Merge branch 'develop' into fix/7802-deposit-withdrawal-text-changes

Automattic · Nov 6, 2024 · 59b3c3c · 59b3c3c
2 parents 6106fc1 + d741c61
commit 59b3c3c
Show file tree

Hide file tree

Showing 13 changed files with 70 additions and 24 deletions.
diff --git a/changelog/chore-affirm-remove-unused-multicurrency-import b/changelog/chore-affirm-remove-unused-multicurrency-import
@@ -0,0 +1,5 @@
+Significance: patch
+Type: fix
+Comment: Removing unused import.
+
+
diff --git a/changelog/fix-9271-hide-stripe-duplicates-warning-when-disabled b/changelog/fix-9271-hide-stripe-duplicates-warning-when-disabled
@@ -0,0 +1,5 @@
+Significance: patch
+Type: fix
+Comment: Small change affecting Stripe Gateway settings notices
+
+
diff --git a/changelog/fix-9661-avoid-php-warning b/changelog/fix-9661-avoid-php-warning
@@ -0,0 +1,4 @@
+Significance: patch
+Type: fix
+
+Avoid PHP warnings for requests with an empty path.
diff --git a/changelog/fix-payment-method-icon-alt-text b/changelog/fix-payment-method-icon-alt-text
@@ -0,0 +1,4 @@
+Significance: patch
+Type: fix
+
+fix: payment method icon alt text
diff --git a/changelog/fix-stripe-connect-breaks-underscore b/changelog/fix-stripe-connect-breaks-underscore
@@ -0,0 +1,5 @@
+Significance: patch
+Type: fix
+Comment: Change the way we load an external lib to avoid issues with underscore.
+
+
diff --git a/client/onboarding/steps/embedded-kyc.tsx b/client/onboarding/steps/embedded-kyc.tsx
@@ -5,7 +5,7 @@ import React, { useCallback, useEffect, useState } from 'react';
 import {
 	loadConnectAndInitialize,
 	StripeConnectInstance,
-} from '@stripe/connect-js';
+} from '@stripe/connect-js/pure';
 import {
 	ConnectAccountOnboarding,
 	ConnectComponentsProvider,

diff --git a/client/onboarding/steps/test/embedded-onboarding.tsx b/client/onboarding/steps/test/embedded-onboarding.tsx
@@ -4,15 +4,15 @@
 import React from 'react';
 import { render, screen, waitFor } from '@testing-library/react';
 import apiFetch from '@wordpress/api-fetch';
-import { loadConnectAndInitialize } from '@stripe/connect-js';
+import { loadConnectAndInitialize } from '@stripe/connect-js/pure';
 
 /**
  * Internal dependencies
  */
 import EmbeddedKyc from '../embedded-kyc';
 
 jest.mock( '@wordpress/api-fetch' );
-jest.mock( '@stripe/connect-js', () => ( {
+jest.mock( '@stripe/connect-js/pure', () => ( {
 	loadConnectAndInitialize: jest.fn(),
 } ) );
 

diff --git a/includes/class-duplicates-detection-service.php b/includes/class-duplicates-detection-service.php
@@ -136,18 +136,12 @@ private function search_for_payment_request_buttons() {
 		];
 
 		foreach ( $this->get_registered_gateways() as $gateway ) {
-			// Stripe gateway can enable PRBs while being disabled as well, hence no need to check for enabled status.
-			if ( 'stripe' === $gateway->id && 'yes' === $gateway->get_option( 'payment_request' ) ) {
-				$this->gateways_qualified_by_duplicates_detector[ $prb_payment_method ][] = $gateway->id;
-				continue;
-			}
-
 			if ( 'yes' === $gateway->enabled ) {
 				foreach ( $keywords as $keyword ) {
 					if ( strpos( $gateway->id, $keyword ) !== false ) {
 						$this->gateways_qualified_by_duplicates_detector[ $prb_payment_method ][] = $gateway->id;
 						break;
-					} elseif ( 'yes' === $gateway->get_option( 'payment_request' ) && 'woocommerce_payments' === $gateway->id ) {
+					} elseif ( 'yes' === $gateway->get_option( 'payment_request' ) ) {
 						$this->gateways_qualified_by_duplicates_detector[ $prb_payment_method ][] = $gateway->id;
 						break;
 					} elseif ( 'yes' === $gateway->get_option( 'express_checkout_enabled' ) ) {

diff --git a/includes/class-wc-payment-gateway-wcpay.php b/includes/class-wc-payment-gateway-wcpay.php
@@ -3231,12 +3231,18 @@ public function update_fraud_rules_based_on_general_options() {
 	}
 
 	/**
-	 * The get_icon() method from the WC_Payment_Gateway class wraps the icon URL into a prepared HTML element, but there are situations when this
-	 * element needs to be rendered differently on the UI (e.g. additional styles or `display` property).
+	 * Overriding the base method because the `alt` tag would otherwise output the markup returned by the `get_title()` method in this class - which we don't want.
 	 *
-	 * This is why we need a usual getter like this to provide a raw icon URL to the UI, which will render it according to particular requirements.
+	 * @return string
+	 */
+	public function get_icon() {
+		return '<img src="' . esc_url( WC_HTTPS::force_https_url( $this->get_icon_url() ) ) . '" alt="' . esc_attr( $this->payment_method->get_title() ) . ' payment method logo" />';
+	}
+
+	/**
+	 * The URL for the current payment method's icon.
 	 *
-	 * @return string Returns the payment method icon URL.
+	 * @return string The payment method icon URL.
 	 */
 	public function get_icon_url() {
 		return $this->payment_method->get_icon();

diff --git a/includes/class-wc-payments-utils.php b/includes/class-wc-payments-utils.php
@@ -1343,26 +1343,35 @@ public static function is_cart_block(): bool {
 	}
 
