diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/Cache.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/Cache.php
index 425abfd85590d0848ea9292752cc4d48a0102065..97045e88214a7b8b0bf49bf45728b4a418d64e2c 100644
--- a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/Cache.php
+++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/Cache.php
@@ -29,13 +29,16 @@ class Cache extends Cli
const PARAM_CACHE_ENABLE = 'cache:enable';
/**
- * Flush cache.
+ * Flush Cache.
+ * If no parameters are set, all cache types are flushed.
*
+ * @param array $cacheTypes
* @return void
*/
- public function flush()
+ public function flush(array $cacheTypes = [])
{
- parent::execute(Cache::PARAM_CACHE_FLUSH);
+ $options = empty($cacheTypes) ? '' : ' ' . implode(' ', $cacheTypes);
+ parent::execute(Cache::PARAM_CACHE_FLUSH . $options);
}
/**
diff --git a/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/StaticContent.php b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/StaticContent.php
new file mode 100644
index 0000000000000000000000000000000000000000..9a430aad35d35aed80971129f0f91df3cc06c5fa
--- /dev/null
+++ b/dev/tests/functional/lib/Magento/Mtf/Util/Command/Cli/StaticContent.php
@@ -0,0 +1,30 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Mtf\Util\Command\Cli;
+
+use Magento\Mtf\Util\Command\Cli;
+
+/**
+ * Merchant Developer deploys static view files during test executions so that Storefront UI updates are applied.
+ */
+class StaticContent extends Cli
+{
+ /**
+ * Parameter for deploy static view files.
+ */
+ const PARAM_SETUP_STATIC_CONTENT_DEPLOY = 'setup:static-content:deploy';
+
+ /**
+ * Deploy static view files.
+ *
+ * @return void
+ */
+ public function deploy()
+ {
+ parent::execute(StaticContent::PARAM_SETUP_STATIC_CONTENT_DEPLOY);
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpUsedOnFrontend.php b/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpUsedOnFrontend.php
new file mode 100644
index 0000000000000000000000000000000000000000..00eb776be2e5add04e86a50d555f496b408a64f6
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpUsedOnFrontend.php
@@ -0,0 +1,87 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\Constraint;
+
+use Magento\Mtf\Constraint\AbstractConstraint;
+use Magento\Mtf\Client\BrowserInterface;
+use Magento\Customer\Test\Fixture\Customer;
+use Magento\Customer\Test\TestStep\LoginCustomerOnFrontendStep as LogInCustomerOnStorefront;
+use Magento\Customer\Test\TestStep\LogoutCustomerOnFrontendStep as LogOutCustomerOnStorefront;
+
+/**
+ * Assert that http is used all over the Storefront.
+ */
+class AssertHttpUsedOnFrontend extends AbstractConstraint
+{
+ /**
+ * Unsecured protocol format.
+ *
+ * @var string
+ */
+ private $unsecuredProtocol = \Magento\Framework\HTTP\PhpEnvironment\Request::SCHEME_HTTP;
+
+ /**
+ * Browser interface.
+ *
+ * @var BrowserInterface
+ */
+ protected $browser;
+
+ /**
+ * Customer account.
+ *
+ * @var Customer
+ */
+ protected $customer;
+
+ /**
+ * Validations execution.
+ *
+ * @param BrowserInterface $browser
+ * @param Customer $customer
+ * @return void
+ */
+ public function processAssert(BrowserInterface $browser, Customer $customer)
+ {
+ $this->browser = $browser;
+ $this->customer = $customer;
+ $this->customer->persist();
+
+ // Log in to Customer Account on Storefront to assert that http is used indeed.
+ $this->objectManager->create(LogInCustomerOnStorefront::class, ['customer' => $this->customer])->run();
+ $this->assertUsedProtocol($this->unsecuredProtocol);
+
+ // Log out from Customer Account on Storefront to assert that JS is deployed validly as a part of statics.
+ $this->objectManager->create(LogOutCustomerOnStorefront::class)->run();
+ $this->assertUsedProtocol($this->unsecuredProtocol);
+ }
+
+ /**
+ * Assert that specified protocol is used on current page.
+ *
+ * @param string $expectedProtocol
+ * @return void
+ */
+ protected function assertUsedProtocol($expectedProtocol)
+ {
+ \PHPUnit_Framework_Assert::assertStringStartsWith(
+ $expectedProtocol,
+ $this->browser->getUrl(),
+ "$expectedProtocol is not used."
+ );
+ }
+
+ /**
+ * Returns a string representation of the object.
