Release v7.6.2

mercadopago · Jul 16, 2024 · 3bccc5f · 3bccc5f
1 parent 60a7a26
commit 3bccc5f
Show file tree

Hide file tree

Showing 14 changed files with 76 additions and 27 deletions.
diff --git a/.gitignore b/.gitignore
@@ -12,4 +12,4 @@ coverage
 
 woocommerce-mercadopago.zip
 
-qit-env.json
+qit-env.yml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [7.6.2] - 2024-07-16
+### Added:
+- Added validation on user permissions to download plugin logs.
+- Increased plugin wordpress tested version to the latest available.
+### Fix:
+- Addressed an issue where discount and commission calculations were not being shown correctly on order details.
+
 ## [7.6.1] - 2024-06-26
 ### Fix:
 - Addressed an funnel metrics issue 

diff --git a/changelog.log b/changelog.log
@@ -1,6 +1,13 @@
 CHANGELOG:
 == Changelog ==
 
+= v7.6.2 (26/06/2024) =
+* Added:
+- Added validation on user permissions to download plugin logs.
+- Increased plugin wordpress tested version to the latest available.
+* Fix:
+- Addressed an issue where discount and commission calculations were not being shown correctly on order details.
+
 = v7.6.1 (26/06/2024) =
 * Fix:
 - Addressed an funnel metrics issue

diff --git a/composer.json b/composer.json
@@ -37,7 +37,7 @@
  "qit:comp": "./vendor/bin/qit run:phpcompatibility woocommerce-mercadopago --zip woocommerce-mercadopago.zip",
  "qit:sec": "./vendor/bin/qit run:security woocommerce-mercadopago --zip woocommerce-mercadopago.zip",
  "qit:api": "./vendor/bin/qit run:woo-api woocommerce-mercadopago --zip woocommerce-mercadopago.zip",
- "qit:env-up": "./vendor/bin/qit env:up --config ./qit-env.json",
+ "qit:env-up": "./vendor/bin/qit --woo=8.9.0 env:up",
  "qit:env-down": "./vendor/bin/qit env:down"
  },
  "require": {
@@ -46,7 +46,7 @@
  "require-dev": {
  "squizlabs/php_codesniffer": "^3.7",
  "phpmetrics/phpmetrics": "^2.8",
- "woocommerce/qit-cli": "^0.5.0",
+ "woocommerce/qit-cli": "^0.5.3",
  "dealerdirect/phpcodesniffer-composer-installer": "^1.0",
  "wp-coding-standards/wpcs": "^2.2.1"
  },

diff --git a/composer.lock b/composer.lock
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "woocommerce-mercadopago",
  "description": "Woocommerce MercadoPago Payment Gateway",
- "version": "7.6.1",
+ "version": "7.6.2",
  "main": "main.js",
  "repository": {
  "type": "git",

diff --git a/qit-env.sample.yml b/qit-env.sample.yml
@@ -0,0 +1,6 @@
+wp: 6.5.5
+php_version: 8.3
+themes:
+ - storefront
+# plugins:
+# - really-simple-ssl
diff --git a/readme.txt b/readme.txt
@@ -2,9 +2,9 @@
 Contributors:
 Tags: ecommerce, mercadopago, woocommerce
 Requires at least: 6.3
-Tested up to: 6.5
+Tested up to: 6.6
 Requires PHP: 7.4
-Stable tag: 7.6.1
+Stable tag: 7.6.2
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html
 
@@ -136,7 +136,10 @@ Check out our <a href="https://www.mercadopago.com.br/developers/pt/plugins_sdks
 
 == Changelog ==
 
+* Added:
+- Added validation on user permissions to download plugin logs.
+- Increased plugin wordpress tested version to the latest available.
 * Fix:
-- Addressed an funnel metrics issue
+- Addressed an issue where discount and commission calculations were not being shown correctly on order details.
 
 [See changelog for all versions](https://github.com/mercadopago/cart-woocommerce/blob/main/CHANGELOG.md).
diff --git a/src/Dependencies.php b/src/Dependencies.php
@@ -327,7 +327,6 @@ public function __construct()
  $this->requesterHelper = $this->setRequester();
  $this->storeConfig = $this->setStore();
  $this->logs = $this->setLogs();
- $this->downloader = $this->setDownloader();
  $this->sellerConfig = $this->setSeller();
  $this->countryHelper = $this->setCountry();
  $this->urlHelper = $this->setUrl();
@@ -347,6 +346,7 @@ public function __construct()
  $this->noticesHelper = $this->setNotices();
  $this->metadataConfig = $this->setMetadataConfig();
  $this->currencyHelper = $this->setCurrency();
+ $this->downloader = $this->setDownloader();
  $this->settings = $this->setSettings();
  $this->creditsEnabledHelper = $this->setCreditsEnabled();
  $this->checkoutCustomEndpoints = $this->setCustomCheckoutEndpoints();
@@ -704,6 +704,6 @@ private function setHelpers(): Helpers
 
  private function setDownloader(): Downloader
  {
- return new Downloader($this->logs);
+ return new Downloader($this->logs, $this->currentUserHelper);
  }
 }
diff --git a/src/Gateways/AbstractGateway.php b/src/Gateways/AbstractGateway.php
@@ -329,15 +329,17 @@ public function process_payment($order_id): array
  $this->mercadopago->orderMetadata->setUsedGatewayData($order, get_class($this)::ID);
 
  if ($this->discount != 0) {
+ $percentage = Numbers::getPercentageFromParcialValue((float) $discount, (float) $order->get_total());
  $translation = $this->mercadopago->storeTranslations->commonCheckout['discount_title'];
- $feeText = $this->getFeeText($translation, 'discount', $discount);
+ $feeText = $this->getFeeText($translation, $percentage, $discount);
 
