Closed
Description
Preconditions (*)
Case 1:
1 Website, 1 Store, 2 Store Views
Case 2:
2 Websites, 2 Stores (one per website), 2 Store Views (one per store)
I will demonstrate case 2, because I believe it has higher severity.
- Navigate to Stores > Settings > All Stores
- Create Websites
- Name: {English Website, German Website}
- Code: {engsite, germsite}
- Create Stores
- Name: {English Store, German Store}
- Code: {engstore, germstore}
- Create Store Views
- Name: {English Store View, German Store View}
- Code: {engstv, germstv}
- Verify
| Web Site | Store | Store View |
|---|---|---|
| English Website (Code: engsite) |
English Store (Code: engstore) |
English Store View (Code: engstv) |
| German Website (Code: germsite) |
German Store (Code: germstore) |
German Store View (Code: germstv) |
| Main Website (Code: base) |
Main Website Store (Code: main_website_store) |
Default Store View (Code: default) |
- In the General/Store Email Addresses inside of the General Contact section Sender Name for the Default Config is set to
Ownerand "Use Website" is checked - In the General/Store Email Addresses inside of the General Contact section Sender Email for the Default Config is set to
[email protected]and "Use Website" is checked - In the General/General inside of the Store Information section Store Name for the Default Config is empty.
- Navigate to Content > Elements > Blocks and create
- Block Title: Test Block English
- Identifier: test-block
- Store View: English Store View (exclusively)
Content:
<h1>H1 Eng</h1>
<p>{{config path="trans_email/ident_general/name"}}</p>
<p>{{config path="trans_email/ident_general/email"}}</p>
<p>{{config path="general/store_information/name"}}</p>- Click Save and duplicate. Enable the page. and set identifier to "test-block-2". And Save block.
- Navigate to Content > Elements > Blocks and create
- Block Title: Test Block German
- Identifier: test-block
- Store View: German Store View (exclusively)
Content:
<h1>H1 Germ</h1>
<p>{{config path="trans_email/ident_general/name"}}</p>
<p>{{config path="trans_email/ident_general/email"}}</p>
<p>{{config path="general/store_information/name"}}</p>- Navigate to Content > Elements > Pages and edit "no-route"
- Don't change anything, just click "Save and duplicate" button
- Change the information to satisfy next conditions:
- Enable Page - Yes
- Page Title - 404 Not Found Alternative
- URL Key - no-route-alternative
- Page in Websites - German Store View (exclusively)
- Content - leave unchanged for this moment
- Click save:
- Scroll to content and paste in editor mode.
<dd>
<ul class="disc">
<li>If you typed the URL directly, please make sure the spelling is correct.</li>
<li>If you clicked on a link to get here, the link is outdated.</li>
</ul>
</dd>
</dl>
<dl>
<dt>What can you do?</dt>
<dd>Have no fear, help is near! There are many ways you can get back on track with Magento Store.</dd>
</dl>
<p>Store variable:</p>
<p>{{config path="general/store_information/name"}}</p>
<p>Block:</p>
<p>{{widget type="Magento\Cms\Block\Widget\Block" template="widget/static_block/default.phtml" block_id="4"}} </p>
<dl>
<dd>
<ul class="disc">
<li><a href="#">Go back</a> to the previous page.</li>
<li>Use the search bar at the top of the page to search for your products.</li>
<li>Follow these links to get you back on track!<br><a href="{{store url=""}}">Store Home</a> <span class="separator">|</span> <a href="{{store url="customer/account"}}">My Account</a></li>
</ul>
</dd>
</dl>- Switch to WYSIWYG mode and replace the CMS Static Block by selecting it from the grid that appears when you click "Select Block" button in Widget Options section. Chose "Test Block English". It is negative testing. The point here is to select the block that is restricted to the scope that is inappropriate here. Click "Save"
- Navigate to Stores > Settings > Configuration > General > Web > URL Options and set Add Store Code to Urls to Yes globally
- Navigate to Stores > Settings > Configuration > General > Web > Default Pages
- Change scope to "German Store View"
- Change CMS No Route Page to "404 Not Found Alternative"
- Save and Flush Cache
Steps to reproduce (*)
- Navigate to {{base_url}}/germstv/the-page-was-never-found.html
- Verify that page contains "Block:", is displayed correctly but the content of the block element is not displayed.
- Perform 2 assertions and compare actual and expected result after each assertion:
Assertion 1
Query:
query showCmsBlock(
$identifiers: [String]
) {
storeConfig {
code
}
cmsBlocks(
identifiers: $identifiers
) {
items {
content
title
identifier
}
}
}Variables:
{
"identifiers": ["test-block-2"]
}Headers:
{
"Store": "germstv"
}Assertion 2
Query:
query showCmsBlock(
$identifiers: [String]
) {
storeConfig {
code
}
cmsBlocks(
identifiers: $identifiers
) {
items {
content
title
identifier
}
}
}Variables:
{
"identifiers": ["test-block"]
}Headers:
{
"Store": "germstv"
}Expected result (*)
Assertion 1.
The scope is not ignored
- there should be restrictions by store
- unassigned store cannot be viewed in the browser
- disabled store is not reachable in any way at least from external. Only admin token should allow such things.
{
"errors": [
{
"message": "The CMS block with the \"test-block-2\" ID doesn't exist.",
"category": "graphql-no-such-entity",
"locations": [
{
"line": 6,
"column": 5
}
],
"path": [
"cmsBlocks",
"items",
0
]
}
],
"data": {
"storeConfig": {
"code": "germstv"
},
"cmsBlocks": {
"items": [
null
]
}
}
}Assertion 2
{
"data": {
"storeConfig": {
"code": "germstv"
},
"cmsBlocks": {
"items": [
{
"content": "<h1>H1 Germ</h1>\r\n<p>Owner Germ</p>\r\n<p>[email protected]</p>\r\n<p>German Store View</p>",
"title": "Test Block German",
"identifier": "test-block"
}
]
}
}
}Actual result (*)
Assertion 1
The scope was ignored. Sensitive data like email, telephone number, etc. is shown even if:
- everything according to preconditions (test-coverage)
- the store is not the current store (test-coverage)
- the store is disabled (test-coverage)
{
"data": {
"storeConfig": {
"code": "germstv"
},
"cmsBlocks": {
"items": [
{
"content": "<h1>H1 Eng</h1>\r\n<p>Owner Germ</p>\r\n<p>[email protected]</p>\r\n<p>German Store View</p>",
"title": "Test Block English",
"identifier": "test-block-2"
}
]
}
}
}Assertion 2
The title and the content are wrong. Only values of variables are correct, but not the selection of the variables (test-coverage)
{
"data": {
"storeConfig": {
"code": "germstv"
},
"cmsBlocks": {
"items": [
{
"content": "<h1>H1 Eng</h1>\r\n<p>Owner Germ</p>\r\n<p>[email protected]</p>\r\n<p>German Store View</p>",
"title": "Test Block English",
"identifier": "test-block"
}
]
}
}
}Metadata
Metadata
Assignees
Labels
The issue has been fixed in 2.4-develop branchGate 3 Passed. Manual verification of the issue completed. Issue is confirmedGate 1 Passed. Automatic verification of issue format passedGate 4. Acknowledged. Issue is added to backlog and ready for developmentThe issue has been reproduced on latest 2.4-develop branch