From 9f331f64dcb3bfdec8ccf7057b4db62d2e79fe14 Mon Sep 17 00:00:00 2001 From: Fabrizio Balliano Date: Tue, 15 Aug 2023 12:36:41 +0300 Subject: [PATCH 1/6] JSON-RPC API support (#2273) Co-authored-by: Ng Kiat Siong --- .../Mage/Api/Model/Server/Adapter/Jsonrpc.php | 103 ++++++++++++++++++ .../Api/controllers/JsonrpcController.php | 29 +++++ app/code/core/Mage/Api/etc/api.xml | 5 + 3 files changed, 137 insertions(+) create mode 100644 app/code/core/Mage/Api/Model/Server/Adapter/Jsonrpc.php create mode 100644 app/code/core/Mage/Api/controllers/JsonrpcController.php diff --git a/app/code/core/Mage/Api/Model/Server/Adapter/Jsonrpc.php b/app/code/core/Mage/Api/Model/Server/Adapter/Jsonrpc.php new file mode 100644 index 00000000000..a3abe189d71 --- /dev/null +++ b/app/code/core/Mage/Api/Model/Server/Adapter/Jsonrpc.php @@ -0,0 +1,103 @@ +setData('handler', $handler); + return $this; + } + + /** + * Retrieve handler class name for webservice + * + * @return string + */ + public function getHandler() + { + return $this->getData('handler'); + } + + /** + * Set webservice api controller + * + * @param Mage_Api_Controller_Action $controller + * @return $this + */ + public function setController(Mage_Api_Controller_Action $controller) + { + $this->setData('controller', $controller); + return $this; + } + + /** + * Retrieve webservice api controller. If no controller have been set - emulate it by the use of Varien_Object + * + * @return Mage_Api_Controller_Action|Varien_Object + */ + public function getController() + { + $controller = $this->getData('controller'); + + if (null === $controller) { + $controller = new Varien_Object( + array('request' => Mage::app()->getRequest(), 'response' => Mage::app()->getResponse()) + ); + + $this->setData('controller', $controller); + } + return $controller; + } + + /** + * Run webservice + * + * @return $this + */ + public function run() + { + $this->_jsonRpc = new Zend_Json_Server(); + $this->_jsonRpc->setClass($this->getHandler()); + $this->getController()->getResponse() + ->clearHeaders() + ->setHeader('Content-Type', 'application/json; charset=utf8') + ->setBody($this->_jsonRpc->handle()); + return $this; + } + + /** + * Dispatch webservice fault + * + * @param int $code + * @param string $message + */ + public function fault($code, $message) + { + throw new Zend_Json_Exception($message, $code); + } +} diff --git a/app/code/core/Mage/Api/controllers/JsonrpcController.php b/app/code/core/Mage/Api/controllers/JsonrpcController.php new file mode 100644 index 00000000000..3b5e154c4e0 --- /dev/null +++ b/app/code/core/Mage/Api/controllers/JsonrpcController.php @@ -0,0 +1,29 @@ +_getServer()->init($this, 'jsonrpc') + ->run(); + } +} diff --git a/app/code/core/Mage/Api/etc/api.xml b/app/code/core/Mage/Api/etc/api.xml index f1d0666a405..db925cba726 100644 --- a/app/code/core/Mage/Api/etc/api.xml +++ b/app/code/core/Mage/Api/etc/api.xml @@ -58,6 +58,11 @@ default 1 + + api/server_adapter_jsonrpc + default + 1 + soap From 8e5cc7fc7b96244d71810e057f071ea09c169de3 Mon Sep 17 00:00:00 2001 From: Colin Mollenhour Date: Thu, 17 Aug 2023 04:44:55 -0400 Subject: [PATCH 2/6] Allowed API insta-login via HTTP Basic Auth (#3443) --- .../Api/Model/Server/Handler/Abstract.php | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php b/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php index 3af3b941860..53c0a3f79b5 100644 --- a/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php +++ b/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php @@ -225,6 +225,10 @@ public function login($username, $apiKey = null) */ public function call($sessionId, $apiPath, $args = []) { + // Allow insta-login via HTTP Basic Auth + if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) { + $sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + } $this->_startSession($sessionId); if (!$this->_getSession()->isLoggedIn($sessionId)) { @@ -309,6 +313,10 @@ public function call($sessionId, $apiPath, $args = []) */ public function multiCall($sessionId, array $calls = [], $options = []) { + // Allow insta-login via HTTP Basic Auth + if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) { + $sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + } $this->_startSession($sessionId); if (!