Merge pull request #3174 from magento-qwerty/MAGETWO-93969

Performed tasks:
- MAGETWO-93969 Declaring allowed HTTP methods for controllers

Author: dvoskoboinikov

app/code/Magento/AdminNotification/Controller/Adminhtml/Notification/Index.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\AdminNotification\Controller\Adminhtml\Notification;
 
-class Index extends \Magento\AdminNotification\Controller\Adminhtml\Notification
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class Index extends \Magento\AdminNotification\Controller\Adminhtml\Notification implements HttpGetActionInterface
 {
     /**
      * @return void

app/code/Magento/AdvancedPricingImportExport/Controller/Adminhtml/Export/GetFilter.php

@@ -5,12 +5,14 @@
  */
 namespace Magento\AdvancedPricingImportExport\Controller\Adminhtml\Export;
 
+use Magento\Framework\App\Action\HttpGetActionInterface;
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
 use Magento\ImportExport\Controller\Adminhtml\Export as ExportController;
 use Magento\Framework\Controller\ResultFactory;
 use Magento\AdvancedPricingImportExport\Model\Export\AdvancedPricing as ExportAdvancedPricing;
 use Magento\Catalog\Model\Product as CatalogProduct;
 
-class GetFilter extends ExportController
+class GetFilter extends ExportController implements HttpGetActionInterface, HttpPostActionInterface
 {
     /**
      * Get grid-filter of entity attributes action.

app/code/Magento/Analytics/Controller/Adminhtml/BIEssentials/SignUp.php

@@ -5,14 +5,15 @@
  */
 namespace Magento\Analytics\Controller\Adminhtml\BIEssentials;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Backend\App\Action;
 use Magento\Backend\App\Action\Context;
 use Magento\Framework\App\Config\ScopeConfigInterface;
 
 /**
  * Provides link to BI Essentials signup
  */
-class SignUp extends Action
+class SignUp extends Action implements HttpGetActionInterface
 {
     /**
      * Path to config value with URL to BI Essentials sign-up page.

app/code/Magento/Analytics/Controller/Adminhtml/Reports/Show.php

@@ -5,6 +5,7 @@
  */
 namespace Magento\Analytics\Controller\Adminhtml\Reports;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Analytics\Model\Exception\State\SubscriptionUpdateException;
 use Magento\Analytics\Model\ReportUrlProvider;
 use Magento\Backend\App\Action;
@@ -16,7 +17,7 @@
 /**
  * Provide redirect to resource with reports.
  */
-class Show extends Action
+class Show extends Action implements HttpGetActionInterface
 {
     /**
      * @var ReportUrlProvider

app/code/Magento/Authorizenet/Controller/Directpost/Payment/Place.php

@@ -6,6 +6,7 @@
 
 namespace Magento\Authorizenet\Controller\Directpost\Payment;
 
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
 use Magento\Authorizenet\Controller\Directpost\Payment;
 use Magento\Authorizenet\Helper\DataFactory;
 use Magento\Checkout\Model\Type\Onepage;
@@ -25,7 +26,7 @@
  *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
-class Place extends Payment
+class Place extends Payment implements HttpPostActionInterface
 {
     /**
      * @var \Magento\Quote\Api\CartManagementInterface

app/code/Magento/Backend/Block/Widget/Form/Container.php

@@ -93,7 +93,7 @@ protected function _construct()
                     'class' => 'delete',
                     'onclick' => 'deleteConfirm(\'' . __(
                         'Are you sure you want to do this?'
-                    ) . '\', \'' . $this->getDeleteUrl() . '\')'
+                    ) . '\', \'' . $this->getDeleteUrl() . '\', {data: {}})'
                 ]
             );
         }

app/code/Magento/Backend/Controller/Adminhtml/Auth/DeniedJson.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Auth;
 
-class DeniedJson extends \Magento\Backend\Controller\Adminhtml\Auth
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class DeniedJson extends \Magento\Backend\Controller\Adminhtml\Auth implements HttpGetActionInterface
 {
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory

app/code/Magento/Backend/Controller/Adminhtml/Auth/Login.php

@@ -6,11 +6,14 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Auth;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGet;
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPost;
+
 /**
  * @api
  * @since 100.0.2
  */
-class Login extends \Magento\Backend\Controller\Adminhtml\Auth
+class Login extends \Magento\Backend\Controller\Adminhtml\Auth implements HttpGet, HttpPost
 {
     /**
      * @var \Magento\Framework\View\Result\PageFactory

app/code/Magento/Backend/Controller/Adminhtml/Auth/Logout.php

@@ -6,7 +6,10 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Auth;
 
