magento
diff --git a/‎composer.json‎
Lines changed: 1 addition & 1 deletion b/‎composer.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎patches-info.json‎
Lines changed: 1 addition & 1 deletion b/‎patches-info.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎patches/commerce/ACSD-59414_2.4.6-p5_v2.patch‎
Lines changed: 0 additions & 43 deletions b/‎patches/commerce/ACSD-59414_2.4.6-p5_v2.patch‎
Lines changed: 0 additions & 43 deletions
diff --git a/‎patches/commerce/ACSD-68451_1.5.2.patch‎
Lines changed: 76 additions & 0 deletions b/‎patches/commerce/ACSD-68451_1.5.2.patch‎
Lines changed: 76 additions & 0 deletions
diff --git a/‎patches/commerce/ACSD-68490_2.4.6.patch‎
Lines changed: 79 additions & 0 deletions b/‎patches/commerce/ACSD-68490_2.4.6.patch‎
Lines changed: 79 additions & 0 deletions
diff --git a/‎patches/commerce/ACSD-68573_2.4.7-p6.patch‎
Lines changed: 171 additions & 0 deletions b/‎patches/commerce/ACSD-68573_2.4.7-p6.patch‎
Lines changed: 171 additions & 0 deletions
@@ -2,7 +2,7 @@
     "name": "magento/quality-patches",
     "description": "Provides quality patches for AdobeCommerce & Magento OpenSource",
     "type": "magento2-component",
-    "version": "1.1.74",
+    "version": "1.1.75",
     "license": "proprietary",
     "repositories": {
         "repo": {
 
@@ -0,0 +1,76 @@
+diff --git a/vendor/magento/module-company/Controller/Account/CreatePost.php b/vendor/magento/module-company/Controller/Account/CreatePost.php
+index 98c9befe59bd..aac210f0642c 100644
+--- a/vendor/magento/module-company/Controller/Account/CreatePost.php
++++ b/vendor/magento/module-company/Controller/Account/CreatePost.php
+@@ -25,7 +25,6 @@
+ use Magento\Company\Model\CompanyUser;
+ use Magento\Company\Model\Create\Session;
+ use Magento\Company\Model\Customer\Company;
+-use Magento\Company\Model\Customer\IsSuperUser;
+ use Magento\Customer\Api\AccountManagementInterface;
+ use Magento\Customer\Api\CustomerRepositoryInterface;
+ use Magento\Customer\Api\Data\CustomerInterface;
+@@ -43,6 +42,7 @@
+ use Magento\Framework\Exception\NoSuchEntityException;
+ use Magento\Company\Model\Customer\AccountManagement\CompanyRequestHydrator;
+ use Psr\Log\LoggerInterface;
++use Magento\Framework\App\Http\Context as HttpContext;
+ 
+ /**
+  * Create company account action.
+@@ -118,9 +118,9 @@ class CreatePost extends Action implements HttpPostActionInterface
+     private $customerRepository;
+ 
+     /**
+-     * @var IsSuperUser
++     * @var HttpContext
+      */
+-    private $isSuperUser;
++    private $httpContext;
+ 
+     /**
+      * @var CompanyRequestHydrator
+@@ -141,8 +141,8 @@ class CreatePost extends Action implements HttpPostActionInterface
+      * @param CustomerExtractor|null $customerExtractor
+      * @param Company|null $customerCompany
+      * @param CustomerRepositoryInterface|null $customerRepository
+-     * @param IsSuperUser|null $isSuperUser
+      * @param CompanyRequestHydrator|null $companyRequestHydrator
++     * @param HttpContext|null $httpContext
+      */
+     public function __construct(
+         Context                               $context,
+@@ -158,8 +158,8 @@ public function __construct(
+         ?CustomerExtractor                    $customerExtractor = null,
+         ?Company                              $customerCompany = null,
