magento/graphql-ce#486: Add customer account validation in Quote operations

naydav · naydav · commit 30829e425d6b · 2019-06-20T15:28:01.000-05:00
diff --git a/app/code/Magento/QuoteGraphQl/Model/Resolver/SetPaymentMethodOnCart.php b/app/code/Magento/QuoteGraphQl/Model/Resolver/SetPaymentMethodOnCart.php
@@ -82,14 +82,14 @@ public function resolve(Field $field, $context, ResolveInfo $info, array $value
         }
         $maskedCartId = $args['input']['cart_id'];
 
-        $cart = $this->getCartForUser->execute($maskedCartId, $context->getUserId());
-        $this->checkCartCheckoutAllowance->execute($cart);
-
         if (!isset($args['input']['payment_method']['code']) || empty($args['input']['payment_method']['code'])) {
             throw new GraphQlInputException(__('Required parameter "code" for "payment_method" is missing.'));
         }
         $paymentMethodCode = $args['input']['payment_method']['code'];
 
+        $cart = $this->getCartForUser->execute($maskedCartId, $context->getUserId());
+        $this->checkCartCheckoutAllowance->execute($cart);
+
         $poNumber = $args['input']['payment_method']['purchase_order_number'] ?? null;
         $additionalData = $this->additionalDataProviderPool->getData($paymentMethodCode, $args) ?? [];
 
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Quote/Customer/SetPaymentMethodOnCartTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Quote/Customer/SetPaymentMethodOnCartTest.php
@@ -187,6 +187,9 @@ public function testSetPaymentMethodToAnotherCustomerCart()
      */
     public function testSetPaymentMethodWithoutRequiredParameters(string $input, string $message)
     {
+        $maskedQuoteId = $this->getMaskedQuoteIdByReservedOrderId->execute('test_quote');
+        $input = str_replace('cart_id_value', $maskedQuoteId, $input);
+
         $query = <<<QUERY
 mutation {
   setPaymentMethodOnCart(
@@ -235,11 +238,11 @@ public function dataProviderSetPaymentMethodWithoutRequiredParameters(): array
                 'Required parameter "cart_id" is missing.'
             ],
             'missed_payment_method' => [
-                'cart_id: "test_quote"',
+                'cart_id: "cart_id_value"',
                 'Required parameter "code" for "payment_method" is missing.'
             ],
             'missed_payment_method_code' => [
-                'cart_id: "test_quote", payment_method: {code: ""}',
+                'cart_id: "cart_id_value", payment_method: {code: ""}',
                 'Required parameter "code" for "payment_method" is missing.'
             ],
         ];
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Quote/Guest/SetPaymentMethodOnCartTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Quote/Guest/SetPaymentMethodOnCartTest.php
@@ -155,6 +155,9 @@ public function testSetPaymentMethodToCustomerCart()
      */
     public function testSetPaymentMethodWithoutRequiredParameters(string $input, string $message)
     {
+        $maskedQuoteId = $this->getMaskedQuoteIdByReservedOrderId->execute('test_quote');
+        $input = str_replace('cart_id_value', $maskedQuoteId, $input);
+
         $query = <<<QUERY
 mutation {
   setPaymentMethodOnCart(
@@ -185,11 +188,11 @@ public function dataProviderSetPaymentMethodWithoutRequiredParameters(): array
                 'Required parameter "cart_id" is missing.'
             ],
             'missed_payment_method' => [
-                'cart_id: "test_quote"',
+                'cart_id: "cart_id_value"',
                 'Required parameter "code" for "payment_method" is missing.'
             ],
             'missed_payment_method_code' => [
-                'cart_id: "test_quote", payment_method: {code: ""}',
+                'cart_id: "cart_id_value", payment_method: {code: ""}',
                 'Required parameter "code" for "payment_method" is missing.'
             ],
         ];
