Merge pull request #754 from magento-troll/MAGETWO-62324

Story:
- MAGETWO-62324: Remove uses of unserialize in \Magento\Framework\Flag attribute flag_data

Author: MomotenkoNatalia

lib/internal/Magento/Framework/Flag.php

@@ -26,6 +26,51 @@ class Flag extends Model\AbstractModel
      */
     protected $_flagCode = null;
 
+    /**
+     * Serializer for encode/decode string/data.
+     *
+     * @var \Magento\Framework\Serialize\Serializer\Json
+     */
+    private $json;
+
+    /**
+     * Serializer for encode/decode string/data.
+     *
+     * @var \Magento\Framework\Serialize\Serializer\Serialize
+     */
+    private $serialize;
+
+    /**
+     * @param \Magento\Framework\Model\Context $context
+     * @param \Magento\Framework\Registry $registry
+     * @param \Magento\Framework\Model\ResourceModel\AbstractResource $resource
+     * @param \Magento\Framework\Data\Collection\AbstractDb $resourceCollection
+     * @param array $data
+     * @param \Magento\Framework\Serialize\Serializer\Json $json
+     * @param \Magento\Framework\Serialize\Serializer\Serialize $serialize
+     */
+    public function __construct(
+        \Magento\Framework\Model\Context $context,
+        \Magento\Framework\Registry $registry,
+        \Magento\Framework\Model\ResourceModel\AbstractResource $resource = null,
+        \Magento\Framework\Data\Collection\AbstractDb $resourceCollection = null,
+        array $data = [],
+        \Magento\Framework\Serialize\Serializer\Json $json = null,
+        \Magento\Framework\Serialize\Serializer\Serialize $serialize = null
+    ) {
+        $this->json = $json ?: \Magento\Framework\App\ObjectManager::getInstance()
+            ->get(\Magento\Framework\Serialize\Serializer\Json::class);
+        $this->serialize = $serialize ?: \Magento\Framework\App\ObjectManager::getInstance()
+            ->get(\Magento\Framework\Serialize\Serializer\Serialize::class);
+        parent::__construct(
+            $context,
+            $registry,
+            $resource,
+            $resourceCollection,
+            $data
+        );
+    }
+
     /**
      * Init resource model
      * Set flag_code if it is specified in arguments
@@ -68,9 +113,13 @@ public function beforeSave()
     public function getFlagData()
     {
         if ($this->hasFlagData()) {
-            return unserialize($this->getData('flag_data'));
-        } else {
-            return null;
+            $flagData = $this->getData('flag_data');
+            $data = $this->json->unserialize($flagData);
+            if (JSON_ERROR_NONE == json_last_error()) {
+                return $data;
+            } else {
+                return $this->serialize->unserialize($flagData);
+            }
         }
     }
 
@@ -82,7 +131,7 @@ public function getFlagData()
      */
     public function setFlagData($value)
     {
-        return $this->setData('flag_data', serialize($value));
+        return $this->setData('flag_data', $this->json->serialize($value));
     }
 
     /**

lib/internal/Magento/Framework/Test/Unit/FlagTest.php

@@ -17,6 +17,16 @@ class FlagTest extends \PHPUnit_Framework_TestCase
      */
     protected $flag;
 
+    /**
+     * @var \Magento\Framework\Serialize\Serializer\Json
+     */
+    private $json;
+
+    /**
+     * @var \Magento\Framework\Serialize\Serializer\Serialize
+     */
+    private $serialize;
+
     protected function setUp()
     {
         $data = ['flag_code' => 'synchronize'];
@@ -71,13 +81,22 @@ protected function createInstance(array $data = [])
         $resourceCollection = $this->getMockBuilder(\Magento\Framework\Data\Collection\AbstractDb::class)
             ->disableOriginalConstructor()
             ->getMockForAbstractClass();
+        $this->json = $this->getMockBuilder(\Magento\Framework\Serialize\Serializer\Json::class)
+            ->setMethods(null)
+            ->getMock();
+
+        $this->serialize = $this->getMockBuilder(\Magento\Framework\Serialize\Serializer\Serialize::class)
+            ->setMethods(null)
+            ->getMock();
 
         $this->flag = new \Magento\Framework\Flag(
             $context,
             $registry,
             $resource,
             $resourceCollection,
-            $data
+            $data,
+            $this->json,
+            $this->serialize
         );
     }
 
@@ -94,7 +113,17 @@ public function testConstruct()
         $this->assertEquals($flagCode, $this->flag->getFlagCode());
     }
 
-    public function testGetFlagData()
+    public function testGetFlagDataJson()
+    {
+        $result = $this->flag->getFlagData();
+        $this->assertNull($result);
+        $flagData = json_encode('data');
+        $this->flag->setData('flag_data', $flagData);
+        $result = $this->flag->getFlagData();
+        $this->assertEquals(json_decode($flagData), $result);
+    }
+
+    public function testGetFlagDataSerialized()
     {
         $result = $this->flag->getFlagData();
         $this->assertNull($result);
@@ -108,7 +137,7 @@ public function testSetFlagData()
     {
         $flagData = 'data';
         $this->flag->setFlagData($flagData);
-        $result = unserialize($this->flag->getData('flag_data'));
+        $result = json_decode($this->flag->getData('flag_data'));
         $this->assertEquals($flagData, $result);
     }