Merge pull request #8217 from magento-commerce/revert-8139-revert-8122-cia-2.4.7-beta1-bugfixes-02062023

Revert "Revert "Cia 2.4.7 beta1 bugfixes 02062023""

Author: dvoskoboinikov

app/code/Magento/Authorization/Model/IdentityProvider.php

@@ -0,0 +1,87 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Authorization\Model;
+
+use Magento\Framework\App\Backpressure\ContextInterface;
+use Magento\Framework\App\Backpressure\IdentityProviderInterface;
+use Magento\Framework\Exception\RuntimeException;
+use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
+
+/**
+ * Utilizes UserContext for backpressure identity
+ */
+class IdentityProvider implements IdentityProviderInterface
+{
+    /**
+     * User context identity type map
+     */
+    private const USER_CONTEXT_IDENTITY_TYPE_MAP = [
+        UserContextInterface::USER_TYPE_CUSTOMER => ContextInterface::IDENTITY_TYPE_CUSTOMER,
+        UserContextInterface::USER_TYPE_ADMIN => ContextInterface::IDENTITY_TYPE_ADMIN
+    ];
+
+    /**
+     * @var UserContextInterface
+     */
+    private UserContextInterface $userContext;
+
+    /**
+     * @var RemoteAddress
+     */
+    private RemoteAddress $remoteAddress;
+
+    /**
+     * @param UserContextInterface $userContext
+     * @param RemoteAddress $remoteAddress
+     */
+    public function __construct(UserContextInterface $userContext, RemoteAddress $remoteAddress)
+    {
+        $this->userContext = $userContext;
+        $this->remoteAddress = $remoteAddress;
+    }
+
+    /**
+     * @inheritDoc
+     *
+     * @throws RuntimeException
+     */
+    public function fetchIdentityType(): int
+    {
+        if (!$this->userContext->getUserId()) {
+            return ContextInterface::IDENTITY_TYPE_IP;
+        }
+
+        $userType = $this->userContext->getUserType();
+        if (isset(self::USER_CONTEXT_IDENTITY_TYPE_MAP[$userType])) {
+            return self::USER_CONTEXT_IDENTITY_TYPE_MAP[$userType];
+        }
+
+        throw new RuntimeException(__('User type not defined'));
+    }
+
+    /**
+     * @inheritDoc
+     *
+     * @throws RuntimeException
+     */
+    public function fetchIdentity(): string
+    {
+        $userId = $this->userContext->getUserId();
+        if ($userId) {
+            return (string)$userId;
+        }
+
+        $address = $this->remoteAddress->getRemoteAddress();
+        if (!$address) {
+            throw new RuntimeException(__('Failed to extract remote address'));
+        }
+
+        return $address;
+    }
+}