+ *
+ * @return string
+ */
+ public function toString()
+ {
+ return 'Unsecured URLs are used for Storefront pages.';
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpsUsedOnBackend.php b/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpsUsedOnBackend.php
new file mode 100644
index 0000000000000000000000000000000000000000..a45b3268aa51bb8fec278a13c127b86981397a22
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/Constraint/AssertHttpsUsedOnBackend.php
@@ -0,0 +1,97 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\Constraint;
+
+use Magento\Mtf\Constraint\AbstractConstraint;
+use Magento\Mtf\Client\BrowserInterface;
+use Magento\Backend\Test\Page\Adminhtml\Dashboard;
+
+/**
+ * Assert that https protocol is used all over the Admin panel.
+ */
+class AssertHttpsUsedOnBackend extends AbstractConstraint
+{
+ /**
+ * Secured protocol format.
+ *
+ * @var string
+ */
+ private $securedProtocol = \Magento\Framework\HTTP\PhpEnvironment\Request::SCHEME_HTTPS;
+
+ /**
+ * Unsecured protocol format.
+ *
+ * @var string
+ */
+ private $unsecuredProtocol = \Magento\Framework\HTTP\PhpEnvironment\Request::SCHEME_HTTP;
+
+ /**
+ * Browser interface.
+ *
+ * @var BrowserInterface
+ */
+ protected $browser;
+
+ /**
+ * Validations execution.
+ *
+ * @param BrowserInterface $browser
+ * @param Dashboard $adminDashboardPage
+ * @param string $navMenuPath
+ * @return void
+ */
+ public function processAssert(BrowserInterface $browser, Dashboard $adminDashboardPage, $navMenuPath)
+ {
+ $this->browser = $browser;
+
+ // Open specified Admin page using Navigation Menu to assert that JS is deployed validly as a part of statics.
+ $adminDashboardPage->open()->getMenuBlock()->navigate($navMenuPath);
+ $this->assertUsedProtocol($this->securedProtocol);
+ $this->assertDirectHttpUnavailable();
+ }
+
+ /**
+ * Assert that specified protocol is used on current page.
+ *
+ * @param string $expectedProtocol
+ * @return void
+ */
+ protected function assertUsedProtocol($expectedProtocol)
+ {
+ \PHPUnit_Framework_Assert::assertStringStartsWith(
+ $expectedProtocol,
+ $this->browser->getUrl(),
+ "$expectedProtocol is not used."
+ );
+ }
+
+ /**
+ * Assert that Merchant is redirected to https if trying to access the page directly via http.
+ *
+ * @return void
+ */
+ protected function assertDirectHttpUnavailable()
+ {
+ $fakeUrl = str_replace($this->securedProtocol, $this->unsecuredProtocol, $this->browser->getUrl());
+ $this->browser->open($fakeUrl);
+ \PHPUnit_Framework_Assert::assertStringStartsWith(
+ $this->securedProtocol,
+ $this->browser->getUrl(),
+ 'Merchant is not redirected to https if tries to access the Admin panel page directly via http.'
+ );
+ }
+
+ /**
+ * Returns a string representation of the object.
+ *
+ * @return string
+ */
+ public function toString()
+ {
+ return 'Secured URLs are used for Admin panel pages.';
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/Repository/ConfigData.xml b/dev/tests/functional/tests/app/Magento/Backend/Test/Repository/ConfigData.xml
index 9274985a74edfa1ccfb7709ee979486733e8fe1b..fb16b8a6a309d8009f844fc01f2222e4536cf85b 100644
--- a/dev/tests/functional/tests/app/Magento/Backend/Test/Repository/ConfigData.xml
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/Repository/ConfigData.xml
@@ -5,7 +5,8 @@
* See COPYING.txt for license details.
