From 4357ea0cebbf584c4dbb75a145ff91ac293875bc Mon Sep 17 00:00:00 2001
From: Soumya Unnikrishnan <sunnikri@adobe.com>
Date: Thu, 20 Jun 2019 10:06:14 -0500
Subject: [PATCH 1/2] MQE-1601: Move MTF utils out from Magento codebase

---
 dev/tests/functional/.htaccess.sample         | 11 -----
 dev/tests/functional/utils/command.php        | 37 ---------------
 .../utils/deleteMagentoGeneratedCode.php      | 22 ---------
 dev/tests/functional/utils/export.php         | 42 -----------------
 dev/tests/functional/utils/locales.php        | 35 --------------
 dev/tests/functional/utils/log.php            | 30 ------------
 dev/tests/functional/utils/pathChecker.php    | 30 ------------
 dev/tests/functional/utils/website.php        | 47 -------------------
 8 files changed, 254 deletions(-)
 delete mode 100644 dev/tests/functional/.htaccess.sample
 delete mode 100644 dev/tests/functional/utils/command.php
 delete mode 100644 dev/tests/functional/utils/deleteMagentoGeneratedCode.php
 delete mode 100644 dev/tests/functional/utils/export.php
 delete mode 100644 dev/tests/functional/utils/locales.php
 delete mode 100644 dev/tests/functional/utils/log.php
 delete mode 100644 dev/tests/functional/utils/pathChecker.php
 delete mode 100644 dev/tests/functional/utils/website.php

diff --git a/dev/tests/functional/.htaccess.sample b/dev/tests/functional/.htaccess.sample
deleted file mode 100644
index 67c2f3fe2d027..0000000000000
--- a/dev/tests/functional/.htaccess.sample
+++ /dev/null
@@ -1,11 +0,0 @@
-##############################################
-## Allow access to command.php, website.php, export.php, pathChecker.php, locales.php, deleteMagentoGeneratedCode.php and log.php
-    <FilesMatch "command.php|website.php|export.php|pathChecker.php|deleteMagentoGeneratedCode.php|log.php|locales.php">
-        <IfVersion < 2.4>
-            order allow,deny
-            allow from all
-        </IfVersion>
-        <IfVersion >= 2.4>
-            Require all granted
-        </IfVersion>
-    </FilesMatch>
diff --git a/dev/tests/functional/utils/command.php b/dev/tests/functional/utils/command.php
deleted file mode 100644
index 9405f4ff7c4ca..0000000000000
--- a/dev/tests/functional/utils/command.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-// phpcs:ignore Magento2.Security.IncludeFile
-require_once __DIR__ . '/../../../../app/bootstrap.php';
-
-use Symfony\Component\Console\Input\StringInput;
-use Symfony\Component\Console\Output\NullOutput;
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['command'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.Superglobal
-        $command = urldecode($_POST['command']);
-        // phpcs:ignore Magento2.Security.Superglobal
-        $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER);
-        // phpcs:ignore Magento2.Security.Superglobal
-        $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER);
-        $cli = $magentoObjectManager->create(\Magento\Framework\Console\Cli::class);
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        $input = new StringInput(escapeshellcmd($command));
-        $input->setInteractive(false);
-        $output = new NullOutput();
-        $cli->doRun($input, $output);
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' or 'command' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php b/dev/tests/functional/utils/deleteMagentoGeneratedCode.php
deleted file mode 100644
index bd4ed828202e1..0000000000000
--- a/dev/tests/functional/utils/deleteMagentoGeneratedCode.php
+++ /dev/null
@@ -1,22 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['path'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.InsecureFunction
-        exec('rm -rf ../../../../generated/*');
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/export.php b/dev/tests/functional/utils/export.php
deleted file mode 100644
index df97c8db48406..0000000000000
--- a/dev/tests/functional/utils/export.php
+++ /dev/null
@@ -1,42 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['template'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        $varDir = '../../../../var/export/';
-        // phpcs:ignore Magento2.Security.Superglobal
-        $template = urldecode($_POST['template']);
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        $fileList = scandir($varDir, SCANDIR_SORT_NONE);
-        $files = [];
-
-        foreach ($fileList as $fileName) {
-            if (preg_match("`$template`", $fileName) === 1) {
-                $filePath = $varDir . $fileName;
-                $files[] = [
-                    // phpcs:ignore Magento2.Functions.DiscouragedFunction
-                    'content' => file_get_contents($filePath),
-                    'name' => $fileName,
-                    // phpcs:ignore Magento2.Functions.DiscouragedFunction
-                    'date' => filectime($filePath),
-                ];
-            }
-        }
-
-        // phpcs:ignore Magento2.Security.LanguageConstruct, Magento2.Security.InsecureFunction
-        echo serialize($files);
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' or 'template' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/locales.php b/dev/tests/functional/utils/locales.php
deleted file mode 100644
index 40781ba8b68ec..0000000000000
--- a/dev/tests/functional/utils/locales.php
+++ /dev/null
@@ -1,35 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.Superglobal
-        if ($_POST['type'] == 'deployed') {
-            // phpcs:ignore Magento2.Security.Superglobal
-            $themePath = isset($_POST['theme_path']) ? $_POST['theme_path'] : 'adminhtml/Magento/backend';
-            $directory = __DIR__ . '/../../../../pub/static/' . $themePath;
-            // phpcs:ignore Magento2.Functions.DiscouragedFunction
-            $locales = array_diff(scandir($directory), ['..', '.']);
-        } else {
-            // phpcs:ignore Magento2.Security.IncludeFile
-            require_once __DIR__ . DIRECTORY_SEPARATOR . 'bootstrap.php';
-            $localeConfig = $magentoObjectManager->create(\Magento\Framework\Locale\Config::class);
-            $locales = $localeConfig->getAllowedLocales();
-        }
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo implode('|', $locales);
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/log.php b/dev/tests/functional/utils/log.php
deleted file mode 100644
index c07f52575504f..0000000000000
--- a/dev/tests/functional/utils/log.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-declare(strict_types=1);
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['name'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.Superglobal
-        $name = urldecode($_POST['name']);
-        if (preg_match('/\.\.(\\\|\/)/', $name)) {
-            // phpcs:ignore Magento2.Exceptions.DirectThrow
-            throw new \InvalidArgumentException('Invalid log file name');
-        }
-
-        // phpcs:ignore Magento2.Security.InsecureFunction, Magento2.Functions.DiscouragedFunction, Magento2.Security.LanguageConstruct
-        echo serialize(file_get_contents('../../../../var/log' . '/' . $name));
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' or 'name' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/pathChecker.php b/dev/tests/functional/utils/pathChecker.php
deleted file mode 100644
index d4a59529fac44..0000000000000
--- a/dev/tests/functional/utils/pathChecker.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['path'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.Superglobal
-        $path = urldecode($_POST['path']);
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        if (file_exists('../../../../' . $path)) {
-            // phpcs:ignore Magento2.Security.LanguageConstruct
-            echo 'path exists: true';
-        } else {
-            // phpcs:ignore Magento2.Security.LanguageConstruct
-            echo 'path exists: false';
-        }
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' or 'path' parameter is not set.";
-}
diff --git a/dev/tests/functional/utils/website.php b/dev/tests/functional/utils/website.php
deleted file mode 100644
index 859b60785e49d..0000000000000
--- a/dev/tests/functional/utils/website.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-// phpcs:ignore Magento2.Security.IncludeFile
-include __DIR__ . '/authenticate.php';
-
-// phpcs:ignore Magento2.Security.Superglobal
-if (!empty($_POST['token']) && !empty($_POST['website_code'])) {
-    // phpcs:ignore Magento2.Security.Superglobal
-    if (authenticate(urldecode($_POST['token']))) {
-        // phpcs:ignore Magento2.Security.Superglobal
-        $websiteCode = urldecode($_POST['website_code']);
-        $rootDir = '../../../../';
-        $websiteDir = $rootDir . 'websites/' . $websiteCode . '/';
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        $contents = file_get_contents($rootDir . 'index.php');
-
-        $websiteParam = <<<EOD
-\$params = \$_SERVER;
-\$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE] = '$websiteCode';
-\$params[\Magento\Store\Model\StoreManager::PARAM_RUN_TYPE] = 'website';
-EOD;
-
-        $pattern = '`(try {.*?)(\/app\/bootstrap.*?}\n)(.*?)\$_SERVER`mis';
-        $replacement = "$1/../..$2\n$websiteParam$3\$params";
-
-        $contents = preg_replace($pattern, $replacement, $contents);
-
-        $old = umask(0);
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        mkdir($websiteDir, 0760, true);
-        umask($old);
-
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        copy($rootDir . '.htaccess', $websiteDir . '.htaccess');
-        // phpcs:ignore Magento2.Functions.DiscouragedFunction
-        file_put_contents($websiteDir . 'index.php', $contents);
-    } else {
-        // phpcs:ignore Magento2.Security.LanguageConstruct
-        echo "Command not unauthorized.";
-    }
-} else {
-    // phpcs:ignore Magento2.Security.LanguageConstruct
-    echo "'token' or 'website_code' parameter is not set.";
-}