 	/**
-	 * Returns true if the request that's currently being processed is a Store API request, false
-	 * otherwise.
+	 * Determine if the request that's currently being processed is a Store API request.
 	 *
 	 * @return bool True if request is a Store API request, false otherwise.
 	 */
 	public static function is_store_api_request(): bool {
+		// @TODO We should move to a more robust way of getting to the route, like WC is doing in the StoreAPI library. https://github.com/woocommerce/woocommerce/blob/9ac48232a944baa2dbfaa7dd47edf9027cca9519/plugins/woocommerce/src/StoreApi/Authentication.php#L15-L15
 		if ( isset( $_REQUEST['rest_route'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
 			$rest_route = sanitize_text_field( $_REQUEST['rest_route'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash,WordPress.Security.NonceVerification
 		} else {
+			// Extract the request path from the request URL.
 			$url_parts    = wp_parse_url( esc_url_raw( $_SERVER['REQUEST_URI'] ?? '' ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash
-			$request_path = $url_parts ? rtrim( $url_parts['path'], '/' ) : '';
-			$rest_route   = str_replace( trailingslashit( rest_get_url_prefix() ), '', $request_path );
+			$request_path = ! empty( $url_parts['path'] ) ? rtrim( $url_parts['path'], '/' ) : '';
+			// Remove the REST API prefix from the request path to end up with the route.
+			$rest_route = str_replace( trailingslashit( rest_get_url_prefix() ), '', $request_path );
 		}
 
+		// Bail early if the rest route is empty.
+		if ( empty( $rest_route ) ) {
+			return false;
+		}
+
+		// Try to match the rest route against the store API route patterns.
 		foreach ( self::STORE_API_ROUTE_PATTERNS as $pattern ) {
 			if ( 1 === preg_match( $pattern, $rest_route ) ) {
 				return true;
 			}
 		}
 
+		// If no match was found, this is not a Store API request.
 		return false;
 	}
 

diff --git a/includes/payment-methods/class-affirm-payment-method.php b/includes/payment-methods/class-affirm-payment-method.php
@@ -11,7 +11,6 @@
 use WC_Payments_Utils;
 use WCPay\Constants\Country_Code;
 use WCPay\Constants\Currency_Code;
-use WCPay\MultiCurrency\MultiCurrency;
 
 /**
  * Affirm Payment Method class extending UPE base class

diff --git a/multi-currency/src/Utils.php b/multi-currency/src/Utils.php
@@ -90,18 +90,25 @@ public static function is_store_api_request() {
 	}
 
 	/**
-	 * Returns true if the request that's currently being processed is a Store API batch request, false
-	 * otherwise.
+	 * Determine if the request that's currently being processed is a Store API batch request.
 	 *
 	 * @return bool True if the request is a Store API batch request, false otherwise.
 	 */
 	public static function is_store_batch_request(): bool {
+		// @TODO We should move to a more robust way of getting to the route, like WC is doing in the StoreAPI library. https://github.com/woocommerce/woocommerce/blob/9ac48232a944baa2dbfaa7dd47edf9027cca9519/plugins/woocommerce/src/StoreApi/Authentication.php#L15-L15
 		if ( isset( $_REQUEST['rest_route'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification
 			$rest_route = sanitize_text_field( $_REQUEST['rest_route'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash,WordPress.Security.NonceVerification
 		} else {
+			// Extract the request path from the request URL.
 			$url_parts    = wp_parse_url( esc_url_raw( $_SERVER['REQUEST_URI'] ?? '' ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash
-			$request_path = $url_parts ? rtrim( $url_parts['path'], '/' ) : '';
-			$rest_route   = str_replace( trailingslashit( rest_get_url_prefix() ), '', $request_path );
+			$request_path = ! empty( $url_parts['path'] ) ? rtrim( $url_parts['path'], '/' ) : '';
+			// Remove the REST API prefix from the request path to end up with the route.
+			$rest_route = str_replace( trailingslashit( rest_get_url_prefix() ), '', $request_path );
+		}
+
+		// Bail early if the rest route is empty.
+		if ( empty( $rest_route ) ) {
+			return false;
 		}
 
 		return 1 === preg_match( '@^\/wc\/store(\/v[\d]+)?\/batch@', $rest_route );

diff --git a/tests/unit/test-class-wc-payments-utils.php b/tests/unit/test-class-wc-payments-utils.php
@@ -1109,11 +1109,19 @@ public function test_is_store_api_request_with_another_request() {
 	}
 
 	public function test_is_store_api_request_with_malformed_url() {
-		$_SERVER['REQUEST_URI'] = '///wp-json/wp/v2/users';
+		$_SERVER['REQUEST_URI'] = '///wp-json/wc/store/v1/checkout';
 
 		$this->assertFalse( WC_Payments_Utils::is_store_api_request() );
 	}
 
+	public function test_is_store_api_request_with_url_with_no_path() {
+		$_SERVER['REQUEST_URI'] = '?something';
+		$this->assertFalse( WC_Payments_Utils::is_store_api_request() );
+
+		$_SERVER['REQUEST_URI'] = '';
+		$this->assertFalse( WC_Payments_Utils::is_store_api_request() );
+	}
+
 	public function test_is_any_bnpl_method_available() {
 		// Price within range for Afterpay/Clearpay in the US.
 		$this->assertTrue(