diff --git a/Controller/AbstractPrivacy.php b/Controller/AbstractPrivacy.php
index 213e955e..dbc903bb 100644
--- a/Controller/AbstractPrivacy.php
+++ b/Controller/AbstractPrivacy.php
@@ -7,8 +7,55 @@
namespace Opengento\Gdpr\Controller;
-use Magento\Customer\Controller\AccountInterface;
+use Magento\Customer\Model\Session;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
+use Magento\Framework\Controller\ResultFactory;
+use Magento\Framework\Exception\NotFoundException;
+use Magento\Framework\Message\ManagerInterface;
+use Opengento\Gdpr\Model\Config;
-abstract class AbstractPrivacy extends AbstractAction implements AccountInterface
+/**
+ * This class is introduced to handle customer authentication verification.
+ * We can't use the default AccountInterface or AccountPlugin
+ * as they requires the action to inherit the default Magento AbstractAction
+ * which is deprecated and which suffer of performance issues
+ */
+abstract class AbstractPrivacy extends AbstractAction
{
+ /**
+ * @var Session
+ */
+ protected $customerSession;
+
+ /**
+ * @var Http
+ */
+ private $response;
+
+ public function __construct(
+ RequestInterface $request,
+ ResultFactory $resultFactory,
+ ManagerInterface $messageManager,
+ Config $config,
+ Session $customerSession,
+ Http $response
+ ) {
+ $this->customerSession = $customerSession;
+ $this->response = $response;
+ parent::__construct($request, $resultFactory, $messageManager, $config);
+ }
+
+ public function execute()
+ {
+ return $this->customerSession->authenticate() ? $this->defaultAction() : $this->response;
+ }
+
+ /**
+ * @throws NotFoundException
+ */
+ private function defaultAction()
+ {
+ return $this->isAllowed() ? $this->executeAction() : $this->forwardNoRoute();
+ }
}
diff --git a/Controller/Privacy/Download.php b/Controller/Privacy/Download.php
index 2bd6888c..f63f70d5 100755
--- a/Controller/Privacy/Download.php
+++ b/Controller/Privacy/Download.php
@@ -12,6 +12,7 @@
use Magento\Framework\App\Action\HttpGetActionInterface;
use Magento\Framework\App\Filesystem\DirectoryList;
use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
use Magento\Framework\App\Response\Http\FileFactory;
use Magento\Framework\Controller\Result\Redirect;
use Magento\Framework\Controller\ResultFactory;
@@ -35,24 +36,19 @@ class Download extends AbstractPrivacy implements HttpGetActionInterface
*/
private $exportRepository;
- /**
- * @var Session
- */
- private $customerSession;
-
public function __construct(
RequestInterface $request,
ResultFactory $resultFactory,
ManagerInterface $messageManager,
Config $config,
+ Http $response,
+ Session $customerSession,
FileFactory $fileFactory,
- ExportEntityRepositoryInterface $exportRepository,
- Session $customerSession
+ ExportEntityRepositoryInterface $exportRepository
) {
$this->fileFactory = $fileFactory;
$this->exportRepository = $exportRepository;
- $this->customerSession = $customerSession;
- parent::__construct($request, $resultFactory, $messageManager, $config);
+ parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
}
protected function isAllowed(): bool
diff --git a/Controller/Privacy/Erase.php b/Controller/Privacy/Erase.php
index 5444186f..1bebb92e 100755
--- a/Controller/Privacy/Erase.php
+++ b/Controller/Privacy/Erase.php
@@ -10,6 +10,7 @@
use Magento\Customer\Model\Session;
use Magento\Framework\App\Action\HttpGetActionInterface;
use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
use Magento\Framework\Controller\Result\Redirect;
use Magento\Framework\Controller\ResultFactory;
use Magento\Framework\Message\ManagerInterface;
@@ -20,11 +21,6 @@
class Erase extends AbstractPrivacy implements HttpGetActionInterface
{
- /**
- * @var Session
- */
- private $session;
-
/**
* @var EraseEntityCheckerInterface
*/
@@ -35,12 +31,12 @@ public function __construct(
ResultFactory $resultFactory,
ManagerInterface $messageManager,
Config $config,
- Session $session,
+ Session $customerSession,
+ Http $response,
EraseEntityCheckerInterface $eraseCustomerChecker
) {
- $this->session = $session;
$this->eraseCustomerChecker = $eraseCustomerChecker;
- parent::__construct($request, $resultFactory, $messageManager, $config);
+ parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
}
protected function isAllowed(): bool
@@ -50,7 +46,7 @@ protected function isAllowed(): bool
protected function executeAction()
{
- if ($this->eraseCustomerChecker->exists((int) $this->session->getCustomerId(), 'customer')) {