From 08a9de5332f1bfc6bc470e7413e7b4d238b72384 Mon Sep 17 00:00:00 2001
From: Soumya Unnikrishnan <sunnikri@adobe.com>
Date: Thu, 20 Jun 2019 14:01:46 -0500
Subject: [PATCH 2/2] MQE-1601: Move MTF utils out from Magento codebase

moved authenticate.php to infra
---
 dev/tests/functional/utils/authenticate.php | 34 ---------------------
 1 file changed, 34 deletions(-)
 delete mode 100644 dev/tests/functional/utils/authenticate.php

diff --git a/dev/tests/functional/utils/authenticate.php b/dev/tests/functional/utils/authenticate.php
deleted file mode 100644
index 958b692cbd385..0000000000000
--- a/dev/tests/functional/utils/authenticate.php
+++ /dev/null
@@ -1,34 +0,0 @@
-<?php
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
-
-/**
- * Check if token passed in is a valid auth token.
- *
- * @param string $token
- * @return bool
- *
- * phpcs:disable Squiz.Functions.GlobalFunction
- */
-function authenticate($token)
-{
-    // phpcs:ignore Magento2.Security.IncludeFile
-    require_once __DIR__ . '/../../../../app/bootstrap.php';
-
-    // phpcs:ignore Magento2.Security.Superglobal
-    $magentoObjectManagerFactory = \Magento\Framework\App\Bootstrap::createObjectManagerFactory(BP, $_SERVER);
-    // phpcs:ignore Magento2.Security.Superglobal
-    $magentoObjectManager = $magentoObjectManagerFactory->create($_SERVER);
-    $tokenModel = $magentoObjectManager->get(\Magento\Integration\Model\Oauth\Token::class);
-
-    $tokenPassedIn = $token;
-    // Token returned will be null if the token we passed in is invalid
-    $tokenFromMagento = $tokenModel->loadByToken($tokenPassedIn)->getToken();
-    if (!empty($tokenFromMagento) && ($tokenFromMagento == $tokenPassedIn)) {
-        return true;
-    } else {
-        return false;
-    }
-}