Merge remote-tracking branch 'origin/AC-9244' into spartans_pr_10122025

glo60612 · glo60612 · commit 51188f4cfde1 · 2025-12-10T11:34:23.000+05:30
diff --git a/app/code/Magento/Sales/Plugin/Webapi/OrderResponseNullKeysPlugin.php b/app/code/Magento/Sales/Plugin/Webapi/OrderResponseNullKeysPlugin.php
@@ -0,0 +1,76 @@
+<?php
+/**
+ * Copyright 2025 Adobe
+ * All Rights Reserved.
+ */
+declare(strict_types=1);
+
+namespace Magento\Sales\Plugin\Webapi;
+
+use Magento\Framework\Webapi\ServiceOutputProcessor;
+use Magento\Sales\Api\OrderRepositoryInterface;
+
+/**
+ * @SuppressWarnings(PHPMD.CyclomaticComplexity)
+ */
+class OrderResponseNullKeysPlugin
+{
+    /**
+     * Ensure state/status keys exist as null for order responses, so REST includes them.
+     *
+     * @param ServiceOutputProcessor $subject
+     * @param mixed $result
+     * @param mixed $data
+     * @param string $serviceClassName
+     * @param string $serviceMethodName
+     * @return array|mixed
+     *
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    public function afterProcess(
+        ServiceOutputProcessor $subject,
+        $result,
+        $data,
+        string $serviceClassName,
+        string $serviceMethodName
+    ) {
+        if ($serviceClassName !== OrderRepositoryInterface::class) {
+            return $result;
+        }
+
+        if ($serviceMethodName === 'get' && is_array($result)) {
+            return $this->ensureOrderKeys($result);
+        }
+
+        if ($serviceMethodName === 'getList' &&
+            is_array($result) &&
+            isset($result['items'])
+            && is_array($result['items'])
+        ) {
+            foreach ($result['items'] as $i => $item) {
+                if (is_array($item)) {
+                    $result['items'][$i] = $this->ensureOrderKeys($item);
+                }
+            }
+        }
+
+        return $result;
+    }
+
+    /**
+     * If state and status key missing then set as null
+     *
+     * @param array $order
+     * @return array
+     */
+    private function ensureOrderKeys(array $order): array
+    {
+        if (!array_key_exists('state', $order)) {
+            $order['state'] = null;
+        }
+        if (!array_key_exists('status', $order)) {
+            $order['status'] = null;
+        }
+        return $order;
+    }
+}
diff --git a/app/code/Magento/Sales/Test/Unit/Plugin/Webapi/OrderResponseNullKeysPluginTest.php b/app/code/Magento/Sales/Test/Unit/Plugin/Webapi/OrderResponseNullKeysPluginTest.php
@@ -0,0 +1,135 @@
+<?php
+/**
+ * Copyright 2025 Adobe
+ * All Rights Reserved.
+ */
+declare(strict_types=1);
+
+namespace Magento\Sales\Test\Unit\Plugin\Webapi;
+
+use Magento\Framework\Webapi\ServiceOutputProcessor;
+use Magento\Sales\Api\OrderRepositoryInterface;
+use Magento\Sales\Plugin\Webapi\OrderResponseNullKeysPlugin;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+class OrderResponseNullKeysPluginTest extends TestCase
+{
+    /** @var ServiceOutputProcessor|MockObject */
+    private $serviceOutputProcessor;
+
+    /** @var OrderResponseNullKeysPlugin */
+    private $plugin;
+
+    protected function setUp(): void
+    {
+        $this->serviceOutputProcessor = $this->createMock(ServiceOutputProcessor::class);
+        $this->plugin = new OrderResponseNullKeysPlugin();
+    }
+
+    public function testAfterProcessNonOrderRepositoryReturnsUnchanged(): void
+    {
+        $input = ['foo' => 'bar'];
+
+        $result = $this->plugin->afterProcess(
+            $this->serviceOutputProcessor,
+            $input,
+            [],
+            \Magento\Catalog\Api\ProductRepositoryInterface::class,
+            'get'
+        );
+
+        $this->assertSame($input, $result);
+    }
+
+    public function testAfterProcessGetAddsNullKeysWhenMissing(): void
+    {
