Skip to content

magento/magento2#26089: Customer Sharing Options not respected in REST API. #28213

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 24, 2020
Merged

magento/magento2#26089: Customer Sharing Options not respected in REST API. #28213

merged 5 commits into from
Jun 24, 2020

Conversation

p-bystritsky
Copy link
Contributor

@p-bystritsky p-bystritsky commented May 13, 2020
edited by sdzhepa
Loading

Description (*)

Related Pull Requests

Fixed Issues (if relevant)

  1. Fixes Customer Sharing Options not respected in REST API #26089: Customer Sharing Options not respected in REST API.

Manual testing scenarios (*)

  1. See Customer Sharing Options not respected in REST API #26089.

Questions or comments

Contribution checklist (*)

  • Pull request has a meaningful description of its purpose
  • All commits are accompanied by meaningful commit messages
  • All new or changed code is covered with unit/integration tests (if applicable)
  • All automated tests passed successfully (all builds are green)

@m2-assistant
Copy link

m2-assistant bot commented May 13, 2020

Hi @p-bystritsky. Thank you for your contribution
Here is some useful tips how you can test your changes using Magento test environment.
Add the comment under your pull request to deploy test or vanilla Magento instance:

  • @magento give me test instance - deploy test instance based on PR changes
  • @magento give me 2.4-develop instance - deploy vanilla Magento instance

For more details, please, review the Magento Contributor Guide documentation.

@rogyar rogyar self-assigned this May 15, 2020
rogyar
rogyar requested changes May 15, 2020
View reviewed changes
app/code/Magento/Customer/Model/Plugin/CustomerAuthorization.php Outdated
return true;
} else {
return $proceed($resource, $privilege);
$customer = $this->customerFactory->create()->load($this->userContext->getUserId());
Copy link
Contributor

@rogyar rogyar May 15, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The customerFactory will return the customer ORM model. Considering this fact, we are calling the deprecated load method in order to retrieve the customer entity.

I would suggest avoiding this approach and use the corresponding resource model for loading the entity instead

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rogyar updated

@rogyar rogyar added the Auto-Tests: Covered All changes in Pull Request is covered by auto-tests label May 15, 2020
@p-bystritsky
Copy link
Contributor Author

@magento run all tests

@p-bystritsky p-bystritsky requested a review from rogyar June 7, 2020 10:36
@magento-engcom-team
Copy link
Contributor

Hi @rogyar, thank you for the review.
ENGCOM-7665 has been created to process this Pull Request

@engcom-Alfa engcom-Alfa self-assigned this Jun 15, 2020
@engcom-Alfa
Copy link
Contributor

✔️ QA Passed

Manual testing scenario:

  1. Create multiple websites and store views. For example website1 with storeview1 and website2 with storeview2;
    Screenshot from 2020-06-15 15-33-37

  2. Go to Admin->Stores->Configuration->Customers->Customer Configuration->Account Sharing Options and set Share Customer Accounts to 'Per Website';

  3. Create a user account in website1;

  4. Use REST API to login with user and password to retrieve the bearer token
    Screenshot from 2020-06-15 15-37-20

  5. Read user details with GET /rest/storeview1/V1/customers/me

Actual Result: ✔️ /rest/storeview1/V1/customers/me returns user information

screenshot_62

  1. Read user details with GET /rest/storeview2/V1/customers/me

Before: ✖️ /rest/storeview2/V1/customers/me returns user information

screenshot_63

After: ✔️ /rest/storeview2/V1/customers/me returns an error (e.g. unauthorized)

screenshot_61

@engcom-Echo engcom-Echo self-assigned this Jun 15, 2020
@engcom-Echo
Copy link
Contributor

@magento run all tests

@ghost ghost added Priority: P2 A defect with this priority could have functionality issues which are not to expectations. Severity: S1 Affects critical data or functionality and forces users to employ a workaround. labels Jun 16, 2020
@engcom-Echo
Copy link
Contributor

@magento run all tests

@engcom-Echo engcom-Echo added the QA: Ready to add to Regression Scope Should be analyzed and added to Regression Testing Scope(if applicable) label Jun 18, 2020
@slavvka slavvka added this to the 2.4.1 milestone Jun 18, 2020
@engcom-Alfa engcom-Alfa added QA: Added to Regression Scope Scenario was analysed and added to Regression Testing Scope and removed QA: Ready to add to Regression Scope Should be analyzed and added to Regression Testing Scope(if applicable) labels Jun 19, 2020
@engcom-Echo engcom-Echo force-pushed the magento/magento2#26089 branch from 893188f to bdc2cce Compare June 22, 2020 09:46
@engcom-Echo
Copy link
Contributor

@magento run all tests

@engcom-Echo engcom-Echo force-pushed the magento/magento2#26089 branch from bdc2cce to ce359e0 Compare June 22, 2020 13:54
@engcom-Echo
Copy link
Contributor

@magento run all tests

@magento-engcom-team magento-engcom-team mentioned this pull request Jun 24, 2020
Closed
magento-engcom-team pushed a commit that referenced this pull request Jun 24, 2020
@slavvka
ENGCOM-7665: #26089: Customer Sharing Options not respected in REST A…
7daf5e0 
…PI. #28213
@magento-engcom-team magento-engcom-team merged commit 4e96002 into magento:2.4-develop Jun 24, 2020
@m2-assistant
Copy link

m2-assistant bot commented Jun 24, 2020

Hi @p-bystritsky, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rogyar rogyar rogyar approved these changes

Assignees

@rogyar rogyar

@engcom-Alfa engcom-Alfa

@engcom-Echo engcom-Echo

Labels
Auto-Tests: Covered All changes in Pull Request is covered by auto-tests Award: bug fix Award: test coverage Component: Customer Priority: P2 A defect with this priority could have functionality issues which are not to expectations. Progress: accept QA: Added to Regression Scope Scenario was analysed and added to Regression Testing Scope Release Line: 2.4 Severity: S1 Affects critical data or functionality and forces users to employ a workaround.
Projects
Pull Requests Dashboard
Archived in project
Milestone
2.4.1
Development

Successfully merging this pull request may close these issues.

Customer Sharing Options not respected in REST API
6 participants
@p-bystritsky @magento-engcom-team @engcom-Alfa @engcom-Echo @rogyar @slavvka