$this->_getSession()->isLoggedIn($sessionId)) { @@ -437,6 +445,10 @@ public function multiCall($sessionId, array $calls = [], $options = []) */ public function resources($sessionId) { + // Allow insta-login via HTTP Basic Auth + if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) { + $sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + } $this->_startSession($sessionId); if (!$this->_getSession()->isLoggedIn($sessionId)) { @@ -501,6 +513,10 @@ public function resources($sessionId) */ public function resourceFaults($sessionId, $resourceName) { + // Allow insta-login via HTTP Basic Auth + if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) { + $sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + } $this->_startSession($sessionId); if (!$this->_getSession()->isLoggedIn($sessionId)) { @@ -537,6 +553,10 @@ public function resourceFaults($sessionId, $resourceName) */ public function globalFaults($sessionId) { + // Allow insta-login via HTTP Basic Auth + if ($sessionId === null && ! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) { + $sessionId = $this->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); + } $this->_startSession($sessionId); return array_values($this->_getConfig()->getFaults()); } From d24b1fca6405981fef466b196c86c3d98fd72366 Mon Sep 17 00:00:00 2001 From: kyrena <78410399+kyrena@users.noreply.github.com> Date: Thu, 17 Aug 2023 16:19:38 +0200 Subject: [PATCH 3/6] More verbose PHP errors logging for API (#3427) Co-authored-by: Fabrizio Balliano Co-authored-by: Mohamed ELIDRISSI <67818913+elidrissidev@users.noreply.github.com> --- app/code/core/Mage/Api/Model/Server/Handler/Abstract.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php b/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php index 53c0a3f79b5..78e3eb1f909 100644 --- a/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php +++ b/app/code/core/Mage/Api/Model/Server/Handler/Abstract.php @@ -35,9 +35,9 @@ public function __construct() * @param string $errorFile * @return bool */ - public function handlePhpError($errorCode, $errorMessage, $errorFile) + public function handlePhpError($errorCode, $errorMessage, $errorFile, $errLine) { - Mage::log($errorMessage . $errorFile); + Mage::log($errorMessage . ' in ' . $errorFile . ' on line ' . $errLine, Zend_Log::ERR); if (in_array($errorCode, [E_ERROR, E_USER_ERROR, E_RECOVERABLE_ERROR])) { $this->_fault('internal'); } From f69f6fc4b3dbf33c26de932d7c8cf0468532d4ed Mon Sep 17 00:00:00 2001 From: Fabrizio Balliano Date: Fri, 18 Aug 2023 17:17:43 +0300 Subject: [PATCH 4/6] Added info about v21 to the README (#3388) --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 362e24a9394..228a61687f4 100644 --- a/README.md +++ b/README.md @@ -267,6 +267,15 @@ If you see SQL errors after upgrading please remember to check for this specific UPS shut down their old CGI APIs so we removed the support for it from the Mage_Usa module. +### Between OpenMage 20.x and 21.x (unreleased, available on branch `next`) + +- PHP 8.1 as minimum required version +- Removed scriptaculous/dragdrop.js (#3215) +- RWD theme: updated jQuery to 3.7.0 (#3204) +- Unified CSRF configuration (#3147) and added form key validation to Contacts form (#3146) +- Removed double span element from HTML buttons (#3123) +- Removed all deprecated Mysql4_ classes (#2730). If there are any old modules/extensions in your installation that use such classes, you must run `shell/rename-mysql4-class-to-resource.php` in the command line in order to convert them. Backup all files before running the script + ### New Config Options - `admin/design/use_legacy_theme` From 5fca686e5902b21a0834d72ca4941671b3af28df Mon Sep 17 00:00:00 2001 From: Fabrizio Balliano Date: Mon, 21 Aug 2023 11:09:11 +0300 Subject: [PATCH 5/6] Updated zf1f 1.23.2, phpstan 1.10.29 etc (#3446) --- composer.lock | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/composer.lock b/composer.lock index a1486bf32b0..3ba9aee5721 100644 --- a/composer.lock +++ b/composer.lock @@ -984,16 +984,16 @@ }, { "name": "shardj/zf1-future", - "version": "1.23.0", + "version": "1.23.2", "source": { "type": "git", "url": "https://github.com/Shardj/zf1-future.git", - "reference": "aa077dde19ee94c308ca6a4f6ee6522029ba5c92" + "reference": "7ae8cb4a15a85dfd77c69661795590f4a9cff335" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Shardj/zf1-future/zipball/aa077dde19ee94c308ca6a4f6ee6522029ba5c92", - "reference": "aa077dde19ee94c308ca6a4f6ee6522029ba5c92", + "url": "https://api.github.com/repos/Shardj/zf1-future/zipball/7ae8cb4a15a85dfd77c69661795590f4a9cff335", + "reference": "7ae8cb4a15a85dfd77c69661795590f4a9cff335", "shasum": "" }, "require": { @@ -1040,9 +1040,9 @@ ], "support": { "issues": "https://github.com/Shardj/zf1-future/issues", - "source": "https://github.com/Shardj/zf1-future/tree/release-1.23.0" + "source": "https://github.com/Shardj/zf1-future/tree/release-1.23.2" }, - "time": "2023-08-10T19:08:01+00:00" + "time": "2023-08-15T13:34:11+00:00" }, { "name": "symfony/console", @@ -2667,16 +2667,16 @@ }, { "name": "friendsofphp/php-cs-fixer", - "version": "v3.22.0", + "version": "v3.23.0", "source": { "type": "git", "url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git", - "reference": "92b019f6c8d79aa26349d0db7671d37440dc0ff3" + "reference": "35af3cbbacfa91e164b252a28ec0b644f1ed4e78" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/92b019f6c8d79aa26349d0db7671d37440dc0ff3", - "reference": "92b019f6c8d79aa26349d0db7671d37440dc0ff3", + "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/35af3cbbacfa91e164b252a28ec0b644f1ed4e78", + "reference": "35af3cbbacfa91e164b252a28ec0b644f1ed4e78", "shasum": "" }, "require": { @@ -2752,7 +2752,7 @@ ], "support": { "issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues", - "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.22.0" + "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.23.0" }, "funding": [ { @@ -2760,7 +2760,7 @@ "type": "github" } ], - "time": "2023-07-16T23:08:06+00:00" + "time": "2023-08-14T12:27:35+00:00" }, { "name": "macopedia/phpstan-magento1", @@ -3382,16 +3382,16 @@ }, { "name": "phpstan/phpstan", - "version": "1.10.28", + "version": "1.10.29", "source": { "type": "git", "url": "https://github.com/phpstan/phpstan.git", - "reference": "e4545b55904ebef470423d3ddddb74fa7325497a" + "reference": "ee5d8f2d3977fb09e55603eee6fb53bdd76ee9c1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpstan/phpstan/zipball/e4545b55904ebef470423d3ddddb74fa7325497a", - "reference": "e4545b55904ebef470423d3ddddb74fa7325497a", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/ee5d8f2d3977fb09e55603eee6fb53bdd76ee9c1", + "reference": "ee5d8f2d3977fb09e55603eee6fb53bdd76ee9c1", "shasum": "" }, "require": { @@ -3440,7 +3440,7 @@ "type": "tidelift" } ], - "time": "2023-08-08T12:33:42+00:00" + "time": "2023-08-14T13:24:11+00:00" }, { "name": "phpunit/php-code-coverage", From e266417e6fcd81a1b4c6631e4985ccffe22bd1d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Aug 2023 09:12:12 +0100 Subject: [PATCH 6/6] Bump phpunit/phpunit from 9.6.10 to 9.6.11 (#3456) --- composer.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/composer.lock b/composer.lock index 3ba9aee5721..2dcc79e6590 100644 --- a/composer.lock +++ b/composer.lock @@ -3763,16 +3763,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.6.10", + "version": "9.6.11", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328" + "reference": "810500e92855eba8a7a5319ae913be2da6f957b0" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/a6d351645c3fe5a30f5e86be6577d946af65a328", - "reference": "a6d351645c3fe5a30f5e86be6577d946af65a328", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/810500e92855eba8a7a5319ae913be2da6f957b0", + "reference": "810500e92855eba8a7a5319ae913be2da6f957b0", "shasum": "" }, "require": { @@ -3846,7 +3846,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.10" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.11" }, "funding": [ { @@ -3862,7 +3862,7 @@ "type": "tidelift" } ], - "time": "2023-07-10T04:04:23+00:00" + "time": "2023-08-19T07:10:56+00:00" }, { "name": "psr/cache",