AC-1271: Add rate limiting for payment information endpoint and mutation

Author: arhiopterecs

app/code/Magento/Quote/Model/Backpressure/OrderLimitConfigManager.php

@@ -79,12 +79,16 @@ public function readLimit(ContextInterface $context): LimitConfig
     public function isEnforcementEnabled(): bool
     {
         $loggerType = $this->deploymentConfig->get(RequestLoggerInterface::CONFIG_PATH_BACKPRESSURE_LOGGER);
+        if (!$loggerType) {
+            return false;
+        }
+
         $enabled = $this->config->isSetFlag('sales/backpressure/enabled', ScopeInterface::SCOPE_STORE);
-        if ($loggerType && $enabled) {
-            return true;
+        if (!$enabled) {
+            return false;
         }
 
-        return false;
+        return true;
     }
 
     /**
@@ -117,6 +121,6 @@ private function fetchGuestLimit(): int
      */
     private function fetchPeriod(): int
     {
-       return (int)$this->config->getValue('sales/backpressure/period', ScopeInterface::SCOPE_STORE);
+        return (int)$this->config->getValue('sales/backpressure/period', ScopeInterface::SCOPE_STORE);
     }
 }

app/code/Magento/Quote/Test/Unit/Model/Backpressure/OrderLimitConfigManagerTest.php

@@ -8,6 +8,9 @@
 
 namespace Magento\Quote\Test\Unit\Model\Backpressure;
 
+use Magento\Framework\App\DeploymentConfig;
+use Magento\Framework\Exception\FileSystemException;
+use Magento\Framework\Exception\RuntimeException;
 use Magento\Quote\Model\Backpressure\OrderLimitConfigManager;
 use Magento\Framework\App\Backpressure\ContextInterface;
 use Magento\Framework\App\Config\ScopeConfigInterface;
@@ -19,12 +22,17 @@ class OrderLimitConfigManagerTest extends TestCase
     /**
      * @var ScopeConfigInterface|MockObject
      */
-    private $config;
+    private $scopeConfigMock;
+
+    /**
+     * @var DeploymentConfig|MockObject
+     */
+    private $deploymentConfigMock;
 
     /**
      * @var OrderLimitConfigManager
      */
-    private $model;
+    private OrderLimitConfigManager $model;
 
     /**
      * @inheritDoc
@@ -33,9 +41,13 @@ protected function setUp(): void
     {
         parent::setUp();
 
-        $this->config = $this->createMock(ScopeConfigInterface::class);
+        $this->scopeConfigMock = $this->createMock(ScopeConfigInterface::class);
+        $this->deploymentConfigMock = $this->createMock(DeploymentConfig::class);
 
-        $this->model = new OrderLimitConfigManager($this->config);
+        $this->model = new OrderLimitConfigManager(
+            $this->scopeConfigMock,
+            $this->deploymentConfigMock
+        );
     }
 
     /**
@@ -62,6 +74,7 @@ public function getConfigCases(): array
      * @param int $expectedPeriod
      * @return void
      * @dataProvider getConfigCases
+     * @throws RuntimeException
      */
     public function testReadLimit(
         int $identityType,
@@ -71,102 +84,61 @@ public function testReadLimit(
         int $expectedLimit,
         int $expectedPeriod
     ): void {
-        $this->initConfig($guestLimit, $authLimit, $period, true);
-        $context = $this->createContext($identityType);
+        $context = $this->createMock(ContextInterface::class);
+        $context->method('getIdentityType')->willReturn($identityType);
+
+        $this->scopeConfigMock->method('getValue')
+            ->willReturnMap(
+                [
+                    ['sales/backpressure/limit', 'store', null, $authLimit],
+                    ['sales/backpressure/guest_limit', 'store', null, $guestLimit],
+                    ['sales/backpressure/period', 'store', null, $period],
+                ]
+            );
 
         $limit = $this->model->readLimit($context);
         $this->assertEquals($expectedLimit, $limit->getLimit());
         $this->assertEquals($expectedPeriod, $limit->getPeriod());
     }
 
