From fe54671172dc903547d8775e68e522a9504151a1 Mon Sep 17 00:00:00 2001 From: Vasil Date: Tue, 5 Jan 2021 15:54:37 +0100 Subject: [PATCH] IntegrationInfoController can now be called when all routes are protected. --- .gitignore | 2 + .../Queueit/Knownuser/Helper/Data.php | 13 ++-- .../Queueit/Knownuser/Model/Observer.php | 68 +++++++++++-------- .../controllers/IntegrationinfoController.php | 4 +- .../Queueit/Knownuser/etc/config.xml | 6 +- 5 files changed, 55 insertions(+), 38 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3155e16 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea +ignored diff --git a/src/app/code/community/Queueit/Knownuser/Helper/Data.php b/src/app/code/community/Queueit/Knownuser/Helper/Data.php index e3686a9..b193f95 100644 --- a/src/app/code/community/Queueit/Knownuser/Helper/Data.php +++ b/src/app/code/community/Queueit/Knownuser/Helper/Data.php @@ -1,4 +1,5 @@ validateHash($integrationInfo, $hash)) { - Mage::getModel('queueit_knownuser/integrationinfo') - ->setInfo($integrationInfo) - ->save(); - $this->cleanQueueitCache(); + $hashIsValid = $integrationInfo && $hash && $this->validateHash($integrationInfo, $hash); + if (!$hashIsValid) { return; } + + Mage::getModel('queueit_knownuser/integrationinfo') + ->setInfo($integrationInfo) + ->save(); + $this->cleanQueueitCache(); } /** diff --git a/src/app/code/community/Queueit/Knownuser/Model/Observer.php b/src/app/code/community/Queueit/Knownuser/Model/Observer.php index 08f6243..6cd451c 100644 --- a/src/app/code/community/Queueit/Knownuser/Model/Observer.php +++ b/src/app/code/community/Queueit/Knownuser/Model/Observer.php @@ -3,7 +3,7 @@ class Queueit_Knownuser_Model_Observer { - const MAGENTO_SDK_VERSION = "1.3.2"; + const MAGENTO_SDK_VERSION = "1.3.3"; /** * Temporary storage of the cookie value, easier for validation. * @@ -21,17 +21,38 @@ public function controllerActionPredispatch($observer) if (!$helper->getIsEnabled() || !$helper->getCustomerId() || !$helper->getSecretKey()) { return; } + if ($this->isActionFromIntegrationInfoController($observer)) { + return; + } $action = $observer->getEvent()->getControllerAction(); /** @var Mage_Core_Controller_Request_Http $request */ $request = $action->getRequest(); $this->handleRequest($request, $action); - } - private function getPluginVersion() + /** + * @param Varien_Event_Observer $observer + * @return bool + */ + private function isActionFromIntegrationInfoController($observer) + { + /** @var Varien_Event $event */ + $event = $observer->getEvent(); + if ($event == null) { + return false; + } + $action = $event->getControllerAction(); + if ($action == null) { + return false; + } + + return $action instanceof Queueit_Knownuser_IntegrationinfoController; + } + + private function getPluginVersion() { - return '&kupver=magento1_'.Queueit_Knownuser_Model_Observer::MAGENTO_SDK_VERSION; + return '&kupver=magento1_' . Queueit_Knownuser_Model_Observer::MAGENTO_SDK_VERSION; } /** @@ -46,7 +67,7 @@ public function handleRequest(Mage_Core_Controller_Request_Http $request, Mage_C try { $fullUrl = $this->getCurrentUrl(); - $currentUrlWithoutQueueitToken = preg_replace ( "/([\\?&])(" ."queueittoken". "=[^&]*)/i" , "" , $fullUrl); + $currentUrlWithoutQueueitToken = preg_replace("/([\\?&])(" . "queueittoken" . "=[^&]*)/i", "", $fullUrl); $result = \QueueIT\KnownUserV3\SDK\KnownUser::validateRequestByIntegrationConfig( $currentUrlWithoutQueueitToken, @@ -57,23 +78,20 @@ public function handleRequest(Mage_Core_Controller_Request_Http $request, Mage_C ); if ($result->doRedirect()) { - $response = $action->getResponse(); - if(!$result->isAjaxResult) - { - $response->setRedirect($result->redirectUrl. $this->getPluginVersion()); - } - else - { - $response->setHeader('HTTP/1.0', 200, true); - $response->setHeader($result->getAjaxQueueRedirectHeaderKey() , $result->getAjaxRedirectUrl(). urlencode($this->getPluginVersion())); - } - - $response->setHeader('Expires', 'Fri, 01 Jan 1990 00:00:00 GMT'); - $response->setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0'); - $response->setHeader('Pragma', 'no-cache'); - $action->setFlag('', $action::FLAG_NO_DISPATCH, true); - $request->setDispatched(true); - return; + $response = $action->getResponse(); + if (!$result->isAjaxResult) { + $response->setRedirect($result->redirectUrl . $this->getPluginVersion()); + } else { + $response->setHeader('HTTP/1.0', 200, true); + $response->setHeader($result->getAjaxQueueRedirectHeaderKey(), $result->getAjaxRedirectUrl() . urlencode($this->getPluginVersion())); + } + + $response->setHeader('Expires', 'Fri, 01 Jan 1990 00:00:00 GMT'); + $response->setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0'); + $response->setHeader('Pragma', 'no-cache'); + $action->setFlag('', $action::FLAG_NO_DISPATCH, true); + $request->setDispatched(true); + return; } @@ -88,15 +106,12 @@ public function handleRequest(Mage_Core_Controller_Request_Http $request, Mage_C } - } catch (Exception $e) { Mage::logException($e); } } - - /** * Pull mechanism until backend for push mechanism is finished * @@ -128,7 +143,6 @@ public function updateConfig($observer) } - /** * @return Queueit_Knownuser_Helper_Data */ @@ -138,8 +152,6 @@ protected function getHelper() } - - /** * Strange method for getting the url, but makes sure it doesn't conflict with the other checks * diff --git a/src/app/code/community/Queueit/Knownuser/controllers/IntegrationinfoController.php b/src/app/code/community/Queueit/Knownuser/controllers/IntegrationinfoController.php index 441bf31..afecbbe 100644 --- a/src/app/code/community/Queueit/Knownuser/controllers/IntegrationinfoController.php +++ b/src/app/code/community/Queueit/Knownuser/controllers/IntegrationinfoController.php @@ -14,7 +14,7 @@ public function updateAction() if ($integrationInfo && $hash && $this->getHelper()->validateHash($integrationInfo, $hash)) { $helper = Mage::helper('queueit_knownuser'); - $configText = $helper->updateIntegrationInfo($integrationInfo, $hash); + $helper->updateIntegrationInfo($integrationInfo, $hash); $this->getResponse()->setHeader('HTTP/1.0', 200, true); return; @@ -30,4 +30,4 @@ protected function getHelper() { return Mage::helper('queueit_knownuser'); } -} \ No newline at end of file +} diff --git a/src/app/code/community/Queueit/Knownuser/etc/config.xml b/src/app/code/community/Queueit/Knownuser/etc/config.xml index c9a8785..55dd618 100644 --- a/src/app/code/community/Queueit/Knownuser/etc/config.xml +++ b/src/app/code/community/Queueit/Knownuser/etc/config.xml @@ -2,7 +2,7 @@ - 1.3.1 + 1.3.3 @@ -119,7 +119,7 @@ - - \ No newline at end of file + +