  $this->mercadopago->orderMetadata->setDiscountData($order, $feeText);
  }
 
  if ($this->commission != 0) {
+ $percentage = Numbers::getPercentageFromParcialValue((float) $comission, (float) $order->get_total());
  $translation = $this->mercadopago->storeTranslations->commonCheckout['fee_title'];
- $feeText = $this->getFeeText($translation, 'commission', $commission);
+ $feeText = $this->getFeeText($translation, $percentage, $commission);
 
  $this->mercadopago->orderMetadata->setCommissionData($order, $feeText);
  }

diff --git a/src/Helpers/Numbers.php b/src/Helpers/Numbers.php
@@ -76,4 +76,20 @@ public static function calculateByCurrency(string $currency, float $value, float
 
  return self::format($value * $ratio * 100) / 100;
  }
+
+ /**
+ * Returns the percentage of parcialValue on the sum with the paid value
+ *
+ * @param float $parcialValue
+ * @param float $paidValue
+ *
+ * @return float
+ */
+ public static function getPercentageFromParcialValue(float $parcialValue, $paidValue)
+ {
+ $total = $paidValue + $parcialValue;
+ $percentage = ($parcialValue / $total) * 100;
+
+ return self::format($percentage);
+ }
 }
diff --git a/src/IO/Downloader.php b/src/IO/Downloader.php
@@ -5,6 +5,7 @@
 use MercadoPago\Woocommerce\Entities\Files\Log as LogFile;
 use MercadoPago\Woocommerce\Libraries\Logs\Logs;
 use MercadoPago\Woocommerce\Helpers\Form;
+use MercadoPago\Woocommerce\Helpers\CurrentUser;
 
 if (!defined('ABSPATH')) {
  exit;
@@ -23,9 +24,14 @@ class Downloader
 
  public $pluginLogs;
 
+ /**
+ * @var CurrentUser
+ */
+ private $currentUser;
 
- public function __construct(Logs $logs)
+ public function __construct(Logs $logs, CurrentUser $currentUser)
  {
+ $this->currentUser = $currentUser;
  $this->logs = $logs;
  $this->pluginLogs = $this->getNameOfFileLogs();
  }
@@ -99,7 +105,7 @@ private function singleFileDownload(array $selectedFile): void
  {
  $filename = reset($selectedFile);
 
- if (!$this->validateFilename($filename)) {
+ if (!$this->validatesDownloadSecurity($filename)) {
  throw new \Exception('attempt to download the file ' . $filename . 'on ' . __METHOD__);
  }
 
@@ -128,7 +134,7 @@ private function multipleFileDownload(array $selectedFiles): void
 
  if ($zip->open($temp_file, \ZipArchive::CREATE) === true) {
  foreach ($selectedFiles as $filename) {
- if (!$this->validateFilename($filename)) {
+ if (!$this->validatesDownloadSecurity($filename)) {
  continue;
  }
 
@@ -152,14 +158,16 @@ private function multipleFileDownload(array $selectedFiles): void
  }
 
  /**
- * Validates a filename to prevent path traversal attempts and ensure expected format.
+ * Validates a filename and user permissions to prevent path traversal attempts and ensure expected format.
  *
  * @param string $filename The filename to be validated
  *
  * @return bool True if the filename is valid, false otherwise
  */
- private function validateFilename(string $filename): bool
+ private function validatesDownloadSecurity(string $filename): bool
  {
+ $this->currentUser->validateUserNeededPermissions();
+
  return $this->hasAllowedExtension($filename) &&
  $this->hasNoDisallowedCharacters($filename) &&
  $this->containsExpectedTerms($filename);
@@ -168,7 +176,7 @@ private function validateFilename(string $filename): bool
  private function hasAllowedExtension(string $filename): bool
  {
  $allowed_pattern = '/\.log$/';
- return (bool)preg_match($allowed_pattern, $filename);
+ return  (bool)preg_match($allowed_pattern, $filename);
  }
 
  private function hasNoDisallowedCharacters(string $filename): bool

diff --git a/src/WoocommerceMercadoPago.php b/src/WoocommerceMercadoPago.php
@@ -33,7 +33,7 @@ class WoocommerceMercadoPago
  /**
  * @const
  */
- private const PLUGIN_VERSION = '7.6.1';
+ private const PLUGIN_VERSION = '7.6.2';
 
  /**
  * @const

diff --git a/woocommerce-mercadopago.php b/woocommerce-mercadopago.php
@@ -4,13 +4,13 @@
  * Plugin Name: Mercado Pago
  * Plugin URI: https://github.com/mercadopago/cart-woocommerce
  * Description: Configure the payment options and accept payments with cards, ticket and money of Mercado Pago account.
- * Version: 7.6.1
+ * Version: 7.6.2
  * Author: Mercado Pago
  * Author URI: https://developers.mercadopago.com/
  * Text Domain: woocommerce-mercadopago
  * Domain Path: /i18n/languages/
  * WC requires at least: 5.5.2
- * WC tested up to: 8.1.0
+ * WC tested up to: 9.0.2
  * Requires PHP: 7.4
  *
  * @package MercadoPago