forked from Hevelop/magento2-patches
-
Notifications
You must be signed in to change notification settings - Fork 7
/
PRODSECBUG-2198-2.3-CE.composer-2019-03-27-06-12-47-part1.patch
111 lines (106 loc) · 4.42 KB
/
PRODSECBUG-2198-2.3-CE.composer-2019-03-27-06-12-47-part1.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
diff --git a/Model/Product/ProductFrontendAction/Synchronizer.php b/Model/Product/ProductFrontendAction/Synchronizer.php
index 3ec8e96..72f6628 100644
--- a/Model/Product/ProductFrontendAction/Synchronizer.php
+++ b/Model/Product/ProductFrontendAction/Synchronizer.php
@@ -16,6 +16,8 @@ use Magento\Customer\Model\Visitor;
use Magento\Framework\EntityManager\EntityManager;
/**
+ * A Product Widget Synchronizer.
+ *
* Service which allows to sync product widget information, such as product id with db. In order to reuse this info
* on different devices
*/
@@ -85,9 +87,10 @@ class Synchronizer
}
/**
- * Find lifetime in configuration. Configuration is hold in Stores Configuration
- * Also this configuration is generated by:
- * @see \Magento\Catalog\Model\Widget\RecentlyViewedStorageConfiguration
+ * Finds lifetime in configuration.
+ *
+ * Configuration is hold in Stores Configuration. Also this configuration is generated by
+ * {@see Magento\Catalog\Model\Widget\RecentlyViewedStorageConfiguration}
*
* @param string $namespace
* @return int
@@ -108,6 +111,8 @@ class Synchronizer
}
/**
+ * Filters actions.
+ *
* In order to avoid suspicious actions, we need to filter them in DESC order, and slice only items that
* can be persisted in database.
*
@@ -138,7 +143,9 @@ class Synchronizer
$productIds = [];
foreach ($actions as $action) {
- $productIds[] = $action['product_id'];
+ if (isset($action['product_id']) && is_int($action['product_id'])) {
+ $productIds[] = $action['product_id'];
+ }
}
return $productIds;
@@ -159,33 +166,37 @@ class Synchronizer
$customerId = $this->session->getCustomerId();
$visitorId = $this->visitor->getId();
$collection = $this->getActionsByType($typeId);
- $collection->addFieldToFilter('product_id', $this->getProductIdsByActions($productsData));
-
- /**
- * Note that collection is also filtered by visitor id and customer id
- * This collection shouldn't be flushed when visitor has products and then login
- * It can remove only products for visitor, or only products for customer
- *
- * ['product_id' => 'added_at']
- * @var ProductFrontendActionInterface $item
- */
- foreach ($collection as $item) {
- $this->entityManager->delete($item);
- }
-
- foreach ($productsData as $productId => $productData) {
- /** @var ProductFrontendActionInterface $action */
- $action = $this->productFrontendActionFactory->create([
- 'data' => [
- 'visitor_id' => $customerId ? null : $visitorId,
- 'customer_id' => $this->session->getCustomerId(),
- 'added_at' => $productData['added_at'],
- 'product_id' => $productId,
- 'type_id' => $typeId
- ]
- ]);
-
- $this->entityManager->save($action);
+ $productIds = $this->getProductIdsByActions($productsData);
+
+ if ($productIds) {
+ $collection->addFieldToFilter('product_id', $productIds);
+
+ /**
+ * Note that collection is also filtered by visitor id and customer id
+ * This collection shouldn't be flushed when visitor has products and then login
+ * It can remove only products for visitor, or only products for customer
+ *
+ * ['product_id' => 'added_at']
+ * @var ProductFrontendActionInterface $item
+ */
+ foreach ($collection as $item) {
+ $this->entityManager->delete($item);
+ }
+
+ foreach ($productsData as $productId => $productData) {
+ /** @var ProductFrontendActionInterface $action */
+ $action = $this->productFrontendActionFactory->create([
+ 'data' => [
+ 'visitor_id' => $customerId ? null : $visitorId,
+ 'customer_id' => $this->session->getCustomerId(),
+ 'added_at' => $productData['added_at'],
+ 'product_id' => $productId,
+ 'type_id' => $typeId
+ ]
+ ]);
+
+ $this->entityManager->save($action);
+ }
}
}