app/code/Magento/Authorization/Test/Unit/Model/IdentityProviderTest.php

@@ -0,0 +1,133 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Authorization\Test\Unit\Model;
+
+use Magento\Authorization\Model\IdentityProvider;
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Framework\App\Backpressure\ContextInterface;
+use Magento\Framework\Exception\RuntimeException;
+use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Tests the IdentityProvider class
+ */
+class IdentityProviderTest extends TestCase
+{
+    /**
+     * @var UserContextInterface|MockObject
+     */
+    private $userContext;
+
+    /**
+     * @var RemoteAddress|MockObject
+     */
+    private $remoteAddress;
+
+    /**
+     * @var IdentityProvider
+     */
+    private $model;
+
+    /**
+     * @inheritDoc
+     */
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->userContext = $this->createMock(UserContextInterface::class);
+        $this->remoteAddress = $this->createMock(RemoteAddress::class);
+        $this->model = new IdentityProvider($this->userContext, $this->remoteAddress);
+    }
+
+    /**
+     * Cases for identity provider.
+     *
+     * @return array
+     */
+    public function getIdentityCases(): array
+    {
+        return [
+            'empty-user-context' => [null, null, '127.0.0.1', ContextInterface::IDENTITY_TYPE_IP, '127.0.0.1'],
+            'guest-user-context' => [
+                UserContextInterface::USER_TYPE_GUEST,
+                null,
+                '127.0.0.1',
+                ContextInterface::IDENTITY_TYPE_IP,
+                '127.0.0.1'
+            ],
+            'admin-user-context' => [
+                UserContextInterface::USER_TYPE_ADMIN,
+                42,
+                '127.0.0.1',
+                ContextInterface::IDENTITY_TYPE_ADMIN,
+                '42'
+            ],
+            'customer-user-context' => [
+                UserContextInterface::USER_TYPE_CUSTOMER,
+                42,
+                '127.0.0.1',
+                ContextInterface::IDENTITY_TYPE_CUSTOMER,
+                '42'
+            ],
+        ];
+    }
+
+    /**
+     * Verify identity provider.
+     *
+     * @param int|null $userType
+     * @param int|null $userId
+     * @param string $remoteAddr
+     * @param int $expectedType
+     * @param string $expectedIdentity
+     * @return void
+     * @dataProvider getIdentityCases
+     */
+    public function testFetchIdentity(
+        ?int $userType,
+        ?int $userId,
+        string $remoteAddr,
+        int $expectedType,
+        string $expectedIdentity
+    ): void {
+        $this->userContext->method('getUserType')->willReturn($userType);
+        $this->userContext->method('getUserId')->willReturn($userId);
+        $this->remoteAddress->method('getRemoteAddress')->willReturn($remoteAddr);
+
+        $this->assertEquals($expectedType, $this->model->fetchIdentityType());
+        $this->assertEquals($expectedIdentity, $this->model->fetchIdentity());
+    }
+
+    /**
+     * Tests fetching an identity type when user type can't be defined
+     */
+    public function testFetchIdentityTypeUserTypeNotDefined()
+    {
+        $this->userContext->method('getUserId')->willReturn(2);
+        $this->userContext->method('getUserType')->willReturn(null);
+        $this->expectException(RuntimeException::class);
+        $this->expectExceptionMessage(__('User type not defined')->getText());
+        $this->model->fetchIdentityType();
+    }
+
+    /**
+     * Tests fetching an identity when user address can't be extracted
+     */
+    public function testFetchIdentityFailedToExtractRemoteAddress()
+    {
+        $this->userContext->method('getUserId')->willReturn(null);
+        $this->remoteAddress->method('getRemoteAddress')->willReturn(false);
+        $this->expectException(RuntimeException::class);
+        $this->expectExceptionMessage(__('Failed to extract remote address')->getText());
+        $this->model->fetchIdentity();
+    }
+}

app/code/Magento/Authorization/etc/di.xml

@@ -24,4 +24,6 @@
         </arguments>
     </type>
     <preference for="Magento\Authorization\Model\UserContextInterface" type="Magento\Authorization\Model\CompositeUserContext"/>
+    <preference for="Magento\Framework\App\Backpressure\IdentityProviderInterface"
+                type="Magento\Authorization\Model\IdentityProvider"/>
 </config>

app/code/Magento/Authorization/i18n/en_US.csv

@@ -1,2 +1,4 @@
 "We can't find the role for the user you wanted.","We can't find the role for the user you wanted."
 "Something went wrong while compiling a list of allowed resources. You can find out more in the exceptions log.","Something went wrong while compiling a list of allowed resources. You can find out more in the exceptions log."
+"User type not defined","User type not defined"
+"Failed to extract remote address","Failed to extract remote address"

