SW-26909 - adjust customer module

Author: PascalThesing

engine/Shopware/Controllers/Backend/Customer.php

@@ -791,6 +791,9 @@ private function getCustomer(int $id): array
             $data['lastLogin'] = new DateTime('@0');
         }
 
+        unset($data['sessionId']);
+        unset($data['hashPassword']);
+
         return $data;
     }
 

tests/Functional/Controllers/Backend/CustomerTest.php

@@ -60,6 +60,23 @@ public function setUp(): void
         Shopware()->Plugins()->Backend()->Auth()->setNoAcl();
     }
 
+    public function testSensitiveDataIsNotSend(): void
+    {
+        $customer = $this->createDummyCustomer();
+
+        $params = [
+            'customerID' => $customer->getId(),
+        ];
+        $this->Request()->setMethod('POST')->setPost($params);
+        $this->dispatch('/backend/Customer/getDetail');
+
+        $body = $this->View()->getAssign();
+        static::assertTrue($body['success']);
+        static::assertArrayNotHasKey('hashPassword', $body['data']);
+        static::assertArrayNotHasKey('sessionId', $body['data']);
+        static::assertEquals('[email protected]', $body['data']['email']);
+    }
+
     /**
      * Test saveAction controller action - change payment mean
      *