento\Framework\Session\Generic +class Session extends \Magento\Framework\Session\SessionManager { } diff --git a/app/code/Magento/Checkout/Model/Session.php b/app/code/Magento/Checkout/Model/Session.php index 0f7d18e41355b..da634e082756d 100644 --- a/app/code/Magento/Checkout/Model/Session.php +++ b/app/code/Magento/Checkout/Model/Session.php @@ -90,6 +90,7 @@ class Session extends \Magento\Framework\Session\SessionManager * @param \Magento\Framework\Session\StorageInterface $storage * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory + * @param \Magento\Framework\App\State $appState * @param \Magento\Sales\Model\OrderFactory $orderFactory * @param \Magento\Customer\Model\Session $customerSession * @param \Magento\Quote\Model\QuoteRepository $quoteRepository @@ -97,6 +98,7 @@ class Session extends \Magento\Framework\Session\SessionManager * @param \Magento\Framework\Event\ManagerInterface $eventManager * @param \Magento\Store\Model\StoreManagerInterface $storeManager * @param \Magento\Customer\Api\CustomerRepositoryInterface $customerRepository + * @throws \Magento\Framework\Exception\SessionException * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( @@ -108,6 +110,7 @@ public function __construct( \Magento\Framework\Session\StorageInterface $storage, \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory, + \Magento\Framework\App\State $appState, \Magento\Sales\Model\OrderFactory $orderFactory, \Magento\Customer\Model\Session $customerSession, \Magento\Quote\Model\QuoteRepository $quoteRepository, @@ -131,9 +134,9 @@ public function __construct( $validator, $storage, $cookieManager, - $cookieMetadataFactory + $cookieMetadataFactory, + $appState ); - $this->start(); } /** diff --git a/app/code/Magento/Customer/Model/Session.php b/app/code/Magento/Customer/Model/Session.php index c01cd99d642cf..4212be78b5911 100644 --- a/app/code/Magento/Customer/Model/Session.php +++ b/app/code/Magento/Customer/Model/Session.php @@ -102,6 +102,7 @@ class Session extends \Magento\Framework\Session\SessionManager * @param \Magento\Framework\Session\StorageInterface $storage * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory + * @param \Magento\Framework\App\State $appState * @param Share $configShare * @param \Magento\Framework\Url\Helper\Data $coreUrl * @param \Magento\Customer\Model\Url $customerUrl @@ -113,6 +114,7 @@ class Session extends \Magento\Framework\Session\SessionManager * @param \Magento\Framework\App\Http\Context $httpContext * @param CustomerRepositoryInterface $customerRepository * @param GroupManagementInterface $groupManagement + * @throws \Magento\Framework\Exception\SessionException * @SuppressWarnings(PHPMD.ExcessiveParameterList) */ public function __construct( @@ -124,6 +126,7 @@ public function __construct( \Magento\Framework\Session\StorageInterface $storage, \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory, + \Magento\Framework\App\State $appState, Config\Share $configShare, \Magento\Framework\Url\Helper\Data $coreUrl, \Magento\Customer\Model\Url $customerUrl, @@ -154,9 +157,9 @@ public function __construct( $validator, $storage, $cookieManager, - $cookieMetadataFactory + $cookieMetadataFactory, + $appState ); - $this->start(); $this->groupManagement = $groupManagement; $this->_eventManager->dispatch('customer_session_init', ['customer_session' => $this]); } diff --git a/app/code/Magento/Newsletter/Model/Session.php b/app/code/Magento/Newsletter/Model/Session.php index 18d680df14260..2ffb0b2f25236 100644 --- a/app/code/Magento/Newsletter/Model/Session.php +++ b/app/code/Magento/Newsletter/Model/Session.php @@ -8,7 +8,7 @@ /** * Newsletter session model */ -class Session extends \Magento\Framework\Session\Generic +class Session extends \Magento\Framework\Session\SessionManager { /** * Set error message diff --git a/dev/tests/integration/testsuite/Magento/Framework/Session/SessionManagerTest.php b/dev/tests/integration/testsuite/Magento/Framework/Session/SessionManagerTest.php index c8379e5e9c39f..18a4314710c3d 100644 --- a/dev/tests/integration/testsuite/Magento/Framework/Session/SessionManagerTest.php +++ b/dev/tests/integration/testsuite/Magento/Framework/Session/SessionManagerTest.php @@ -3,153 +3,214 @@ * Copyright © 2015 Magento. All rights reserved. * See COPYING.txt for license details. */ -namespace