Merge remote-tracking branch 'origin/2.4.3-develop' into MC-41356

Author: SeruyV

app/code/Magento/ConfigurableProduct/Plugin/Model/Attribute/Backend/AttributeValidation.php

@@ -3,13 +3,17 @@
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
  */
+
 namespace Magento\ConfigurableProduct\Plugin\Model\Attribute\Backend;
 
+use Closure;
 use Magento\Catalog\Api\Data\ProductInterface;
 use Magento\ConfigurableProduct\Model\Product\Type\Configurable;
+use Magento\Eav\Model\Entity\Attribute\Backend\AbstractBackend;
+use Magento\Framework\DataObject;
 
 /**
- * Skip validate attributes used for create configurable product
+ * Skip validate attributes used for create configurable product.
  */
 class AttributeValidation
 {
@@ -19,29 +23,36 @@ class AttributeValidation
     private $configurableProductType;
 
     /**
-     * AttributeValidation constructor.
+     * @var array
+     */
+    private $unskippableAttributes;
+
+    /**
      * @param Configurable $configurableProductType
+     * @param array|null $unskippableAttributes
      */
     public function __construct(
-        Configurable $configurableProductType
+        Configurable $configurableProductType,
+        array $unskippableAttributes = []
     ) {
         $this->configurableProductType = $configurableProductType;
+        $this->unskippableAttributes = $unskippableAttributes;
     }
 
     /**
-     * @param \Magento\Eav\Model\Entity\Attribute\Backend\AbstractBackend $subject
+     * Around plugin to skip attribute validation used for create configurable product.
+     *
+     * @param AbstractBackend $subject
      * @param \Closure $proceed
-     * @param \Magento\Framework\DataObject $entity
+     * @param DataObject $entity
      * @return bool
      */
-    public function aroundValidate(
-        \Magento\Eav\Model\Entity\Attribute\Backend\AbstractBackend $subject,
-        \Closure $proceed,
-        \Magento\Framework\DataObject $entity
-    ) {
+    public function aroundValidate(AbstractBackend $subject, Closure $proceed, DataObject $entity)
+    {
         $attribute = $subject->getAttribute();
         if ($entity instanceof ProductInterface
             && $entity->getTypeId() == Configurable::TYPE_CODE
+            && !in_array($attribute->getAttributeCode(), $this->unskippableAttributes)
             && in_array(
                 $attribute->getAttributeId(),
                 $this->configurableProductType->getUsedProductAttributeIds($entity),
@@ -50,6 +61,7 @@ public function aroundValidate(
         ) {
             return true;
         }
+
         return $proceed($entity);
     }
 }

app/code/Magento/ConfigurableProduct/etc/di.xml

@@ -33,6 +33,13 @@
     <type name="Magento\Eav\Model\Entity\Attribute\Backend\AbstractBackend">
         <plugin name="ConfigurableProduct::skipValidation" type="Magento\ConfigurableProduct\Plugin\Model\Attribute\Backend\AttributeValidation"/>
     </type>
+    <type name="Magento\ConfigurableProduct\Plugin\Model\Attribute\Backend\AttributeValidation">
+        <arguments>
+            <argument name="unskippableAttributes" xsi:type="array">
+                <item name="custom_layout_update" xsi:type="string">custom_layout_update</item>
+            </argument>
+        </arguments>
+    </type>
     <type name="Magento\Catalog\Model\Entity\Product\Attribute\Group\AttributeMapperInterface">
         <plugin name="configurable_product" type="Magento\ConfigurableProduct\Model\Entity\Product\Attribute\Group\AttributeMapper\Plugin" sortOrder="50" />
     </type>

app/code/Magento/Customer/Model/AccountManagement.php

@@ -55,6 +55,7 @@
 use Magento\Store\Model\ScopeInterface;
 use Magento\Store\Model\StoreManagerInterface;
 use Psr\Log\LoggerInterface as PsrLogger;
+use Magento\Framework\AuthorizationInterface;
 
 /**
  * Handle various customer account actions
@@ -69,104 +70,104 @@ class AccountManagement implements AccountManagementInterface
     /**
      * Configuration paths for create account email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_REGISTER_EMAIL_TEMPLATE = 'customer/create_account/email_template';
 
     /**
      * Configuration paths for register no password email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_REGISTER_NO_PASSWORD_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_REGISTER_NO_PASSWORD_EMAIL_TEMPLATE = 'customer/create_account/email_no_password_template';
 
     /**
      * Configuration paths for remind email identity
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_REGISTER_EMAIL_IDENTITY
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_REGISTER_EMAIL_IDENTITY = 'customer/create_account/email_identity';
 
     /**
      * Configuration paths for remind email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_REMIND_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_REMIND_EMAIL_TEMPLATE = 'customer/password/remind_email_template';
 
     /**
      * Configuration paths for forgot email email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_FORGOT_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_FORGOT_EMAIL_TEMPLATE = 'customer/password/forgot_email_template';
 
     /**
      * Configuration paths for forgot email identity
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_FORGOT_EMAIL_IDENTITY
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_FORGOT_EMAIL_IDENTITY = 'customer/password/forgot_email_identity';
 