app/code/Magento/Checkout/Model/Backpressure/WebapiRequestTypeExtractor.php

@@ -0,0 +1,43 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Checkout\Model\Backpressure;
+
+use Magento\Framework\Webapi\Backpressure\BackpressureRequestTypeExtractorInterface;
+use Magento\Quote\Model\Backpressure\OrderLimitConfigManager;
+
+/**
+ * Identifies which checkout related functionality needs backpressure management
+ */
+class WebapiRequestTypeExtractor implements BackpressureRequestTypeExtractorInterface
+{
+    private const METHOD = 'savePaymentInformationAndPlaceOrder';
+
+    /**
+     * @var OrderLimitConfigManager
+     */
+    private OrderLimitConfigManager $config;
+
+    /**
+     * @param OrderLimitConfigManager $config
+     */
+    public function __construct(OrderLimitConfigManager $config)
+    {
+        $this->config = $config;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function extract(string $service, string $method, string $endpoint): ?string
+    {
+        return self::METHOD === $method && $this->config->isEnforcementEnabled()
+            ? OrderLimitConfigManager::REQUEST_TYPE_ID
+            : null;
+    }
+}

app/code/Magento/Checkout/Test/Unit/Model/Backpressure/WebapiRequestTypeExtractorTest.php

@@ -0,0 +1,67 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Checkout\Test\Unit\Model\Backpressure;
+
+use Magento\Checkout\Model\Backpressure\WebapiRequestTypeExtractor;
+use Magento\Quote\Model\Backpressure\OrderLimitConfigManager;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+/**
+ * Tests the WebapiRequestTypeExtractor class
+ */
+class WebapiRequestTypeExtractorTest extends TestCase
+{
+    /**
+     * @var OrderLimitConfigManager|MockObject
+     */
+    private $orderLimitConfigManagerMock;
+
+    /**
+     * @var WebapiRequestTypeExtractor
+     */
+    private WebapiRequestTypeExtractor $webapiRequestTypeExtractor;
+
+    /**
+     * @inheritDoc
+     */
+    protected function setUp(): void
+    {
+        $this->orderLimitConfigManagerMock = $this->createMock(OrderLimitConfigManager::class);
+
+        $this->webapiRequestTypeExtractor = new WebapiRequestTypeExtractor($this->orderLimitConfigManagerMock);
+    }
+
+    /**
+     * @param bool $isEnforcementEnabled
+     * @param string $method
+     * @param string|null $expected
+     * @dataProvider dataProvider
+     */
+    public function testExtract(bool $isEnforcementEnabled, string $method, $expected)
+    {
+        $this->orderLimitConfigManagerMock->method('isEnforcementEnabled')->willReturn($isEnforcementEnabled);
+
+        $this->assertEquals(
+            $expected,
+            $this->webapiRequestTypeExtractor->extract('someService', $method, 'someEndpoint')
+        );
+    }
+
+    /**
+     * @return array
+     */
+    public function dataProvider(): array
+    {
+        return [
+            [false, 'someMethod', null],
+            [false, 'savePaymentInformationAndPlaceOrder', null],
+            [true, 'savePaymentInformationAndPlaceOrder', 'quote-order'],
+        ];
+    }
+}

app/code/Magento/Checkout/etc/di.xml

@@ -54,6 +54,15 @@
                 type="Magento\Checkout\Model\CaptchaPaymentProcessingRateLimiter" />
     <preference for="Magento\Checkout\Api\PaymentSavingRateLimiterInterface"
                 type="Magento\Checkout\Model\CaptchaPaymentSavingRateLimiter" />
+    <type name="Magento\Framework\Webapi\Backpressure\CompositeRequestTypeExtractor">
+        <arguments>
+            <argument name="extractors" xsi:type="array">
+                <item name="checkout" xsi:type="object">
+                    Magento\Checkout\Model\Backpressure\WebapiRequestTypeExtractor
+                </item>
+            </argument>
+        </arguments>
+    </type>
     <type name="Magento\Customer\Model\ResourceModel\Customer">
         <plugin name="recollect_quote_on_customer_group_change" type="Magento\Checkout\Model\Plugin\RecollectQuoteOnCustomerGroupChange"/>
     </type>