Magento\Framework\Session; - -class SessionManagerTest extends \PHPUnit_Framework_TestCase -{ - /** - * @var \Magento\Framework\Session\SessionManagerInterface - */ - protected $_model; - - /** - * @var \Magento\Framework\Session\SidResolverInterface - */ - protected $_sidResolver; - - /** - * @var string - */ - protected $sessionName; - - /** - * @var \Magento\Framework\App\RequestInterface - */ - protected $request; - - protected function setUp() - { - $this->sessionName = 'frontEndSession'; - - ini_set('session.use_only_cookies', '0'); - ini_set('session.name', $this->sessionName); - - $objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager(); - - /** @var \Magento\Framework\Session\SidResolverInterface $sidResolver */ - $this->_sidResolver = $objectManager->get('Magento\Framework\Session\SidResolverInterface'); - - $this->request = $objectManager->get('Magento\Framework\App\RequestInterface'); - - /** @var \Magento\Framework\Session\SessionManager _model */ - $this->_model = $objectManager->create( - 'Magento\Framework\Session\SessionManager', - [ - $this->request, - $this->_sidResolver, - $objectManager->get('Magento\Framework\Session\Config\ConfigInterface'), - $objectManager->get('Magento\Framework\Session\SaveHandlerInterface'), - $objectManager->get('Magento\Framework\Session\ValidatorInterface'), - $objectManager->get('Magento\Framework\Session\StorageInterface') - ] - ); - } - - public function testSessionNameFromIni() - { - $this->_model->start(); - $this->assertSame($this->sessionName, $this->_model->getName()); - $this->_model->destroy(); - } - - public function testSessionUseOnlyCookies() - { - $expectedValue = '1'; - $sessionUseOnlyCookies = ini_get('session.use_only_cookies'); - $this->assertSame($expectedValue, $sessionUseOnlyCookies); - } - - public function testGetData() - { - $this->_model->setData(['test_key' => 'test_value']); - $this->assertEquals('test_value', $this->_model->getData('test_key', true)); - $this->assertNull($this->_model->getData('test_key')); - } - - public function testGetSessionId() - { - $this->assertEquals(session_id(), $this->_model->getSessionId()); - } - - public function testGetName() - { - $this->assertEquals(session_name(), $this->_model->getName()); - } - - public function testSetName() - { - $this->_model->setName('test'); - $this->assertEquals('test', $this->_model->getName()); - } - - public function testDestroy() - { - $data = ['key' => 'value']; - $this->_model->setData($data); - - $this->assertEquals($data, $this->_model->getData()); - $this->_model->destroy(); - - $this->assertEquals([], $this->_model->getData()); - } +// @codingStandardsIgnoreStart +namespace { + $mockPHPFunctions = false; +} - public function testSetSessionId() - { - $sessionId = $this->_model->getSessionId(); - $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); - $this->assertEquals($sessionId, $this->_model->getSessionId()); - - $this->_model->setSessionId('test'); - $this->assertEquals('test', $this->_model->getSessionId()); - } +namespace Magento\Framework\Session { + // @codingStandardsIgnoreEnd /** - * @magentoConfigFixture current_store web/session/use_frontend_sid 1 + * Mock session_status if in test mode, or continue normal execution otherwise + * + * @return int Session status code */ - public function testSetSessionIdFromParam() + function session_status() { - $this->assertNotEquals('test_id', $this->_model->getSessionId()); - $this->request->getQuery()->set($this->_sidResolver->getSessionIdQueryParam($this->_model), 'test-id'); - $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); - - $this->assertEquals('test-id', $this->_model->getSessionId()); - - /* Use not valid identifier */ - $this->request->getQuery()->set($this->_sidResolver->getSessionIdQueryParam($this->_model), 'test_id'); - $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); - $this->assertEquals('test-id', $this->_model->getSessionId()); + global $mockPHPFunctions; + if ($mockPHPFunctions) { + return PHP_SESSION_NONE; + } + return call_user_func_array('\session_status', func_get_args()); } - public function testGetSessionIdForHost() + function headers_sent() { - $this->request->getServer()->set('HTTP_HOST', 'localhost'); - $this->_model->start(); - $this->assertEmpty($this->_model->getSessionIdForHost('localhost')); - $this->assertNotEmpty($this->_model->getSessionIdForHost('test')); - $this->_model->destroy(); + global $mockPHPFunctions; + if ($mockPHPFunctions) { + return false; + } + return call_user_func_array('\headers_sent', func_get_args()); } - public function testIsValidForHost() + class SessionManagerTest extends \PHPUnit_Framework_TestCase { - $this->request->getServer()->set('HTTP_HOST', 'localhost'); - $this->_model->start(); - - $reflection = new \ReflectionMethod($this->_model, '_addHost'); - $reflection->setAccessible(true); - $reflection->invoke($this->_model); - - $this->assertFalse($this->_model->isValidForHost('test.com')); - $this->assertTrue($this->_model->isValidForHost('localhost')); - $this->_model->destroy(); + /** + * @var \Magento\Framework\Session\SessionManagerInterface + */ + protected $_model; + + /** + * @var \Magento\Framework\Session\SidResolverInterface + */ + protected $_sidResolver; + + /** + * @var string + */ + protected $sessionName; + + /** + * @var \Magento\Framework\ObjectManagerInterface + */ + protected $objectManager; + + protected function setUp() + { + $this->sessionName = 'frontEndSession'; + + ini_set('session.use_only_cookies', '0'); + ini_set('session.name', $this->sessionName); + + $this->objectManager = \Magento\TestFramework\Helper\Bootstrap::getObjectManager(); + + /** @var \Magento\Framework\Session\SidResolverInterface $sidResolver */ + $this->_sidResolver = $this->objectManager->get('Magento\Framework\Session\SidResolverInterface'); + + $this->request = $this->objectManager->get('Magento\Framework\App\RequestInterface'); + + /** @var \Magento\Framework\Session\SessionManager _model */ + $this->_model = $this->objectManager->create( + 'Magento\Framework\Session\SessionManager', + [ + $this->objectManager->get('Magento\Framework\App\Request\Http'), + $this->_sidResolver, + $this->objectManager->get('Magento\Framework\Session\Config\ConfigInterface'), + $this->objectManager->get('Magento\Framework\Session\SaveHandlerInterface'), + $this->objectManager->get('Magento\Framework\Session\ValidatorInterface'), + $this->objectManager->get('Magento\Framework\Session\StorageInterface') + ] + ); + } + + public function testSessionNameFromIni() + { + $this->_model->start(); + $this->assertSame($this->sessionName, $this->_model->getName()); + $this->_model->destroy(); + } + + public function testSessionUseOnlyCookies() + { + $expectedValue = '1'; + $sessionUseOnlyCookies = ini_get('session.use_only_cookies'); + $this->assertSame($expectedValue, $sessionUseOnlyCookies); + } + + public function testGetData() + { + $this->_model->setData(['test_key' => 'test_value']); + $this->assertEquals('test_value', $this->_model->getData('test_key', true)); + $this->assertNull($this->_model->getData('test_key')); + } + + public function testGetSessionId() + { + $this->assertEquals(session_id(), $this->_model->getSessionId()); + } + + public function testGetName() + { + $this->assertEquals(session_name(), $this->_model->getName()); + } + + public function testSetName() + { + $this->_model->setName('test'); + $this->assertEquals('test', $this->_model->getName()); + } + + public function testDestroy() + { + $data = ['key' => 'value']; + $this->_model->setData($data); + + $this->assertEquals($data, $this->_model->getData()); + $this->_model->destroy(); + + $this->assertEquals([], $this->_model->getData()); + } + + public function testSetSessionId() + { + $sessionId = $this->_model->getSessionId(); + $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); + $this->assertEquals($sessionId, $this->_model->getSessionId()); + + $this->_model->setSessionId('test'); + $this->assertEquals('test', $this->_model->getSessionId()); + } + + /** + * @magentoConfigFixture current_store web/session/use_frontend_sid 1 + */ + public function testSetSessionIdFromParam() + { + $this->assertNotEquals('test_id', $this->_model->getSessionId()); + $this->request->getQuery()->set($this->_sidResolver->getSessionIdQueryParam($this->_model), 'test-id'); + $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); + $this->assertEquals('test-id', $this->_model->getSessionId()); + /* Use not valid identifier */ + $this->request->getQuery()->set($this->_sidResolver->getSessionIdQueryParam($this->_model), 