+        $input = ['entity_id' => 10];
+
+        $result = $this->plugin->afterProcess(
+            $this->serviceOutputProcessor,
+            $input,
+            [],
+            OrderRepositoryInterface::class,
+            'get'
+        );
+
+        $this->assertArrayHasKey('entity_id', $result);
+        $this->assertSame(10, $result['entity_id']);
+        $this->assertArrayHasKey('state', $result);
+        $this->assertNull($result['state']);
+        $this->assertArrayHasKey('status', $result);
+        $this->assertNull($result['status']);
+    }
+
+    public function testAfterProcessGetDoesNotOverwriteExistingKeys(): void
+    {
+        $input = ['entity_id' => 10, 'state' => 'processing', 'status' => 'processing'];
+
+        $result = $this->plugin->afterProcess(
+            $this->serviceOutputProcessor,
+            $input,
+            [],
+            OrderRepositoryInterface::class,
+            'get'
+        );
+
+        $this->assertSame('processing', $result['state']);
+        $this->assertSame('processing', $result['status']);
+    }
+
+    public function testAfterProcessGetListAddsNullKeysPerItem(): void
+    {
+        $input = [
+            'items' => [
+                ['entity_id' => 1, 'state' => 'processing', 'status' => 'processing'],
+                ['entity_id' => 2],
+                ['entity_id' => 3, 'state' => null], // state exists (null); status missing
+            ],
+            'search_criteria' => [],
+            'total_count' => 3,
+        ];
+
+        $result = $this->plugin->afterProcess(
+            $this->serviceOutputProcessor,
+            $input,
+            [],
+            OrderRepositoryInterface::class,
+            'getList'
+        );
+
+        $this->assertArrayHasKey('items', $result);
+        $this->assertCount(3, $result['items']);
+
+        // Item 0 unchanged
+        $this->assertSame('processing', $result['items'][0]['state']);
+        $this->assertSame('processing', $result['items'][0]['status']);
+
+        // Item 1 added nulls
+        $this->assertArrayHasKey('state', $result['items'][1]);
+        $this->assertNull($result['items'][1]['state']);
+        $this->assertArrayHasKey('status', $result['items'][1]);
+        $this->assertNull($result['items'][1]['status']);
+
+        // Item 2 keeps existing state (null) and adds missing status
+        $this->assertArrayHasKey('state', $result['items'][2]);
+        $this->assertNull($result['items'][2]['state']);
+        $this->assertArrayHasKey('status', $result['items'][2]);
+        $this->assertNull($result['items'][2]['status']);
+    }
+
+    public function testAfterProcessGetListWithoutItemsRemainsUnchanged(): void
+    {
+        $input = ['search_criteria' => [], 'total_count' => 0];
+
+        $result = $this->plugin->afterProcess(
+            $this->serviceOutputProcessor,
+            $input,
+            [],
+            OrderRepositoryInterface::class,
+            'getList'
+        );
+
+        $this->assertSame($input, $result);
+    }
+}
diff --git a/app/code/Magento/Sales/etc/webapi_rest/di.xml b/app/code/Magento/Sales/etc/webapi_rest/di.xml
@@ -31,4 +31,9 @@
                 type="Magento\Sales\Plugin\Model\OrderRepositoryPlugin"
                 sortOrder="10"/>
     </type>
+    <type name="Magento\Framework\Webapi\ServiceOutputProcessor">
+        <plugin name="sales_rest_add_null_state_status"
+                type="Magento\Sales\Plugin\Webapi\OrderResponseNullKeysPlugin"
+                sortOrder="10"/>
+    </type>
 </config>
diff --git a/dev/tests/api-functional/testsuite/Magento/Sales/Service/V1/OrderResponseNullKeysTest.php b/dev/tests/api-functional/testsuite/Magento/Sales/Service/V1/OrderResponseNullKeysTest.php
@@ -0,0 +1,150 @@
+<?php
+/**
+ * Copyright 2025 Adobe
+ * All Rights Reserved.
