Merge branch '2.2-develop' of github.com:magento-troll/magento2ce into MAGETWO-70790

Author: pandanotbreathing

app/code/Magento/Integration/Model/AdminTokenService.php

@@ -95,7 +95,13 @@ public function createAdminAccessToken($username, $password)
     }
 
     /**
-     * {@inheritdoc}
+     * Revoke token by admin id.
+     *
+     * The function will delete the token from the oauth_token table.
+     *
+     * @param int $adminId
+     * @return bool
+     * @throws \Magento\Framework\Exception\LocalizedException
      */
     public function revokeAdminAccessToken($adminId)
     {
@@ -105,7 +111,7 @@ public function revokeAdminAccessToken($adminId)
         }
         try {
             foreach ($tokenCollection as $token) {
-                $token->setRevoked(1)->save();
+                $token->delete();
             }
         } catch (\Exception $e) {
             throw new LocalizedException(__('The tokens could not be revoked.'));

app/code/Magento/Integration/Model/CustomerTokenService.php

@@ -88,7 +88,13 @@ public function createCustomerAccessToken($username, $password)
     }
 
     /**
-     * {@inheritdoc}
+     * Revoke token by customer id.
+     *
+     * The function will delete the token from the oauth_token table.
+     *
+     * @param int $customerId
+     * @return bool
+     * @throws \Magento\Framework\Exception\LocalizedException
      */
     public function revokeCustomerAccessToken($customerId)
     {
@@ -98,7 +104,7 @@ public function revokeCustomerAccessToken($customerId)
         }
         try {
             foreach ($tokenCollection as $token) {
-                $token->setRevoked(1)->save();
+                $token->delete();
             }
         } catch (\Exception $e) {
             throw new LocalizedException(__('The tokens could not be revoked.'));

app/code/Magento/Integration/Plugin/Model/AdminUser.php

@@ -0,0 +1,46 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Integration\Plugin\Model;
+
+use Magento\Integration\Model\AdminTokenService;
+
+/**
+ * Plugin to delete admin tokens when admin becomes inactive
+ */
+class AdminUser
+{
+    /**
+     * @var AdminTokenService
+     */
+    private $adminTokenService;
+
+    /**
+     * @param AdminTokenService $adminTokenService
+     */
+    public function __construct(
+        AdminTokenService $adminTokenService
+    ) {
+        $this->adminTokenService = $adminTokenService;
+    }
+
+    /**
+     * Check if admin is inactive - if so, invalidate their tokens
+     *
+     * @param \Magento\User\Model\User $subject
+     * @param \Magento\Framework\DataObject $object
+     * @return $this
+     */
+    public function afterSave(
+        \Magento\User\Model\User $subject,
+        \Magento\Framework\DataObject $object
+    ) {
+        $isActive = $object->getIsActive();
+        if (isset($isActive) && $isActive == 0) {
+            $this->adminTokenService->revokeAdminAccessToken($object->getId());
+        }
+        return $subject;
+    }
+}

app/code/Magento/Integration/Plugin/Model/CustomerUser.php

@@ -0,0 +1,46 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Integration\Plugin\Model;
+
+use Magento\Integration\Model\CustomerTokenService;
+
+/**
+ * Plugin to delete customer tokens when customer becomes inactive
+ */
+class CustomerUser
+{
+    /**
+     * @var CustomerTokenService
+     */
+    private $customerTokenService;
+
+    /**
+     * @param CustomerTokenService $customerTokenService
+     */
+    public function __construct(
+        CustomerTokenService $customerTokenService
+    ) {
+        $this->customerTokenService = $customerTokenService;
+    }
+
+    /**
+     * Check if customer is inactive - if so, invalidate their tokens
+     *
+     * @param \Magento\Customer\Model\Customer $subject
+     * @param \Magento\Framework\DataObject $object
+     * @return $this
+     */
+    public function afterSave(
+        \Magento\Customer\Model\Customer $subject,
+        \Magento\Framework\DataObject $object
+    ) {
+        $isActive = $object->getIsActive();
+        if (isset($isActive) && $isActive == 0) {
+            $this->customerTokenService->revokeCustomerAccessToken($object->getId());
+        }
+        return $subject;
+    }
+}