'test_id'); + $this->_model->setSessionId($this->_sidResolver->getSid($this->_model)); + $this->assertEquals('test-id', $this->_model->getSessionId()); + } + + public function testGetSessionIdForHost() + { + $_SERVER['HTTP_HOST'] = 'localhost'; + $this->_model->start(); + $this->assertEmpty($this->_model->getSessionIdForHost('localhost')); + $this->assertNotEmpty($this->_model->getSessionIdForHost('test')); + $this->_model->destroy(); + } + + public function testIsValidForHost() + { + $_SERVER['HTTP_HOST'] = 'localhost'; + $this->_model->start(); + + $reflection = new \ReflectionMethod($this->_model, '_addHost'); + $reflection->setAccessible(true); + $reflection->invoke($this->_model); + + $this->assertFalse($this->_model->isValidForHost('test.com')); + $this->assertTrue($this->_model->isValidForHost('localhost')); + $this->_model->destroy(); + } + + + /** + * @expectedException \Magento\Framework\Exception\SessionException + * @expectedExceptionMessage Area code not set: Area code must be set before starting a session. + */ + public function testStartAreaNotSet() + { + $scope = $this->objectManager->get('Magento\Framework\Config\ScopeInterface'); + $appState = new \Magento\Framework\App\State($scope); + + /** + * Must be created by "new" in order to get a real Magento\Framework\App\State object that + * is not overridden in the TestFramework + * + * @var \Magento\Framework\Session\SessionManager _model + */ + $this->_model = new \Magento\Framework\Session\SessionManager( + $this->objectManager->get('Magento\Framework\App\Request\Http'), + $this->_sidResolver, + $this->objectManager->get('Magento\Framework\Session\Config\ConfigInterface'), + $this->objectManager->get('Magento\Framework\Session\SaveHandlerInterface'), + $this->objectManager->get('Magento\Framework\Session\ValidatorInterface'), + $this->objectManager->get('Magento\Framework\Session\StorageInterface'), + $this->objectManager->get('Magento\Framework\Stdlib\CookieManagerInterface'), + $this->objectManager->get('Magento\Framework\Stdlib\Cookie\CookieMetadataFactory'), + $appState + ); + + global $mockPHPFunctions; + $mockPHPFunctions = true; + $this->_model->start(); + } } } diff --git a/lib/internal/Magento/Framework/Message/Session.php b/lib/internal/Magento/Framework/Message/Session.php index da86d172577a4..8ceb66543e370 100644 --- a/lib/internal/Magento/Framework/Message/Session.php +++ b/lib/internal/Magento/Framework/Message/Session.php @@ -8,6 +8,6 @@ /** * Message session model */ -class Session extends \Magento\Framework\Session\Generic +class Session extends \Magento\Framework\Session\SessionManager { } diff --git a/lib/internal/Magento/Framework/Session/Generic.php b/lib/internal/Magento/Framework/Session/Generic.php index dd7da87c933a3..bfaf48d74ee9d 100644 --- a/lib/internal/Magento/Framework/Session/Generic.php +++ b/lib/internal/Magento/Framework/Session/Generic.php @@ -7,38 +7,4 @@ class Generic extends SessionManager { - /** - * Constructor - * - * @param \Magento\Framework\App\Request\Http $request - * @param SidResolverInterface $sidResolver - * @param \Magento\Framework\Session\Config\ConfigInterface $sessionConfig - * @param SaveHandlerInterface $saveHandler - * @param ValidatorInterface $validator - * @param StorageInterface $storage - * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager - * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory - */ - public function __construct( - \Magento\Framework\App\Request\Http $request, - SidResolverInterface $sidResolver, - \Magento\Framework\Session\Config\ConfigInterface $sessionConfig, - SaveHandlerInterface $saveHandler, - ValidatorInterface $validator, - StorageInterface $storage, - \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, - \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory - ) { - parent::__construct( - $request, - $sidResolver, - $sessionConfig, - $saveHandler, - $validator, - $storage, - $cookieManager, - $cookieMetadataFactory - ); - $this->start(); - } } diff --git a/lib/internal/Magento/Framework/Session/SessionManager.php b/lib/internal/Magento/Framework/Session/SessionManager.php index 17636fa077680..c66672e87ca8f 100644 --- a/lib/internal/Magento/Framework/Session/SessionManager.php +++ b/lib/internal/Magento/Framework/Session/SessionManager.php @@ -11,6 +11,7 @@ /** * Session Manager + * @SuppressWarnings(PHPMD.CouplingBetweenObjects) */ class