+         ?CustomerRepositoryInterface          $customerRepository = null,
+-        ?IsSuperUser                          $isSuperUser = null,
+-        ?CompanyRequestHydrator               $companyRequestHydrator = null
++        ?CompanyRequestHydrator               $companyRequestHydrator = null,
++        ?HttpContext                          $httpContext = null
+     ) {
+         parent::__construct($context);
+         $this->userContext = $userContext;
+@@ -178,10 +178,10 @@ public function __construct(
+             ?: ObjectManager::getInstance()->get(Company::class);
+         $this->customerRepository = $customerRepository
+             ?: ObjectManager::getInstance()->get(CustomerRepositoryInterface::class);
+-        $this->isSuperUser = $isSuperUser
+-            ?: ObjectManager::getInstance()->get(IsSuperUser::class);
+         $this->companyRequestHydrator = $companyRequestHydrator
+             ?: ObjectManager::getInstance()->get(CompanyRequestHydrator::class);
++        $this->httpContext = $httpContext
++            ?: ObjectManager::getInstance()->get(HttpContext::class);
+     }
+ 
+     /**
+@@ -240,6 +240,8 @@ public function execute()
+      */
+     private function createCompanyAndReturnSuperUser(CustomerInterface $customerData): CustomerInterface
+     {
++        $this->httpContext->unsValue(\Magento\Company\Model\CompanyContextInterface::CONTEXT_COMPANY_ID);
++
+         try {
+             $customer = $this->customerRepository->get($customerData->getEmail());
+         } catch (NoSuchEntityException $exception) {
+
@@ -0,0 +1,79 @@
+diff --git a/vendor/magento/module-admin-gws/Plugin/ConfigurableProduct/Block/Adminhtml/Product/Steps/SelectAttributes.php b/vendor/magento/module-admin-gws/Plugin/ConfigurableProduct/Block/Adminhtml/Product/Steps/SelectAttributes.php
+new file mode 100644
+index 000000000000..11bd8c3934db
+--- /dev/null
++++ b/vendor/magento/module-admin-gws/Plugin/ConfigurableProduct/Block/Adminhtml/Product/Steps/SelectAttributes.php
+@@ -0,0 +1,61 @@
++<?php
++/**
++ * ADOBE CONFIDENTIAL
++ *
++ * Copyright 2025 Adobe
++ * All Rights Reserved.
++ *
++ * NOTICE: All information contained herein is, and remains
++ * the property of Adobe and its suppliers, if any. The intellectual
++ * and technical concepts contained herein are proprietary to Adobe
++ * and its suppliers and are protected by all applicable intellectual
++ * property laws, including trade secret and copyright laws.
++ * Dissemination of this information or reproduction of this material
++ * is strictly forbidden unless prior written permission is obtained
++ * from Adobe.
++ */
++declare(strict_types=1);
++
++namespace Magento\AdminGws\Plugin\ConfigurableProduct\Block\Adminhtml\Product\Steps;
++
++use Magento\AdminGws\Model\Role;
++use Magento\ConfigurableProduct\Block\Adminhtml\Product\Steps\SelectAttributes as SelectAttributesBlock;
++
++/**
++ * Check if certain admin is allowed to create new product attribute.
++ */
++class SelectAttributes
++{
++    /**
++     * @var Role
++     */
++    private $role;
++
++    /**
++     * @param Role $role
++     */
++    public function __construct(Role $role)
++    {
++        $this->role = $role;
++    }
++
++    /**
++     * Around plugin to determine if admin is allowed to create new product attribute.
