MAGETWO-60185: Remove distinction in http/https for requirejs-config.js

- test logic automation.

dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/Cache.php

@@ -29,13 +29,16 @@ class Cache extends Cli
     const PARAM_CACHE_ENABLE = 'cache:enable';
 
     /**
-     * Flush cache.
+     * Flush Cache.
+     * If no parameters are set, all cache types are flushed.
      *
+     * @param array $cacheTypes
      * @return void
      */
-    public function flush()
+    public function flush(array $cacheTypes = [])
     {
-        parent::execute(Cache::PARAM_CACHE_FLUSH);
+        $options = empty($cacheTypes) ? '' : ' ' . implode(' ', $cacheTypes);
+        parent::execute(Cache::PARAM_CACHE_FLUSH . $options);
     }
 
     /**

dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/StaticContent.php

+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Mtf\Util\Command\Cli;
+
+use Magento\Mtf\Util\Command\Cli;
+
+/**
+ * Merchant Developer deploys static view files during test executions so that Storefront UI updates are applied.
+ */
+class StaticContent extends Cli
+{
+    /**
+     * Parameter for deploy static view files.
+     */
+    const PARAM_SETUP_STATIC_CONTENT_DEPLOY = 'setup:static-content:deploy';
+
+    /**
+     * Deploy static view files.
+     *
+     * @return void
+     */
+    public function deploy()
+    {
+        parent::execute(StaticContent::PARAM_SETUP_STATIC_CONTENT_DEPLOY);
+    }
+}

dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpUsedOnFrontend.php

+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\Constraint;
+
+use Magento\Mtf\ObjectManager;
+use Magento\Mtf\System\Event\EventManagerInterface;
+use Magento\Mtf\Constraint\AbstractConstraint;
+use Magento\Mtf\Client\BrowserInterface;
+use Magento\Customer\Test\Fixture\Customer;
+use Magento\Customer\Test\TestStep\LoginCustomerOnFrontendStep as LogInCustomerOnStorefront;
+use Magento\Customer\Test\TestStep\LogoutCustomerOnFrontendStep as LogOutCustomerOnStorefront;
+
+/**
+ * Assert that http is used all over the Storefront.
+ * It would be great to assert somehow that browser console does not contain JS-related errors as well.
+ */
+class AssertHttpUsedOnFrontend extends AbstractConstraint
+{
+    /**
+     * Unsecured protocol format.
+     *
+     * @var string
+     */
+    private $unsecuredProtocol = 'http://';
+
+    /**
+     * Browser interface.
+     *
+     * @var BrowserInterface
+     */
+    protected $browser;
+
+    /**
+     * Customer account.
+     *
+     * @var Customer
+     */
+    protected $customer;
+
+    /**
+     * Prepare data for further validations execution.
+     *
+     * @param ObjectManager $objectManager
+     * @param EventManagerInterface $eventManager
+     * @param BrowserInterface $browser
+     * @param Customer $customer
+     * @param string $severity
+     * @param bool $active
+     */
+    public function __construct(
+        ObjectManager $objectManager,
+        EventManagerInterface $eventManager,
+        BrowserInterface $browser,
+        Customer $customer,
+        $severity = 'low',
+        $active = true
+    ) {
+        parent::__construct($objectManager, $eventManager, $severity, $active);
+        $this->browser = $browser;
+        $this->customer = $customer;
+
+        $this->customer->persist();
+    }
+
+    /**
+     * Validations execution.
+     *
+     * @return void
+     */
+    public function processAssert()
+    {
+        // Log in to Customer Account on Storefront to assert that http is used indeed.
+        $this->objectManager->create(LogInCustomerOnStorefront::class, ['customer' => $this->customer])->run();
+        $this->assertUsedProtocol($this->unsecuredProtocol);
+
+        // Log out from Customer Account on Storefront to assert that JS is deployed validly as a part of statics.
+        $this->objectManager->create(LogOutCustomerOnStorefront::class)->run();
+        $this->assertUsedProtocol($this->unsecuredProtocol);
+    }
+
+    /**
+     * Assert that specified protocol is used on current page.
+     *
+     * @param string $expectedProtocol
+     * @return void
+     */
+    protected function assertUsedProtocol($expectedProtocol)
+    {
+        \PHPUnit_Framework_Assert::assertStringStartsWith(
+            $expectedProtocol,
+            $this->browser->getUrl(),
+            "$expectedProtocol is not used."
+        );
+    }
+
+    /**
+     * Returns a string representation of the object.
+     *
+     * @return string
+     */
+    public function toString()
+    {
+        return 'Unsecured URLs are used for Storefront pages.';
+    }
+}

dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpsUsedOnBackend.php

+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\Constraint;
+
+use Magento\Mtf\ObjectManager;
+use Magento\Mtf\System\Event\EventManagerInterface;
+use Magento\Mtf\Constraint\AbstractConstraint;
+use Magento\Mtf\Client\BrowserInterface;
+use Magento\Backend\Test\Page\Adminhtml\Dashboard;
+
+/**
+ * Assert that https protocol is used all over the Admin panel
+ * It would be great if several different pages to validate are selected randomly in order to increase the coverage.
+ * It would be great to assert somehow that browser console does not contain JS-related errors as well.
+ */
+class AssertHttpsUsedOnBackend extends AbstractConstraint
+{
+    /**
+     * Secured protocol format.
+     *
+     * @var string
+     */
+    private $securedProtocol = 'https://';
+
+    /**
+     * Unsecured protocol format.
+     *
+     * @var string
+     */
+    private $unsecuredProtocol = 'http://';
+
+    /**
+     * Browser interface.
+     *
+     * @var BrowserInterface
+     */
+    protected $browser;
+
+    /**
+     * "Dashboard" page in Admin panel.
+     *
+     * @var Dashboard
+     */
+    protected $adminDashboardPage;
+
+    /**
+     * The list of Navigation Menu paths for Admin pages to verify.
+     *
+     * @var array
+     */
+    protected $pagesPaths;
+
+    /**
+     * Prepare data for further validations execution.
+     *
+     * @param ObjectManager $objectManager
+     * @param EventManagerInterface $eventManager
+     * @param BrowserInterface $browser
+     * @param Dashboard $adminDashboardPage
+     * @param string $severity
+     * @param bool $active
+     */
+    public function __construct(
+        ObjectManager $objectManager,
+        EventManagerInterface $eventManager,
+        BrowserInterface $browser,
+        Dashboard $adminDashboardPage,
+        $severity = 'low',
+        $active = true
+    ) {
+        parent::__construct($objectManager, $eventManager, $severity, $active);
+        $this->browser = $browser;
+        $this->adminDashboardPage = $adminDashboardPage;
+        $this->pagesPaths = ['Products>Catalog', 'Marketing>Catalog Price Rule'];
+    }
+
+    /**
+     * Validations execution.
+     *
+     * @return void
+     */
+    public function processAssert()
+    {
+        // Open specified Admin pages using Navigation Menu to assert that JS is deployed validly as a part of statics.
+        foreach ($this->pagesPaths as $pagePath) {
+            $this->adminDashboardPage->open()->getMenuBlock()->navigate($pagePath);
+            $this->assertUsedProtocol($this->securedProtocol);
+            $this->assertDirectHttpUnavailable();
+        }
+    }
+
+    /**
+     * Assert that specified protocol is used on current page.
+     *
+     * @param string $expectedProtocol
+     * @return void
+     */
+    protected function assertUsedProtocol($expectedProtocol)
+    {
+        \PHPUnit_Framework_Assert::assertStringStartsWith(
+            $expectedProtocol,
+            $this->browser->getUrl(),
+            "$expectedProtocol is not used."
+        );
+    }
+
+    /**
+     *
+     * Assert that Merchant is redirected to https if trying to access the page directly via http.
+     *
+     * @return void
+     */
+    protected function assertDirectHttpUnavailable()
+    {
+        $fakeUrl = str_replace($this->securedProtocol, $this->unsecuredProtocol, $this->browser->getUrl());
+        $this->browser->open($fakeUrl);
+        \PHPUnit_Framework_Assert::assertStringStartsWith(
+            $this->securedProtocol,
+            $this->browser->getUrl(),
+            'Merchant is not redirected to https if tries to access the Admin panel page directly via http.'
+        );
+
+    }
+
+    /**
+     * Returns a string representation of the object.
+     *
+     * @return string
+     */
+    public function toString()
+    {
+        return 'Unsecured URLs are used for Storefront pages.';
+    }
+}