     /**
      * Configuration paths for account confirmation required
      *
-     * @deprecated get rid of Helpers in Password Security Management.
+     * @deprecated Get rid of Helpers in Password Security Management
      * @see AccountConfirmation::XML_PATH_IS_CONFIRM
      */
     const XML_PATH_IS_CONFIRM = 'customer/create_account/confirm';
 
     /**
      * Configuration paths for account confirmation email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_CONFIRM_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_CONFIRM_EMAIL_TEMPLATE = 'customer/create_account/email_confirmation_template';
 
     /**
      * Configuration paths for confirmation confirmed email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_CONFIRMED_EMAIL_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_CONFIRMED_EMAIL_TEMPLATE = 'customer/create_account/email_confirmed_template';
 
     /**
      * Constants for the type of new account email to be sent
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED
      */
     const NEW_ACCOUNT_EMAIL_REGISTERED = 'registered';
 
     /**
      * Welcome email, when password setting is required
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED_NO_PASSWORD
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED
      */
     const NEW_ACCOUNT_EMAIL_REGISTERED_NO_PASSWORD = 'registered_no_password';
 
     /**
      * Welcome email, when confirmation is enabled
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotificationInterface::NEW_ACCOUNT_EMAIL_CONFIRMATION
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED
      */
     const NEW_ACCOUNT_EMAIL_CONFIRMATION = 'confirmation';
 
     /**
      * Confirmation email, when account is confirmed
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotificationInterface::NEW_ACCOUNT_EMAIL_CONFIRMED
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see EmailNotificationInterface::NEW_ACCOUNT_EMAIL_REGISTERED
      */
     const NEW_ACCOUNT_EMAIL_CONFIRMED = 'confirmed';
 
@@ -192,19 +193,26 @@ class AccountManagement implements AccountManagementInterface
     /**
      * Configuration path to customer reset password email template
      *
-     * @deprecated get rid of Helpers in Password Security Management.
-     * @see \Magento\Customer\Model\EmailNotification::XML_PATH_RESET_PASSWORD_TEMPLATE
+     * @deprecated Get rid of Helpers in Password Security Management
+     * @see Magento/Customer/Model/EmailNotification::XML_PATH_REGISTER_EMAIL_TEMPLATE
      */
     const XML_PATH_RESET_PASSWORD_TEMPLATE = 'customer/password/reset_password_template';
 
     /**
      * Minimum password length
      *
-     * @deprecated get rid of Helpers in Password Security Management.
+     * @deprecated Get rid of Helpers in Password Security Management
      * @see \Magento\Customer\Model\AccountManagement::XML_PATH_MINIMUM_PASSWORD_LENGTH
      */
     const MIN_PASSWORD_LENGTH = 6;
 
+    /**
+     * Authorization level of a basic admin session
+     *
+     * @see _isAllowed()
+     */
+    const ADMIN_RESOURCE = 'Magento_Customer::manage';
+
     /**
      * @var CustomerFactory
      */
@@ -375,6 +383,11 @@ class AccountManagement implements AccountManagementInterface
      */
     private $sessionCleaner;
 
+    /**
+     * @var AuthorizationInterface
+     */
+    private $authorization;
+
     /**
      * @param CustomerFactory $customerFactory
      * @param ManagerInterface $eventManager
@@ -410,6 +423,7 @@ class AccountManagement implements AccountManagementInterface
      * @param GetCustomerByToken|null $getByToken
      * @param AllowedCountries|null $allowedCountriesReader
      * @param SessionCleanerInterface|null $sessionCleaner
+     * @param AuthorizationInterface|null $authorization
      * @SuppressWarnings(PHPMD.CyclomaticComplexity)
      * @SuppressWarnings(PHPMD.ExcessiveParameterList)
      * @SuppressWarnings(PHPMD.NPathComplexity)
@@ -450,7 +464,8 @@ public function __construct(
         AddressRegistry $addressRegistry = null,
         GetCustomerByToken $getByToken = null,
         AllowedCountries $allowedCountriesReader = null,
-        SessionCleanerInterface $sessionCleaner = null
+        SessionCleanerInterface $sessionCleaner = null,
+        AuthorizationInterface $authorization = null
     ) {
         $this->customerFactory = $customerFactory;
         $this->eventManager = $eventManager;
@@ -490,6 +505,7 @@ public function __construct(
         $this->allowedCountriesReader = $allowedCountriesReader
             ?: $objectManager->get(AllowedCountries::class);
         $this->sessionCleaner = $sessionCleaner ?? $objectManager->get(SessionCleanerInterface::class);
+        $this->authorization = $authorization ?? $objectManager->get(AuthorizationInterface::class);
     }
 
     /**
@@ -836,6 +852,11 @@ public function getConfirmationStatus($customerId)
      */
     public function createAccount(CustomerInterface $customer, $password = null, $redirectUrl = '')
     {
+        $groupId = $customer->getGroupId();
+        if (isset($groupId) && !$this->authorization->isAllowed(self::ADMIN_RESOURCE)) {
+            $customer->setGroupId(null);
+        }
+
         if ($password !== null) {
             $this->checkPasswordStrength($password);
             $customerEmail = $customer->getEmail();