++     *
++     * @param SelectAttributesBlock $subject
++     * @param \Closure $proceed
++     * @param string $dataProvider
++     * @return string
++     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
++     */
++    public function aroundGetAddNewAttributeButton(
++        SelectAttributesBlock $subject,
++        \Closure $proceed,
++        $dataProvider = ''
++    ): string {
++        if (!$this->role->getIsAll()) {
++            return '';
++        }
++        return $proceed($dataProvider);
++    }
++}
+diff --git a/vendor/magento/module-admin-gws/etc/adminhtml/di.xml b/vendor/magento/module-admin-gws/etc/adminhtml/di.xml
+index 9075bc3b1c2c..bcf4f9b6373d 100644
+--- a/vendor/magento/module-admin-gws/etc/adminhtml/di.xml
++++ b/vendor/magento/module-admin-gws/etc/adminhtml/di.xml
+@@ -122,4 +122,7 @@
+     <type name="Magento\Store\Model\StoreSwitcher\ManageStoreCookie">
+         <plugin name="store_switcher_manage_store_cookie_plugin" type="Magento\AdminGws\Model\Plugin\Store\StoreSwitcher\ManageStoreCookie"/>
+     </type>
++    <type name="Magento\ConfigurableProduct\Block\Adminhtml\Product\Steps\SelectAttributes">
++        <plugin name="is_customer_allowed_to_create_new_attribute" type="Magento\AdminGws\Plugin\ConfigurableProduct\Block\Adminhtml\Product\Steps\SelectAttributes"/>
++    </type>
+ </config>
@@ -0,0 +1,171 @@
+diff --git a/vendor/magento/module-catalog-permissions/Plugin/Wishlist/Block/Customer/ApplyWishlistItemsPermissions.php b/vendor/magento/module-catalog-permissions/Plugin/Wishlist/Block/Customer/ApplyWishlistItemsPermissions.php
+new file mode 100644
+index 000000000000..8921a9a79062
+--- /dev/null
++++ b/vendor/magento/module-catalog-permissions/Plugin/Wishlist/Block/Customer/ApplyWishlistItemsPermissions.php
+@@ -0,0 +1,110 @@
++<?php
++/**
++ * ADOBE CONFIDENTIAL
++ *
++ * Copyright 2025 Adobe
++ * All Rights Reserved.
++ *
++ * NOTICE: All information contained herein is, and remains
++ * the property of Adobe and its suppliers, if any. The intellectual
++ * and technical concepts contained herein are proprietary to Adobe
++ * and its suppliers and are protected by all applicable intellectual
++ * property laws, including trade secret and copyright laws.
++ * Dissemination of this information or reproduction of this material
++ * is strictly forbidden unless prior written permission is obtained
++ * from Adobe.
++ */
++declare(strict_types=1);
++
++namespace Magento\CatalogPermissions\Plugin\Wishlist\Block\Customer;
++
++use Magento\CatalogPermissions\Model\Indexer\TableMaintainer;
++use Magento\CatalogPermissions\App\ConfigInterface;
++use Magento\CatalogPermissions\Helper\Data as Helper;
++use Magento\CatalogPermissions\Model\Permission;
++use Magento\Customer\Model\Session;
++use Magento\Framework\DB\Select;
++use Magento\Framework\Exception\LocalizedException;
++use Magento\Framework\Exception\NoSuchEntityException;
++use Magento\Store\Model\StoreManagerInterface;
++use Magento\Wishlist\Block\Customer\Wishlist;
++use Magento\Wishlist\Model\ResourceModel\Item\Collection;
++use Magento\CatalogPermissions\Model\ResourceModel\Permission as ResourcePermission;
++
++/**
++ * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
++ */
++class ApplyWishlistItemsPermissions
++{
++    /**
++     * @param Session $customerSession
++     * @param ConfigInterface $permissionsConfig
++     * @param ResourcePermission $resource
++     * @param StoreManagerInterface $storeManager
++     * @param TableMaintainer $tableMaintainer
++     * @param Helper $helper
++     */
++    public function __construct(
++        private readonly Session $customerSession,
++        private readonly ConfigInterface $permissionsConfig,
++        private readonly ResourcePermission $resource,
++        private readonly StoreManagerInterface $storeManager,
++        private readonly TableMaintainer $tableMaintainer,
++        private readonly Helper $helper
++    ) {
++    }
++
++    /**
++     * Apply category permissions on wishlist item collection
++     *
++     * @param Wishlist $subject
++     * @param Collection $result
++     * @return Collection
++     * @throws LocalizedException
++     * @throws NoSuchEntityException
++     * @throws \Zend_Db_Select_Exception
++     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
++     */
++    public function afterGetWishlistItems(Wishlist $subject, Collection $result): Collection
