fix #99 Remove plugin account

Author: thomas-kl1

Controller/AbstractPrivacy.php

@@ -7,8 +7,55 @@
 
 namespace Opengento\Gdpr\Controller;
 
-use Magento\Customer\Controller\AccountInterface;
+use Magento\Customer\Model\Session;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
+use Magento\Framework\Controller\ResultFactory;
+use Magento\Framework\Exception\NotFoundException;
+use Magento\Framework\Message\ManagerInterface;
+use Opengento\Gdpr\Model\Config;
 
-abstract class AbstractPrivacy extends AbstractAction implements AccountInterface
+/**
+ * This class is introduced to handle customer authentication verification.
+ * We can't use the default AccountInterface or AccountPlugin
+ * as they requires the action to inherit the default Magento AbstractAction
+ * which is deprecated and which suffer of performance issues
+ */
+abstract class AbstractPrivacy extends AbstractAction
 {
+    /**
+     * @var Session
+     */
+    protected $customerSession;
+
+    /**
+     * @var Http
+     */
+    private $response;
+
+    public function __construct(
+        RequestInterface $request,
+        ResultFactory $resultFactory,
+        ManagerInterface $messageManager,
+        Config $config,
+        Session $customerSession,
+        Http $response
+    ) {
+        $this->customerSession = $customerSession;
+        $this->response = $response;
+        parent::__construct($request, $resultFactory, $messageManager, $config);
+    }
+
+    public function execute()
+    {
+        return $this->customerSession->authenticate() ? $this->defaultAction() : $this->response;
+    }
+
+    /**
+     * @throws NotFoundException
+     */
+    private function defaultAction()
+    {
+        return $this->isAllowed() ? $this->executeAction() : $this->forwardNoRoute();
+    }
 }

Controller/Privacy/Download.php

@@ -12,6 +12,7 @@
 use Magento\Framework\App\Action\HttpGetActionInterface;
 use Magento\Framework\App\Filesystem\DirectoryList;
 use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
 use Magento\Framework\App\Response\Http\FileFactory;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
@@ -35,24 +36,19 @@ class Download extends AbstractPrivacy implements HttpGetActionInterface
      */
     private $exportRepository;
 
-    /**
-     * @var Session
-     */
-    private $customerSession;
-
     public function __construct(
         RequestInterface $request,
         ResultFactory $resultFactory,
         ManagerInterface $messageManager,
         Config $config,
+        Http $response,
+        Session $customerSession,
         FileFactory $fileFactory,
-        ExportEntityRepositoryInterface $exportRepository,
-        Session $customerSession
+        ExportEntityRepositoryInterface $exportRepository
     ) {
         $this->fileFactory = $fileFactory;
         $this->exportRepository = $exportRepository;
-        $this->customerSession = $customerSession;
-        parent::__construct($request, $resultFactory, $messageManager, $config);
+        parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
     }
 
     protected function isAllowed(): bool

Controller/Privacy/Erase.php

@@ -10,6 +10,7 @@
 use Magento\Customer\Model\Session;
 use Magento\Framework\App\Action\HttpGetActionInterface;
 use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Message\ManagerInterface;
@@ -20,11 +21,6 @@
 
 class Erase extends AbstractPrivacy implements HttpGetActionInterface
 {
-    /**
-     * @var Session
-     */
-    private $session;
-
     /**
      * @var EraseEntityCheckerInterface
      */
@@ -35,12 +31,12 @@ public function __construct(
         ResultFactory $resultFactory,
         ManagerInterface $messageManager,
         Config $config,
-        Session $session,
+        Session $customerSession,
+        Http $response,
         EraseEntityCheckerInterface $eraseCustomerChecker
     ) {
-        $this->session = $session;
         $this->eraseCustomerChecker = $eraseCustomerChecker;
-        parent::__construct($request, $resultFactory, $messageManager, $config);
+        parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
     }
 
     protected function isAllowed(): bool
@@ -50,7 +46,7 @@ protected function isAllowed(): bool
 
     protected function executeAction()
     {
-        if ($this->eraseCustomerChecker->exists((int) $this->session->getCustomerId(), 'customer')) {
+        if ($this->eraseCustomerChecker->exists((int) $this->customerSession->getCustomerId(), 'customer')) {
             $this->messageManager->addErrorMessage(new Phrase('Your account is already being removed.'));
             /** @var Redirect $resultRedirect */
             $resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT);