*/
-->
-<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/Magento/Mtf/Repository/etc/repository.xsd">
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/Magento/Mtf/Repository/etc/repository.xsd">
<repository class="Magento\Config\Test\Repository\ConfigData">
<dataset name="store_information_US">
<field name="general/store_information/name" xsi:type="array">
@@ -165,12 +166,14 @@
<item name="scope_id" xsi:type="number">0</item>
<item name="label" xsi:type="string">Yes</item>
<item name="value" xsi:type="number">1</item>
+ <item name="inherit" xsi:type="number">1</item>
</field>
<field name="web/secure/use_in_adminhtml" xsi:type="array">
<item name="scope" xsi:type="string">default</item>
<item name="scope_id" xsi:type="number">0</item>
<item name="label" xsi:type="string">Yes</item>
<item name="value" xsi:type="number">1</item>
+ <item name="inherit" xsi:type="number">1</item>
</field>
</dataset>
@@ -220,6 +223,21 @@
</field>
</dataset>
+ <dataset name="disable_https_frontend_admin">
+ <field name="web/secure/use_in_frontend" xsi:type="array">
+ <item name="scope" xsi:type="string">default</item>
+ <item name="scope_id" xsi:type="number">0</item>
+ <item name="label" xsi:type="string">No</item>
+ <item name="value" xsi:type="number">0</item>
+ </field>
+ <field name="web/secure/use_in_adminhtml" xsi:type="array">
+ <item name="scope" xsi:type="string">default</item>
+ <item name="scope_id" xsi:type="number">0</item>
+ <item name="label" xsi:type="string">No</item>
+ <item name="value" xsi:type="number">0</item>
+ </field>
+ </dataset>
+
<dataset name="custom_allowed_country">
<field name="general/country/allow" xsi:type="array">
<item name="scope" xsi:type="string">default</item>
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.php b/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.php
new file mode 100644
index 0000000000000000000000000000000000000000..ffcea857d1ab5500c9c4ad8c92a768b837cec675
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.php
@@ -0,0 +1,157 @@
+<?php
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+namespace Magento\Backend\Test\TestCase;
+
+use Magento\Mtf\TestCase\Injectable;
+use Magento\Mtf\Fixture\FixtureFactory;
+use Magento\Backend\Test\Page\Adminhtml\SystemConfigEdit;
+use Magento\Mtf\Util\Command\Cli\Cache;
+use Magento\Mtf\Util\Command\Cli\StaticContent;
+
+/**
+ * Verify that Merchant can configure secure URLs for Storefront and/or Admin panel in order to improve Store security.
+ *
+ * Preconditions:
+ * 1. SSL on server is configured.
+ * 2. Secure URLs are disabled for Storefront & Admin (out-of-the-box Magento state).
+ *
+ * Steps:
+ * 1. Log in to Admin panel.
+ * 2. Go to "Stores > Configuration" page.
+ * 3. Select needed scope.
+ * 4. Go to "General > Web > Base URLs (Secure)" section.
+ * 5. Specify Base URL with Secure protocol in the same format as a Secure Base URL.
+ * (i) Make sure that Secure Base URL ends with a "/".
+ * 6. Enable Secure URLs for Storefront if there is a need.
+ * 7. Enable Secure URLs for Admin if there is a need.
+ * 8. Save the Config & refresh invalidated caches (Configuration, Page Cache).
+ * 9. Deploy static view files.
+ *
+ * 10. If Secure URLs for Storefront were enabled:
+ * 1. Assert that https is used all over the Storefront.
+ * 2. Assert that static content is deployed validly (ex: JS functionality works on Storefront).
+ * 3. Assert that Customer is redirected to https if trying to access the page directly via http.
+ * 11. If secure URLs for Storefront were disabled:
+ * 1. Assert that http is used all over the Storefront.
+ * 2. Assert that static content is deployed validly (ex: JS functionality works on Storefront).
+ *
+ * 12. If secure URLs for Admin were enabled:
+ * 1. Assert that https is used all over the Admin panel.
+ * 2. Assert that static content is deployed validly (ex: JS functionality works in Admin panel).
+ * 3. Assert that Merchant is redirected to https if trying to access the page directly via http.
+ * 13. If secure URLs for Admin were disabled:
+ * 1. Assert that http is used all over the Admin panel.
+ * 2. Assert that static content is deployed validly (ex: JS functionality works in Admin panel).
+ * 3. Assert that Merchant is redirected to http if trying to access the page directly via https.
+ *
+ * Postconditions:
+ * 1. Turn the Secure URLs usage off (with further cache refreshing & static content deploying).
+ *
+ * @ZephyrId MAGETWO-35408
+ */
+class ConfigureSecureUrlsTest extends Injectable
+{
+ /* tags */
+ const MVP = 'no';
+ const SEVERITY = 'S1';
+ /* end tags */
+
+ /**
+ * Fixture factory.
+ *
+ * @var FixtureFactory
+ */
+ protected $fixtureFactory;
+
+ /**
+ * "Configuration" page in Admin panel.
+ *
+ * @var SystemConfigEdit
+ */
+ protected $configurationAdminPage;
+
+ /**
+ * Cache CLI.
+ *
+ * @var Cache
+ */
+ protected $cache;
+
+ /**
+ * Static content CLI.
+ *
+ * @var StaticContent
+ */
+ protected $staticContent;
+
+ /**
+ * Prepare data for further test execution.