++    {
++        if (!$this->permissionsConfig->isEnabled()) {
++            return $result;
++        }
++        $customerGroupId = $this->customerSession->getCustomerGroupId();
++        $connection = $this->resource->getConnection();
++
++        $fromPart = $result->getSelect()->getPart(Select::FROM);
++
++        $conditions[] = 'perm.product_id = main_table.product_id';
++        $conditions[] = $connection->quoteInto('perm.store_id = ?', $this->storeManager->getStore()->getId());
++        $conditions[] = $connection->quoteInto('perm.customer_group_id = ?', $customerGroupId);
++        $joinConditions = join(' AND ', $conditions);
++        $tableName = $this->tableMaintainer->resolveMainTableNameProduct($customerGroupId);
++
++        if (!isset($fromPart['perm'])) {
++            $result->getSelect()->joinLeft(
++                ['perm' => $tableName],
++                $joinConditions,
++                ['grant_catalog_category_view', 'grant_catalog_product_price', 'grant_checkout_items']
++            );
++        }
++
++        if (isset($fromPart['perm'])) {
++            $fromPart['perm']['tableName'] = $tableName;
++            $fromPart['perm']['joinCondition'] = $joinConditions;
++            $result->getSelect()->setPart(Select::FROM, $fromPart);
++            return $result;
++        }
++
++        if (!$this->helper->isAllowedCategoryView()) {
++            $result->getSelect()->where('perm.grant_catalog_category_view = ?', Permission::PERMISSION_ALLOW);
++        } else {
++            $result->getSelect()->where(
++                'perm.grant_catalog_category_view != ?' . ' OR perm.grant_catalog_category_view IS NULL',
++                Permission::PERMISSION_DENY
++            );
++        }
++
++        return $result;
++    }
++}
+diff --git a/vendor/magento/module-catalog-permissions/etc/frontend/di.xml b/vendor/magento/module-catalog-permissions/etc/frontend/di.xml
+index 4d0c9657903c..ca4a73da4784 100644
+--- a/vendor/magento/module-catalog-permissions/etc/frontend/di.xml
++++ b/vendor/magento/module-catalog-permissions/etc/frontend/di.xml
+@@ -17,4 +17,8 @@
+         <plugin name="update_cache_plugin"
+                 type="Magento\CatalogPermissions\Plugin\UpdateCachePlugin" />
+     </type>
++    <type name="Magento\Wishlist\Block\Customer\Wishlist">
++        <plugin name="wishlist_items_apply_category_permissions"
++                type="Magento\CatalogPermissions\Plugin\Wishlist\Block\Customer\ApplyWishlistItemsPermissions" />
++    </type>
+ </config>
+diff --git a/vendor/magento/module-catalog-permissions/etc/graphql/events.xml b/vendor/magento/module-catalog-permissions/etc/graphql/events.xml
+new file mode 100644
+index 000000000000..c1605a6f688f
+--- /dev/null
++++ b/vendor/magento/module-catalog-permissions/etc/graphql/events.xml
+@@ -0,0 +1,23 @@
++<?xml version="1.0"?>
++<!--
++/**
++ * ADOBE CONFIDENTIAL
++ *
++ * Copyright 2025 Adobe
++ * All Rights Reserved.
++ *
++ * NOTICE: All information contained herein is, and remains
++ * the property of Adobe and its suppliers, if any. The intellectual
++ * and technical concepts contained herein are proprietary to Adobe
++ * and its suppliers and are protected by all applicable intellectual
++ * property laws, including trade secret and copyright laws.
++ * Dissemination of this information or reproduction of this material
++ * is strictly forbidden unless prior written permission is obtained
++ * from Adobe.
++ */
++-->
++<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Event/etc/events.xsd">
++    <event name="catalog_product_collection_load_after">
++        <observer name="magento_catalogpermissions" instance="Magento\CatalogPermissions\Observer\ApplyProductPermissionOnCollectionAfterLoadObserver"/>
++    </event>
++</config>
+diff --git a/vendor/magento/module-multiple-wishlist/Helper/Data.php b/vendor/magento/module-multiple-wishlist/Helper/Data.php
+index 9dcb51edf734..3611eceb794e 100644
+--- a/vendor/magento/module-multiple-wishlist/Helper/Data.php
++++ b/vendor/magento/module-multiple-wishlist/Helper/Data.php
+@@ -242,7 +242,7 @@ public function getWishlistItemCount(Wishlist $wishlist)
+         ) {
+             $count = $collection->getItemsQty();
+         } else {
+-            $count = $collection->getSize();
++            $count = count($collection->getItems());
+         }
+         return $count;
+     }