Controller/Privacy/ErasePost.php

@@ -12,6 +12,7 @@
 use Magento\Customer\Model\Session;
 use Magento\Framework\App\Action\HttpPostActionInterface;
 use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Exception\InvalidEmailOrPasswordException;
@@ -33,11 +34,6 @@ class ErasePost extends AbstractPrivacy implements HttpPostActionInterface
      */
     private $authentication;
 
-    /**
-     * @var Session
-     */
-    private $customerSession;
-
     /**
      * @var ActionInterface
      */
@@ -53,16 +49,16 @@ public function __construct(
         ResultFactory $resultFactory,
         ManagerInterface $messageManager,
         Config $config,
-        AuthenticationInterface $authentication,
         Session $customerSession,
+        Http $response,
+        AuthenticationInterface $authentication,
         ActionInterface $action,
         ContextBuilder $actionContextBuilder
     ) {
         $this->authentication = $authentication;
-        $this->customerSession = $customerSession;
         $this->action = $action;
         $this->actionContextBuilder = $actionContextBuilder;
-        parent::__construct($request, $resultFactory, $messageManager, $config);
+        parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
     }
 
     protected function isAllowed(): bool

Controller/Privacy/Export.php

@@ -11,6 +11,7 @@
 use Magento\Customer\Model\Session;
 use Magento\Framework\App\Action\HttpGetActionInterface;
 use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Exception\AlreadyExistsException;
@@ -35,24 +36,19 @@ class Export extends AbstractPrivacy implements HttpGetActionInterface
      */
     private $actionContextBuilder;
 
-    /**
-     * @var Session
-     */
-    private $customerSession;
-
     public function __construct(
         RequestInterface $request,
         ResultFactory $resultFactory,
         ManagerInterface $messageManager,
         Config $config,
+        Session $customerSession,
+        Http $response,
         ActionInterface $action,
-        ContextBuilder $actionContextBuilder,
-        Session $customerSession
+        ContextBuilder $actionContextBuilder
     ) {
         $this->action = $action;
         $this->actionContextBuilder = $actionContextBuilder;
-        $this->customerSession = $customerSession;
-        parent::__construct($request, $resultFactory, $messageManager, $config);
+        parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
     }
 
     protected function isAllowed(): bool

Controller/Privacy/UndoErase.php

@@ -11,6 +11,7 @@
 use Magento\Customer\Model\Session;
 use Magento\Framework\App\Action\HttpPostActionInterface;
 use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Response\Http;
 use Magento\Framework\Controller\Result\Redirect;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Framework\Exception\LocalizedException;
@@ -24,11 +25,6 @@
 
 class UndoErase extends AbstractPrivacy implements HttpPostActionInterface
 {
-    /**
-     * @var Session
-     */
-    private $customerSession;
-
     /**
      * @var ActionInterface
      */
@@ -45,13 +41,13 @@ public function __construct(
         ManagerInterface $messageManager,
         Config $config,
         Session $customerSession,
+        Http $response,
         ActionInterface $action,
         ContextBuilder $actionContextBuilder
     ) {
-        $this->customerSession = $customerSession;
         $this->action = $action;
         $this->actionContextBuilder = $actionContextBuilder;
-        parent::__construct($request, $resultFactory, $messageManager, $config);
+        parent::__construct($request, $resultFactory, $messageManager, $config, $customerSession, $response);
     }
 
     protected function isAllowed(): bool

etc/frontend/di.xml

@@ -40,9 +40,6 @@
     </virtualType>
     <preference for="Opengento\Gdpr\Model\Action\PerformedByInterface" type="Opengento\Gdpr\Model\Action\PerformedBy\FrontUser"/>
     <preference for="Opengento\Gdpr\Api\EraseEntityManagementInterface" type="Opengento\Gdpr\Model\Erase\SecureEraseEntityManagement"/>
-    <type name="Opengento\Gdpr\Controller\AbstractPrivacy">
-        <plugin name="customer_account" type="Magento\Customer\Controller\Plugin\Account"/>
-    </type>
     <type name="Opengento\Gdpr\Controller\AbstractGuest">
         <arguments>
             <argument name="orderLoader" xsi:type="object">Magento\Sales\Controller\Guest\OrderLoader</argument>