app/code/Magento/Integration/Setup/UpgradeData.php

@@ -0,0 +1,96 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Integration\Setup;
+
+use Magento\Framework\Setup\UpgradeDataInterface;
+use Magento\Framework\Setup\ModuleContextInterface;
+use Magento\Framework\Setup\ModuleDataSetupInterface;
+
+/**
+ * Upgrade data script for Integration module
+ */
+class UpgradeData implements UpgradeDataInterface
+{
+    /**
+     * @inheritdoc
+     */
+    public function upgrade(ModuleDataSetupInterface $setup, ModuleContextInterface $context)
+    {
+        $setup->startSetup();
+
+        if (version_compare($context->getVersion(), '2.2.0', '<')) {
+            $this->removeRevokedTokens($setup);
+            $this->removeTokensFromInactiveAdmins($setup);
+            $this->removeTokensFromInactiveCustomers($setup);
+        }
+
+        $setup->endSetup();
+    }
+
+    /**
+     * Remove any revoked tokens from oauth_token table
+     *
+     * @param ModuleDataSetupInterface $setup
+     * @return void
+     */
+    private function removeRevokedTokens($setup)
+    {
+        $oauthTokenTable = $setup->getTable('oauth_token');
+
+        $where = ['revoked = ?' => 1];
+        $setup->getConnection()->delete($oauthTokenTable, $where);
+    }
+
+    /**
+     * Remove any tokens from oauth_token table where admin is inactive
+     *
+     * @param ModuleDataSetupInterface $setup
+     * @return void
+     */
+    private function removeTokensFromInactiveAdmins($setup)
+    {
+        $oauthTokenTable = $setup->getTable('oauth_token');
+        $adminUserTable = $setup->getTable('admin_user');
+
+        $select = $setup->getConnection()->select()->from(
+            $adminUserTable,
+            ['user_id', 'is_active']
+        );
+
+        $admins = $setup->getConnection()->fetchAll($select);
+        foreach ($admins as $admin) {
+            if ($admin['is_active'] == 0) {
+                $where = ['admin_id = ?' => (int)$admin['user_id']];
+                $setup->getConnection()->delete($oauthTokenTable, $where);
+            }
+        }
+    }
+
+    /**
+     * Remove any tokens from oauth_token table where customer is inactive
+     *
+     * @param ModuleDataSetupInterface $setup
+     * @return void
+     */
+    private function removeTokensFromInactiveCustomers($setup)
+    {
+        $oauthTokenTable = $setup->getTable('oauth_token');
+        $adminUserTable = $setup->getTable('customer_entity');
+
+        $select = $setup->getConnection()->select()->from(
+            $adminUserTable,
+            ['entity_id', 'is_active']
+        );
+
+        $admins = $setup->getConnection()->fetchAll($select);
+        foreach ($admins as $admin) {
+            if ($admin['is_active'] == 0) {
+                $where = ['customer_id = ?' => (int)$admin['entity_id']];
+                $setup->getConnection()->delete($oauthTokenTable, $where);
+            }
+        }
+    }
+}

app/code/Magento/Integration/Test/Unit/Model/AdminTokenServiceTest.php

@@ -13,6 +13,9 @@
 use Magento\Integration\Model\Integration;
 use Magento\Integration\Model\Oauth\Token;
 
+/**
+ * Test for \Magento\Integration\Model\AdminTokenService
+ */
 class AdminTokenServiceTest extends \PHPUnit_Framework_TestCase
 {
     /** \Magento\Integration\Model\AdminTokenService */
@@ -50,7 +53,7 @@ protected function setUp()
 
         $this->_tokenMock = $this->getMockBuilder(\Magento\Integration\Model\Oauth\Token::class)
             ->disableOriginalConstructor()
-            ->setMethods(['getToken', 'loadByAdminId', 'setRevoked', 'save', '__wakeup'])->getMock();
+            ->setMethods(['getToken', 'loadByAdminId', 'delete', '__wakeup'])->getMock();
 
         $this->_tokenModelCollectionMock = $this->getMockBuilder(
             \Magento\Integration\Model\ResourceModel\Oauth\Token\Collection::class
@@ -97,10 +100,8 @@ public function testRevokeAdminAccessToken()
             ->with(null)
             ->will($this->returnValue(1));
         $this->_tokenMock->expects($this->once())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->returnValue($this->_tokenMock));
-        $this->_tokenMock->expects($this->once())
-            ->method('save');
 