     /**
-     * Config variations for enabled check.
-     *
-     * @return array
-     */
-    public function getEnabledCases(): array
-    {
-        return [
-            'disabled' => [100, 100, 60, false, false],
-            'guest-misconfigured-1' => [0, 100, 60, true, false],
-            'auth-misconfigured-1' => [10, -1, 60, true, false],
-            'period-misconfigured-1' => [10, 111, 0, true, false],
-            'enabled' => [10, 111, 60, true, true]
-        ];
-    }
-
-    /**
-     * Verify logic behind enabled check.
+     * Verify logic behind enabled check
      *
-     * @param int $guestLimit
-     * @param int $authLimit
-     * @param int $period
      * @param bool $enabled
      * @param bool $expected
+     * @param string|null $requestLoggerType
      * @return void
+     * @throws RuntimeException
+     * @throws FileSystemException
      * @dataProvider getEnabledCases
      */
     public function testIsEnforcementEnabled(
-        int $guestLimit,
-        int $authLimit,
-        int $period,
-        bool $enabled,
-        bool $expected
+        bool    $enabled,
+        bool    $expected,
+        ?string $requestLoggerType
     ): void {
-        $this->initConfig($guestLimit, $authLimit, $period, $enabled);
+        $this->deploymentConfigMock->method('get')
+            ->with('backpressure/logger/type')
+            ->willReturn($requestLoggerType);
+        $this->scopeConfigMock->method('isSetFlag')
+            ->with('sales/backpressure/enabled')
+            ->willReturn($enabled);
 
         $this->assertEquals($expected, $this->model->isEnforcementEnabled());
     }
 
     /**
-     * Initialize config mock.
-     *
-     * @param int $guest
-     * @param int $auth
-     * @param int $period
-     * @param bool $enabled
-     * @return void
-     */
-    private function initConfig(int $guest, int $auth, int $period, bool $enabled): void
-    {
-        $this->config->method('getValue')
-            ->willReturnCallback(
-                function (string $path) use ($auth, $guest, $period): ?string {
-                    switch ($path) {
-                        case 'sales/backpressure/limit':
-                            return (string) $auth;
-                        case 'sales/backpressure/guest_limit':
-                            return (string) $guest;
-                        case 'sales/backpressure/period':
-                            return (string) $period;
-                    }
-
-                    return null;
-                }
-            );
-        $this->config->method('isSetFlag')
-            ->willReturnCallback(
-                function (string $path) use ($enabled): bool {
-                    if ($path === 'sales/backpressure/enabled') {
-                        return $enabled;
-                    }
-
-                    return false;
-                }
-            );
-    }
-
-    /**
-     * Create backpressure context.
+     * Config variations for enabled check.
      *
-     * @param int $identityType
-     * @return ContextInterface
+     * @return array
      */
-    private function createContext(int $identityType): ContextInterface
+    public function getEnabledCases(): array
     {
-        $context = $this->createMock(ContextInterface::class);
-        $context->method('getIdentityType')->willReturn($identityType);
-
-        return $context;
+        return [
+            'disabled' => [false, false, null],
+            'disabled-request-logger-type-exists' => [false, false, 'requestLoggerType'],
+            'enabled-request-logger-type-not-exist' => [true, false, null],
+            'enabled' => [true, true, 'requestLoggerType'],
+        ];
     }
 }

lib/internal/Magento/Framework/App/Backpressure/SlidingWindow/RedisRequestLogger.php

@@ -39,8 +39,6 @@ class RedisRequestLogger implements RequestLoggerInterface
     public const CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_DB = 'backpressure/logger/options/db';
     public const CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_PASSWORD = 'backpressure/logger/options/password';
     public const CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_USER = 'backpressure/logger/options/user';
-    public const CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_COMPRESS_DATA = 'backpressure/logger/options/compress-data';
-    public const CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_COMPRESSION_LIB = 'backpressure/logger/options/compression-lib';
     public const CONFIG_PATH_BACKPRESSURE_LOGGER_ID_PREFIX = 'backpressure/logger/id-prefix';
 
     /**
@@ -59,8 +57,6 @@ class RedisRequestLogger implements RequestLoggerInterface
         self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_DB => 3,
         self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_PASSWORD => null,
         self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_USER => null,
-        self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_COMPRESS_DATA => 0,
-        self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_COMPRESSION_LIB => null,
     ];
 
     /**
@@ -76,11 +72,6 @@ class RedisRequestLogger implements RequestLoggerInterface
         self::KEY_USER => self::CONFIG_PATH_BACKPRESSURE_LOGGER_REDIS_USER,
     ];
 
-    /**
-     * Valid compression libs
-     */
-    public const VALID_COMPRESSION_LIBS = ['gzip', 'lzf', 'lz4', 'snappy'];
-
     /**
      * @var Credis_Client
      */

lib/internal/Magento/Framework/App/Backpressure/SlidingWindow/RequestLoggerFactory.php

@@ -36,6 +36,8 @@ public function __construct(ObjectManagerInterface $objectManager, array $types)
     }
 
     /**
+     * @inheritDoc
+     * 
      * @param string $type
      * @return RequestLoggerInterface
      * @throws RuntimeException