SessionManager implements SessionManagerInterface { @@ -87,8 +88,11 @@ class SessionManager implements SessionManagerInterface protected $cookieMetadataFactory; /** - * Constructor - * + * @var \Magento\Framework\App\State + */ + private $appState; + + /** * @param \Magento\Framework\App\Request\Http $request * @param SidResolverInterface $sidResolver * @param ConfigInterface $sessionConfig @@ -97,6 +101,8 @@ class SessionManager implements SessionManagerInterface * @param StorageInterface $storage * @param \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager * @param \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory + * @param \Magento\Framework\App\State $appState + * @throws \Magento\Framework\Exception\SessionException */ public function __construct( \Magento\Framework\App\Request\Http $request, @@ -106,7 +112,8 @@ public function __construct( ValidatorInterface $validator, StorageInterface $storage, \Magento\Framework\Stdlib\CookieManagerInterface $cookieManager, - \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory + \Magento\Framework\Stdlib\Cookie\CookieMetadataFactory $cookieMetadataFactory, + \Magento\Framework\App\State $appState ) { $this->request = $request; $this->sidResolver = $sidResolver; @@ -116,9 +123,11 @@ public function __construct( $this->storage = $storage; $this->cookieManager = $cookieManager; $this->cookieMetadataFactory = $cookieMetadataFactory; + $this->appState = $appState; // Enable session.use_only_cookies ini_set('session.use_only_cookies', '1'); + $this->start(); } /** @@ -152,12 +161,25 @@ public function __call($method, $args) /** * Configure session handler and start session * + * @throws \Magento\Framework\Exception\SessionException * @return $this */ public function start() { if (!$this->isSessionExists()) { \Magento\Framework\Profiler::start('session_start'); + + try { + $this->appState->getAreaCode(); + } catch (\Magento\Framework\Exception\LocalizedException $e) { + throw new \Magento\Framework\Exception\SessionException( + new \Magento\Framework\Phrase( + 'Area code not set: Area code must be set before starting a session.' + ), + $e + ); + } + // Need to apply the config options so they can be ready by session_start $this->initIniOptions(); $this->registerSaveHandler(); diff --git a/setup/src/Magento/Setup/Model/Installer.php b/setup/src/Magento/Setup/Model/Installer.php index 5db3a546a6611..414ef89f37a61 100644 --- a/setup/src/Magento/Setup/Model/Installer.php +++ b/setup/src/Magento/Setup/Model/Installer.php @@ -787,6 +787,9 @@ private function handleDBSchemaData($setup, $type) public function installUserConfig($data) { $userConfig = new StoreConfigurationDataMapper(); + /** @var \Magento\Framework\App\State $appState */ + $appState = $this->objectManagerProvider->get()->get('Magento\Framework\App\State'); + $appState->setAreaCode('setup'); $configData = $userConfig->getConfigData($data); if (count($configData) === 0) { return; diff --git a/setup/src/Magento/Setup/Test/Unit/Model/InstallerTest.php b/setup/src/Magento/Setup/Test/Unit/Model/InstallerTest.php index 553c5c8ed4c1e..e3e44ebd20a3b 100644 --- a/setup/src/Magento/Setup/Test/Unit/Model/InstallerTest.php +++ b/setup/src/Magento/Setup/Test/Unit/Model/InstallerTest.php @@ -234,12 +234,21 @@ public function testInstall() $cacheManager = $this->getMock('Magento\Framework\App\Cache\Manager', [], [], '', false); $cacheManager->expects($this->once())->method('getAvailableTypes')->willReturn(['foo', 'bar']); $cacheManager->expects($this->once())->method('setEnabled')->willReturn(['foo', 'bar']); + $appState = (new \Magento\Framework\TestFramework\Unit\Helper\ObjectManager($this))->getObject( + 'Magento\Framework\App\State' + ); $this->objectManager->expects($this->any()) ->method('create') ->will($this->returnValueMap([ ['Magento\Setup\Module\Setup', ['resource' => $resource], $setup], ['Magento\Setup\Module\DataSetup', [], $dataSetup], ['Magento\Framework\App\Cache\Manager', [], $cacheManager], + ['Magento\Framework\App\State', [], $appState], + ])); + $this->objectManager->expects($this->any()) + ->method('get') + ->will($this->returnValueMap([ + ['Magento\Framework\App\State', $appState], ])); $this->adminFactory->expects($this->once())->method('create')->willReturn( $this->getMock('Magento\Setup\Model\AdminAccount', [], [], '', false)