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Sales\Service\V1;
+
+use Magento\Authorization\Test\Fixture\Role;
+use Magento\Catalog\Test\Fixture\Product as ProductFixture;
+use Magento\Checkout\Test\Fixture\PlaceOrder as PlaceOrderFixture;
+use Magento\Checkout\Test\Fixture\SetBillingAddress as SetBillingAddressFixture;
+use Magento\Checkout\Test\Fixture\SetDeliveryMethod as SetDeliveryMethodFixture;
+use Magento\Checkout\Test\Fixture\SetGuestEmail as SetGuestEmailFixture;
+use Magento\Checkout\Test\Fixture\SetPaymentMethod as SetPaymentMethodFixture;
+use Magento\Checkout\Test\Fixture\SetShippingAddress as SetShippingAddressFixture;
+use Magento\Framework\Exception\AuthenticationException;
+use Magento\Framework\Exception\InputException;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Integration\Api\AdminTokenServiceInterface;
+use Magento\Quote\Test\Fixture\AddProductToCart as AddProductToCartFixture;
+use Magento\Quote\Test\Fixture\GuestCart as GuestCartFixture;
+use Magento\TestFramework\Fixture\Config as ConfigFixture;
+use Magento\TestFramework\Fixture\DataFixture;
+use Magento\TestFramework\Fixture\DataFixtureStorage;
+use Magento\TestFramework\Fixture\DataFixtureStorageManager;
+use Magento\TestFramework\Helper\Bootstrap as BootstrapHelper;
+use Magento\TestFramework\TestCase\WebapiAbstract;
+use Magento\User\Test\Fixture\User;
+use Magento\TestFramework\Helper\Bootstrap;
+use Magento\Framework\App\ResourceConnection;
+use Magento\Framework\DB\Sql\Expression;
+
+class OrderResponseNullKeysTest extends WebapiAbstract
+{
+    /**
+     * @var DataFixtureStorage
+     */
+    private $fixtures;
+
+    /**
+     * @var AdminTokenServiceInterface
+     */
+    private $adminToken;
+
+    /**
+     * @inheritdoc
+     */
+    protected function setUp(): void
+    {
+        parent::setUp();
+        $this->_markTestAsRestOnly();
+        $this->fixtures = BootstrapHelper::getObjectManager()->get(DataFixtureStorageManager::class)->getStorage();
+        $this->adminToken = BootstrapHelper::getObjectManager()->get(AdminTokenServiceInterface::class);
+    }
+
+    #[
+        DataFixture(Role::class, as: 'allRole'),
+        DataFixture(User::class, ['role_id' => '$allRole.id$'], as: 'allUser'),
+        ConfigFixture('cataloginventory/item_options/auto_return', 0),
+        ConfigFixture('payment/checkmo/active', '1'),
+        ConfigFixture('carriers/flatrate/active', '1'),
+        DataFixture(ProductFixture::class, [
+            'price' => 10.00,
+            'quantity_and_stock_status' => ['qty' => 100, 'is_in_stock' => true]
+        ], as: 'product'),
+        DataFixture(GuestCartFixture::class, as: 'cart'),
+        DataFixture(SetGuestEmailFixture::class, [
+            'cart_id' => '$cart.id$',
+            'email' => 'guest@example.com'
+        ]),
+        DataFixture(AddProductToCartFixture::class, [
+            'cart_id' => '$cart.id$',
+            'product_id' => '$product.id$',
+            'qty' => 1
+        ]),
+        DataFixture(SetBillingAddressFixture::class, ['cart_id' => '$cart.id$']),
+        DataFixture(SetShippingAddressFixture::class, ['cart_id' => '$cart.id$']),
+        DataFixture(SetDeliveryMethodFixture::class, [
+            'cart_id' => '$cart.id$',
+            'carrier_code' => 'flatrate',
+            'method_code' => 'flatrate'
+        ]),
+        DataFixture(SetPaymentMethodFixture::class, [
+            'cart_id' => '$cart.id$',
+            'method' => 'checkmo'
+        ]),
+        DataFixture(PlaceOrderFixture::class, ['cart_id' => '$cart.id$'], as: 'order'),
+    ]
+    public function testUserWithRestrictedWebsiteAndStoreGroup()
+    {
+        $order = $this->fixtures->get('order');
+        $orderId = (int) $order->getId();
+        $this->nullifyOrderStateStatus($orderId);
+
+        $user = $this->fixtures->get('allUser');
+        $accessToken = $this->getAccessToken($user->getUsername());
+        $serviceInfo = [
+            'rest' => [
+                'resourcePath' => '/V1/orders/' . $orderId,
+                'httpMethod' => 'GET',
+                'token' => $accessToken
+            ]
+        ];
+        $result = $this->_webApiCall($serviceInfo);
+
+        $this->assertIsArray($result);
+        $this->assertSame($orderId, (int)$result['entity_id']);
+        $this->assertArrayHasKey('state', $result);
+        $this->assertArrayHasKey('status', $result);
+        $this->assertNull($result['state']);
+        $this->assertNull($result['status']);
+    }
+
+    /**
+     * Update order status and state field as null
+     *
+     * @param int $orderId
+     * @return void
+     */
+    private function nullifyOrderStateStatus(int $orderId): void
+    {
+        $om = Bootstrap::getObjectManager();
+        $resource = $om->get(ResourceConnection::class);
+        $connection = $resource->getConnection();
+        $table = $resource->getTableName('sales_order');
+        $connection->update(
+            $table,
+            ['state' => new Expression('NULL'), 'status' => new Expression('NULL')],
+            ['entity_id = ?' => $orderId]
+        );
+    }
+
+    /**
+     * Get admin access token
+     *
+     * @param string $username
+     * @param string $password
+     * @return string
+     * @throws AuthenticationException
+     * @throws InputException
+     * @throws LocalizedException
+     */
+    private function getAccessToken(string $username, string $password = 'password1'): string
+    {
+        return $this->adminToken->createAdminAccessToken($username, $password);
+    }
+}