+ if ($this->eraseCustomerChecker->exists((int) $this->customerSession->getCustomerId(), 'customer')) {
$this->messageManager->addErrorMessage(new Phrase('Your account is already being removed.'));
/** @var Redirect $resultRedirect */
$resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT);
diff --git a/Controller/Privacy/ErasePost.php b/Controller/Privacy/ErasePost.php
index d3cb11a3..4ad8ad33 100755
--- a/Controller/Privacy/ErasePost.php
+++ b/Controller/Privacy/ErasePost.php
@@ -12,6 +12,7 @@
use Magento\Customer\Model\Session;
use Magento\Framework\App\Action\HttpPostActionInterface;
use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
use Magento\Framework\Controller\Result\Redirect;
use Magento\Framework\Controller\ResultFactory;
use Magento\Framework\Exception\InvalidEmailOrPasswordException;
@@ -33,11 +34,6 @@ class ErasePost extends AbstractPrivacy implements HttpPostActionInterface
*/
private $authentication;
- /**
- * @var Session
- */
- private $customerSession;
-
/**
* @var ActionInterface
*/
@@ -53,16 +49,16 @@ public function __construct(
ResultFactory $resultFactory,
ManagerInterface $messageManager,
Config $config,
- AuthenticationInterface $authentication,
Session $customerSession,
+ Http $response,
+ AuthenticationInterface $authentication,
ActionInterface $action,
ContextBuilder $actionContextBuilder
) {
$this->authentication = $authentication;
- $this->customerSession = $customerSession;
$this->action = $action;
$this->actionContextBuilder = $actionContextBuilder;
- parent::__construct($request, $resultFactory, $messageManager, $config);
+ parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
}
protected function isAllowed(): bool
diff --git a/Controller/Privacy/Export.php b/Controller/Privacy/Export.php
index 73a73206..da0ba9b0 100755
--- a/Controller/Privacy/Export.php
+++ b/Controller/Privacy/Export.php
@@ -11,6 +11,7 @@
use Magento\Customer\Model\Session;
use Magento\Framework\App\Action\HttpGetActionInterface;
use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
use Magento\Framework\Controller\Result\Redirect;
use Magento\Framework\Controller\ResultFactory;
use Magento\Framework\Exception\AlreadyExistsException;
@@ -35,24 +36,19 @@ class Export extends AbstractPrivacy implements HttpGetActionInterface
*/
private $actionContextBuilder;
- /**
- * @var Session
- */
- private $customerSession;
-
public function __construct(
RequestInterface $request,
ResultFactory $resultFactory,
ManagerInterface $messageManager,
Config $config,
+ Session $customerSession,
+ Http $response,
ActionInterface $action,
- ContextBuilder $actionContextBuilder,
- Session $customerSession
+ ContextBuilder $actionContextBuilder
) {
$this->action = $action;
$this->actionContextBuilder = $actionContextBuilder;
- $this->customerSession = $customerSession;
- parent::__construct($request, $resultFactory, $messageManager, $config);
+ parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
}
protected function isAllowed(): bool
diff --git a/Controller/Privacy/UndoErase.php b/Controller/Privacy/UndoErase.php
index 4b3ea43b..dadbd25a 100755
--- a/Controller/Privacy/UndoErase.php
+++ b/Controller/Privacy/UndoErase.php
@@ -11,6 +11,7 @@
use Magento\Customer\Model\Session;
use Magento\Framework\App\Action\HttpPostActionInterface;
use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
use Magento\Framework\Controller\Result\Redirect;
use Magento\Framework\Controller\ResultFactory;
use Magento\Framework\Exception\LocalizedException;
@@ -24,11 +25,6 @@
class UndoErase extends AbstractPrivacy implements HttpPostActionInterface
{
- /**
- * @var Session
- */
- private $customerSession;
-
/**
* @var ActionInterface
*/
@@ -45,13 +41,13 @@ public function __construct(
ManagerInterface $messageManager,
Config $config,
Session $customerSession,
+ Http $response,
ActionInterface $action,
ContextBuilder $actionContextBuilder
) {
- $this->customerSession = $customerSession;
$this->action = $action;
$this->actionContextBuilder = $actionContextBuilder;
- parent::__construct($request, $resultFactory, $messageManager, $config);
+ parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
}
protected function isAllowed(): bool
diff --git a/etc/frontend/di.xml b/etc/frontend/di.xml
index 2d501ae7..defe7395 100644
--- a/etc/frontend/di.xml
+++ b/etc/frontend/di.xml
@@ -40,9 +40,6 @@
-
-
-
Magento\Sales\Controller\Guest\OrderLoader