-class Logout extends \Magento\Backend\Controller\Adminhtml\Auth
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGet;
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPost;
+
+class Logout extends \Magento\Backend\Controller\Adminhtml\Auth implements HttpGet, HttpPost
 {
     /**
      * Administrator logout action

app/code/Magento/Backend/Controller/Adminhtml/Cache/CleanImages.php

@@ -6,10 +6,11 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Controller\ResultFactory;
 
-class CleanImages extends \Magento\Backend\Controller\Adminhtml\Cache
+class CleanImages extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Backend/Controller/Adminhtml/Cache/CleanMedia.php

@@ -6,10 +6,11 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Controller\ResultFactory;
 
-class CleanMedia extends \Magento\Backend\Controller\Adminhtml\Cache
+class CleanMedia extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Backend/Controller/Adminhtml/Cache/CleanStaticFiles.php

@@ -6,9 +6,10 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Framework\Controller\ResultFactory;
 
-class CleanStaticFiles extends \Magento\Backend\Controller\Adminhtml\Cache
+class CleanStaticFiles extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Backend/Controller/Adminhtml/Cache/FlushAll.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
-class FlushAll extends \Magento\Backend\Controller\Adminhtml\Cache
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class FlushAll extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Backend/Controller/Adminhtml/Cache/FlushSystem.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
-class FlushSystem extends \Magento\Backend\Controller\Adminhtml\Cache
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class FlushSystem extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Authorization level of a basic admin session

app/code/Magento/Backend/Controller/Adminhtml/Cache/Index.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Cache;
 
-class Index extends \Magento\Backend\Controller\Adminhtml\Cache
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class Index extends \Magento\Backend\Controller\Adminhtml\Cache implements HttpGetActionInterface
 {
     /**
      * Display cache management grid

app/code/Magento/Backend/Controller/Adminhtml/Dashboard/Index.php

@@ -6,7 +6,11 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Dashboard;
 
-class Index extends \Magento\Backend\Controller\Adminhtml\Dashboard
+use Magento\Backend\Controller\Adminhtml\Dashboard as DashboardAction;
+use Magento\Framework\App\Action\HttpGetActionInterface;
+use Magento\Framework\App\Action\HttpPostActionInterface;
+
+class Index extends DashboardAction implements HttpGetActionInterface, HttpPostActionInterface
 {
     /**
      * @var \Magento\Framework\View\Result\PageFactory

app/code/Magento/Backend/Controller/Adminhtml/Index/GlobalSearch.php

@@ -6,11 +6,15 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Index;
 
+use Magento\Backend\Controller\Adminhtml\Index as IndexAction;
+use Magento\Framework\App\Action\HttpGetActionInterface;
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
+
 /**
  * @api
  * @since 100.0.2
  */
-class GlobalSearch extends \Magento\Backend\Controller\Adminhtml\Index
+class GlobalSearch extends IndexAction implements HttpGetActionInterface, HttpPostActionInterface
 {
     /**
      * @var \Magento\Framework\Controller\Result\JsonFactory

app/code/Magento/Backend/Controller/Adminhtml/Index/Index.php

@@ -6,7 +6,10 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Index;
 
-class Index extends \Magento\Backend\Controller\Adminhtml\Index
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGet;
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPost;
+
+class Index extends \Magento\Backend\Controller\Adminhtml\Index implements HttpGet, HttpPost
 {
     /**
      * Admin area entry point

app/code/Magento/Backend/Controller/Adminhtml/Noroute/Index.php

@@ -6,6 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\Noroute;
 
+/**
+ * @SuppressWarnings(PHPMD.AllPurposeAction)
+ */
 class Index extends \Magento\Backend\App\Action
 {
     /**

app/code/Magento/Backend/Controller/Adminhtml/System/Account/Index.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Account;
 
-class Index extends \Magento\Backend\Controller\Adminhtml\System\Account
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class Index extends \Magento\Backend\Controller\Adminhtml\System\Account implements HttpGetActionInterface
 {
     /**
      * @var \Magento\Framework\View\Result\PageFactory

app/code/Magento/Backend/Controller/Adminhtml/System/Design/Index.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Design;
 
-class Index extends \Magento\Backend\Controller\Adminhtml\System\Design
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class Index extends \Magento\Backend\Controller\Adminhtml\System\Design implements HttpGetActionInterface
 {
     /**
      * @return \Magento\Backend\Model\View\Result\Page

app/code/Magento/Backend/Controller/Adminhtml/System/Store/DeleteWebsite.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
-class DeleteWebsite extends \Magento\Backend\Controller\Adminhtml\System\Store
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class DeleteWebsite extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpGetActionInterface
 {
     /**
      * @return \Magento\Framework\Controller\ResultInterface

app/code/Magento/Backend/Controller/Adminhtml/System/Store/DeleteWebsitePost.php

@@ -6,9 +6,10 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
 use Magento\Framework\Controller\ResultFactory;
 