+ *
+ * @param FixtureFactory $fixtureFactory
+ * @param SystemConfigEdit $configurationAdminPage
+ * @param Cache $cache
+ * @param StaticContent $staticContent
+ * @return void
+ */
+ public function __inject(
+ FixtureFactory $fixtureFactory,
+ SystemConfigEdit $configurationAdminPage,
+ Cache $cache,
+ StaticContent $staticContent
+ ) {
+ $this->fixtureFactory = $fixtureFactory;
+ $this->configurationAdminPage = $configurationAdminPage;
+ $this->cache = $cache;
+ $this->staticContent = $staticContent;
+ }
+
+ /**
+ * Test execution.
+ *
+ * @param string $configData
+ * @return void
+ */
+ public function test($configData)
+ {
+ $data = [
+ 'web/secure/base_url' => [
+ 'scope' => 'default',
+ 'scope_id' => 0,
+ 'value' => str_replace(['http', 'index.php/'], ['https', ''], $_ENV['app_frontend_url'])
+ ]
+ ];
+ $config = $this->fixtureFactory->createByCode('configData', ['dataset' => $configData, 'data' => $data]);
+ $config->persist();
+
+ // Workaround until MTA-3879 is delivered.
+ $this->configurationAdminPage->open();
+ $this->configurationAdminPage->getForm()
+ ->getGroup('web', 'secure')
+ ->setValue('web', 'secure', 'use_in_adminhtml', 'Yes');
+ $this->configurationAdminPage->getPageActions()->save();
+ $_ENV['app_backend_url'] = str_replace('http', 'https', $_ENV['app_backend_url']);
+
+ $this->cache->flush(['config', 'full_page']);
+ $this->staticContent->deploy();
+ }
+
+ /**
+ * Revert all applied high-level changes.
+ *
+ * @return void
+ */
+ public function tearDown()
+ {
+ $this->configurationAdminPage->open();
+ $this->configurationAdminPage->getForm()
+ ->getGroup('web', 'secure')
+ ->setValue('web', 'secure', 'use_in_adminhtml', 'No');
+ $this->configurationAdminPage->getPageActions()->save();
+ $this->cache->flush(['config', 'full_page']);
+ $this->staticContent->deploy();
+ }
+}
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.xml b/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.xml
new file mode 100644
index 0000000000000000000000000000000000000000..7dde1f7fba2ad3988698ceaecfb9be027944b085
--- /dev/null
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/TestCase/ConfigureSecureUrlsTest.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+/**
+ * Copyright © 2016 Magento. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+ -->
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
+ <testCase name="Magento\Backend\Test\TestCase\ConfigureSecureUrlsTest" summary="Configure secure URLs" ticketId="MAGETWO-35408">
+ <variation name="ConfigureSecureUrlsHttpForStorefrontHttpsForAdmin" summary="http for Storefront, https for Admin" ticketId="MAGETWO-35408">
+ <data name="configData" xsi:type="string">disable_https_frontend_admin</data>
+ <data name="navMenuPath" xsi:type="string">Marketing>Catalog Price Rule</data>
+ <constraint name="Magento\Backend\Test\Constraint\AssertHttpUsedOnFrontend" />
+ <constraint name="Magento\Backend\Test\Constraint\AssertHttpsUsedOnBackend" />
+ </variation>
+ </testCase>
+</config>
diff --git a/dev/tests/functional/tests/app/Magento/Backend/Test/etc/di.xml b/dev/tests/functional/tests/app/Magento/Backend/Test/etc/di.xml
index bf3b7f2de945093690e6462b033759672579edf4..3f095920420e1a0356a81f505abdd21a9053d7fd 100644
--- a/dev/tests/functional/tests/app/Magento/Backend/Test/etc/di.xml
+++ b/dev/tests/functional/tests/app/Magento/Backend/Test/etc/di.xml
@@ -11,6 +11,16 @@
<argument name="severity" xsi:type="string">high</argument>
</arguments>
</type>
+ <type name="Magento\Backend\Test\Constraint\AssertHttpsUsedOnBackend">
+ <arguments>
+ <argument name="severity" xsi:type="string">high</argument>
+ </arguments>
+ </type>
+ <type name="Magento\Backend\Test\Constraint\AssertHttpsUsedOnFrontend">
+ <arguments>
+ <argument name="severity" xsi:type="string">middle</argument>
+ </arguments>
+ </type>
<type name="Magento\Backend\Test\Constraint\AssertStoreCanBeLocalized">
<arguments>
<argument name="severity" xsi:type="string">high</argument>