dev/tests/functional/tests/app/Magento/Backend/Test/Repository/ConfigData.xml

@@ -5,7 +5,8 @@
  * See COPYING.txt for license details.
  */
 -->
-<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/Magento/Mtf/Repository/etc/repository.xsd">
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/Magento/Mtf/Repository/etc/repository.xsd">
     <repository class="Magento\Config\Test\Repository\ConfigData">
         <dataset name="store_information_US">
             <field name="general/store_information/name" xsi:type="array">
@@ -156,12 +157,14 @@
                 <item name="scope_id" xsi:type="number">0</item>
                 <item name="label" xsi:type="string">Yes</item>
                 <item name="value" xsi:type="number">1</item>
+                <item name="inherit" xsi:type="number">1</item>
             </field>
             <field name="web/secure/use_in_adminhtml" xsi:type="array">
                 <item name="scope" xsi:type="string">default</item>
                 <item name="scope_id" xsi:type="number">0</item>
                 <item name="label" xsi:type="string">Yes</item>
                 <item name="value" xsi:type="number">1</item>
+                <item name="inherit" xsi:type="number">1</item>
             </field>
         </dataset>
         <dataset name="enable_hsts">
@@ -195,6 +198,21 @@
             </field>
         </dataset>
 
+        <dataset name="disable_https_frontend_admin">
+            <field name="web/secure/use_in_frontend" xsi:type="array">
+                <item name="scope" xsi:type="string">default</item>
+                <item name="scope_id" xsi:type="number">0</item>
+                <item name="label" xsi:type="string">No</item>
+                <item name="value" xsi:type="number">0</item>
+            </field>
+            <field name="web/secure/use_in_adminhtml" xsi:type="array">
+                <item name="scope" xsi:type="string">default</item>
+                <item name="scope_id" xsi:type="number">0</item>
+                <item name="label" xsi:type="string">No</item>
+                <item name="value" xsi:type="number">0</item>
+            </field>
+        </dataset>
+
         <dataset name="custom_allowed_country">
             <field name="general/country/allow" xsi:type="array">
                 <item name="scope" xsi:type="string">default</item>

dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.php

+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\TestCase;
+
+use Magento\Mtf\TestCase\Injectable;
+use Magento\Mtf\Fixture\FixtureFactory;
+use Magento\Backend\Test\Page\Adminhtml\SystemConfigEdit;
+use Magento\Mtf\Util\Command\Cli\Cache;
+use Magento\Mtf\Util\Command\Cli\StaticContent;
+
+/**
+ * Verify that Merchant can configure secure URLs for Storefront and/or Admin panel in order to improve Store security.
+ *
+ * Preconditions:
+ *  # SSL on server is configured.
+ *  # Secure URLs are disabled for Storefront & Admin (out-of-the-box Magento state).
+ *
+ * Steps:
+ *  # Log in to Admin panel.
+ *  # Go to "Stores > Configuration" page.
+ *  # Select needed scope.
+ *  # Go to "General > Web > Base URLs (Secure)" section.
+ *  # Specify Base URL with Secure protocol in the same format as a Secure Base URL.
+ *    (i) Make sure that Secure Base URL ends with a "/".
+ *  # Enable Secure URLs for Storefront if there is a need.
+ *  # Enable Secure URLs for Admin if there is a need.
+ *  # Save the Config & refresh invalidated caches (Configuration, Page Cache).
+ *  # Deploy static view files.
+ *
+ *  # If Secure URLs for Storefront were enabled:
+ *      # Assert that https is used all over the Storefront.
+ *      # Assert that static content is deployed validly (ex: JS functionality works on Storefront).
+ *      # Assert that Customer is redirected to https if trying to access the page directly via http.
+ *  # If secure URLs for Storefront were disabled:
+ *      # Assert that http is used all over the Storefront.
+ *      # Assert that static content is deployed validly (ex: JS functionality works on Storefront).
+ *
+ *  # If secure URLs for Admin were enabled:
+ *      # Assert that https is used all over the Admin panel.
+ *      # Assert that static content is deployed validly (ex: JS functionality works in Admin panel).
+ *      # Assert that Merchant is redirected to https if trying to access the page directly via http.
+ *  # If secure URLs for Admin were disabled:
+ *      # Assert that http is used all over the Admin panel.
+ *      # Assert that static content is deployed validly (ex: JS functionality works in Admin panel).
+ *      # Assert that Merchant is redirected to http if trying to access the page directly via https.
+ *
+ * Postconditions:
+ *  # Turn the Secure URLs usage off (with further cache refreshing & static content deploying).
+ *
+ * @ZephyrId MAGETWO-35408
+ */
+class ConfigureSecureUrlsTest extends Injectable
+{
+    /* tags */
+    const MVP = 'no';
+    const SEVERITY = 'S1';
+    /* end tags */
+
+    /**
+     * Fixture factory.
+     *
+     * @var FixtureFactory
+     */
+    protected $fixtureFactory;
+
+    /**
+     * "Configuration" page in Admin panel.
+     *
+     * @var SystemConfigEdit
+     */
+    protected $configurationAdminPage;
+
+    /**
+     * Cache CLI.
+     *
+     * @var Cache
+     */
+    protected $cache;
+
+    /**
+     * Static content CLI.
+     *
+     * @var StaticContent
+     */
+    protected $staticContent;
+
+    /**
+     * Prepare data for further test execution.
+     *
+     * @param FixtureFactory $fixtureFactory
+     * @param SystemConfigEdit $configurationAdminPage
+     * @param Cache $cache
+     * @param StaticContent $staticContent
+     * @return void
+     */
+    public function __inject(
+        FixtureFactory $fixtureFactory,
+        SystemConfigEdit $configurationAdminPage,
+        Cache $cache,
+        StaticContent $staticContent
+    ) {
+        $this->fixtureFactory = $fixtureFactory;
+        $this->configurationAdminPage = $configurationAdminPage;
+        $this->cache = $cache;
+        $this->staticContent = $staticContent;
+    }
+
+    /**
+     * Test execution.
+     *
+     * @param $configData
+     * @return $this
+     */
+    public function test($configData)
+    {
+        $data = [
+            'web/secure/base_url' => [
+                'scope' => 'default',
+                'scope_id' => 0,
+                'value' => str_replace(['http', 'index.php/'], ['https', ''], $_ENV['app_frontend_url'])
+            ]
+        ];
+        $config = $this->fixtureFactory->createByCode('configData', ['dataset' => $configData, 'data' => $data]);
+        $config->persist();
+
+        // Workaround until MTA-3879 is delivered.
+        $this->configurationAdminPage->open();
+        $this->configurationAdminPage->getForm()
+            ->getGroup('web', 'secure')
+            ->setValue('web', 'secure', 'use_in_adminhtml', 'Yes');
+        $this->configurationAdminPage->getPageActions()->save();
+        $_ENV['app_backend_url'] = str_replace('http', 'https', $_ENV['app_backend_url']);
+
+        $this->cache->flush(['config', 'full_page']);
+        $this->staticContent->deploy();
+    }
+
+    /**
+     * Revert all applied high-level changes.
+     *
+     * @return void
+     */
+    public function tearDown()
+    {
+        $this->configurationAdminPage->open();
+        $this->configurationAdminPage->getForm()
+            ->getGroup('web', 'secure')
+            ->setValue('web', 'secure', 'use_in_adminhtml', 'No');
+        $this->configurationAdminPage->getPageActions()->save();
+        $this->cache->flush(['config', 'full_page']);
+        $this->staticContent->deploy();
+    }
+}

dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.xml

+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+    <testCase name="Magento\Backend\Test\TestCase\EnableSecureUrlsTest" summary="Configure secure URLs" ticketId="MAGETWO-35408">
+        <variation name="http for Storefront, https for Admin" summary="http for Storefront, https for Admin" ticketId="MAGETWO-35408">
+            <data name="configData" xsi:type="string">disable_https_frontend_admin</data>
+            <constraint name="Magento\Backend\Test\Constraint\AssertHttpUsedOnFrontend"/>
+            <constraint name="Magento\Backend\Test\Constraint\AssertHttpsUsedOnBackend"/>
+        </variation>
+    </testCase>
+</config>