         $this->assertTrue($this->_tokenService->revokeAdminAccessToken($adminId));
     }
@@ -116,9 +117,7 @@ public function testRevokeAdminAccessTokenWithoutAdminId()
             ->with(null)
             ->will($this->returnValue($this->_tokenModelCollectionMock));
         $this->_tokenMock->expects($this->never())
-            ->method('save');
-        $this->_tokenMock->expects($this->never())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->returnValue($this->_tokenMock));
         $this->_tokenService->revokeAdminAccessToken(null);
     }
@@ -142,10 +141,8 @@ public function testRevokeAdminAccessTokenCannotRevoked()
             ->method('getIterator')
             ->will($this->returnValue(new \ArrayIterator([$this->_tokenMock])));
 
-        $this->_tokenMock->expects($this->never())
-            ->method('save');
         $this->_tokenMock->expects($this->once())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->throwException($exception));
         $this->_tokenService->revokeAdminAccessToken($adminId);
     }

app/code/Magento/Integration/Test/Unit/Model/CustomerTokenServiceTest.php

@@ -11,6 +11,9 @@
 use Magento\Integration\Model\Integration;
 use Magento\Integration\Model\Oauth\Token;
 
+/**
+ * Test for \Magento\Integration\Model\CustomerTokenService
+ */
 class CustomerTokenServiceTest extends \PHPUnit_Framework_TestCase
 {
     /** \Magento\Integration\Model\CustomerTokenService */
@@ -49,7 +52,7 @@ protected function setUp()
 
         $this->_tokenMock = $this->getMockBuilder(\Magento\Integration\Model\Oauth\Token::class)
             ->disableOriginalConstructor()
-            ->setMethods(['getToken', 'loadByCustomerId', 'setRevoked', 'save', '__wakeup'])->getMock();
+            ->setMethods(['getToken', 'loadByCustomerId', 'delete', '__wakeup'])->getMock();
 
         $this->_tokenModelCollectionMock = $this->getMockBuilder(
             \Magento\Integration\Model\ResourceModel\Oauth\Token\Collection::class
@@ -95,10 +98,8 @@ public function testRevokeCustomerAccessToken()
             ->method('_fetchAll')
             ->will($this->returnValue(1));
         $this->_tokenMock->expects($this->once())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->returnValue($this->_tokenMock));
-        $this->_tokenMock->expects($this->once())
-            ->method('save');
 
         $this->assertTrue($this->_tokenService->revokeCustomerAccessToken($customerId));
     }
@@ -114,9 +115,7 @@ public function testRevokeCustomerAccessTokenWithoutCustomerId()
             ->with(null)
             ->will($this->returnValue($this->_tokenModelCollectionMock));
         $this->_tokenMock->expects($this->never())
-            ->method('save');
-        $this->_tokenMock->expects($this->never())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->returnValue($this->_tokenMock));
         $this->_tokenService->revokeCustomerAccessToken(null);
     }
@@ -140,10 +139,8 @@ public function testRevokeCustomerAccessTokenCannotRevoked()
             ->method('getIterator')
             ->will($this->returnValue(new \ArrayIterator([$this->_tokenMock])));
 
-        $this->_tokenMock->expects($this->never())
-            ->method('save');
         $this->_tokenMock->expects($this->once())
-            ->method('setRevoked')
+            ->method('delete')
             ->will($this->throwException($exception));
         $this->_tokenService->revokeCustomerAccessToken($customerId);
     }

app/code/Magento/Integration/etc/di.xml

@@ -29,4 +29,10 @@
     <type name="Magento\Integration\Api\IntegrationServiceInterface">
         <plugin name="webapiIntegrationService" type="Magento\Integration\Model\Plugin\Integration"/>
     </type>
+    <type name="Magento\User\Model\User">
+        <plugin name="revokeTokensFromInactiveAdmins" type="Magento\Integration\Plugin\Model\AdminUser" />
+    </type>
+    <type name="Magento\Customer\Model\Customer">
+        <plugin name="revokeTokensFromInactiveCustomers" type="Magento\Integration\Plugin\Model\CustomerUser" />
+    </type>
 </config>

app/code/Magento/Integration/etc/module.xml

@@ -6,7 +6,7 @@
  */
 -->
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Module/etc/module.xsd">
-    <module name="Magento_Integration" setup_version="2.0.1">
+    <module name="Magento_Integration" setup_version="2.2.0">
         <sequence>
             <module name="Magento_Store"/>
             <module name="Magento_User"/>