-class DeleteWebsitePost extends \Magento\Backend\Controller\Adminhtml\System\Store
+class DeleteWebsitePost extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpPostActionInterface
 {
     /**
      * @return \Magento\Backend\Model\View\Result\Redirect

app/code/Magento/Backend/Controller/Adminhtml/System/Store/EditStore.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
-class EditStore extends \Magento\Backend\Controller\Adminhtml\System\Store
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class EditStore extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpGetActionInterface
 {
     /**
      * @return \Magento\Framework\Controller\ResultInterface

app/code/Magento/Backend/Controller/Adminhtml/System/Store/EditWebsite.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
-class EditWebsite extends \Magento\Backend\Controller\Adminhtml\System\Store
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class EditWebsite extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpGetActionInterface
 {
     /**
      * @return \Magento\Backend\Model\View\Result\Forward

app/code/Magento/Backend/Controller/Adminhtml/System/Store/Index.php

@@ -6,12 +6,13 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
 use Magento\Framework\Controller\ResultFactory;
 
 /**
  * Class Index returns Stores page
  */
-class Index extends \Magento\Backend\Controller\Adminhtml\System\Store
+class Index extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpGetActionInterface
 {
     /**
      * Returns Stores page

app/code/Magento/Backend/Controller/Adminhtml/System/Store/Save.php

@@ -6,12 +6,14 @@
  */
 namespace Magento\Backend\Controller\Adminhtml\System\Store;
 
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
+
 /**
  * Class Save
  *
  * Save controller for system entities such as: Store, StoreGroup, Website
  */
-class Save extends \Magento\Backend\Controller\Adminhtml\System\Store
+class Save extends \Magento\Backend\Controller\Adminhtml\System\Store implements HttpPostActionInterface
 {
     /**
      * Process Website model save

app/code/Magento/Backend/etc/adminhtml/di.xml

@@ -14,8 +14,6 @@
     <preference for="Magento\Framework\App\DefaultPathInterface" type="Magento\Backend\App\DefaultPath" />
     <preference for="Magento\Backend\App\ConfigInterface" type="Magento\Backend\App\Config" />
     <preference for="Magento\Framework\App\Response\Http\FileFactory" type="Magento\Backend\App\Response\Http\FileFactory" />
-    <preference for="Magento\Framework\App\Request\ValidatorInterface"
-                type="Magento\Backend\App\Request\BackendValidator" />
     <type name="Magento\Framework\Stdlib\DateTime\Timezone">
         <arguments>
             <argument name="scopeType" xsi:type="const">Magento\Framework\App\Config\ScopeConfigInterface::SCOPE_TYPE_DEFAULT</argument>
@@ -169,4 +167,5 @@
             <argument name="defaultClass" xsi:type="string">Magento\Backend\Block\Template</argument>
         </arguments>
     </type>
+    <preference for="CsrfRequestValidator" type="Magento\Backend\App\Request\BackendValidator" />
 </config>

app/code/Magento/Backup/Controller/Adminhtml/Index/Index.php

@@ -6,7 +6,9 @@
  */
 namespace Magento\Backup\Controller\Adminhtml\Index;
 
-class Index extends \Magento\Backup\Controller\Adminhtml\Index
+use Magento\Framework\App\Action\HttpGetActionInterface as HttpGetActionInterface;
+
+class Index extends \Magento\Backup\Controller\Adminhtml\Index implements HttpGetActionInterface
 {
     /**
      * Backup list action

app/code/Magento/Captcha/Controller/Refresh/Index.php

@@ -8,9 +8,10 @@
  */
 namespace Magento\Captcha\Controller\Refresh;
 
+use Magento\Framework\App\Action\HttpPostActionInterface as HttpPostActionInterface;
 use Magento\Framework\App\Action\Context;
 
-class Index extends \Magento\Framework\App\Action\Action
+class Index extends \Magento\Framework\App\Action\Action implements HttpPostActionInterface
 {
     /**
      * @var \Magento\Captcha\Helper\Data

app/code/Magento/Catalog/Block/Adminhtml/Category/Edit/DeleteButton.php

@@ -27,7 +27,8 @@ public function getButtonData()
             return [
                 'id' => 'delete',
                 'label' => __('Delete'),
-                'on_click' => "categoryDelete('" . $this->getDeleteUrl() . "')",
+                'on_click' => "deleteConfirm('" .__('Are you sure you want to delete this category?') ."', '"
+                    . $this->getDeleteUrl() . "', {data: {}})",
                 'class' => 'delete',
                 'sort_order' => 10
             ];