PluginProbe ʕ •ᴥ•ʔ
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments / 1.4.0
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments v1.4.0
4.4.2 4.4.1 4.4.0 4.3.3 4.3.2 4.3.1 4.3.0 4.2.3 4.2.2 4.2.1 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.10 1.1.11 1.1.12 1.1.13 1.1.14 1.1.15 1.1.16 1.1.17 1.1.18 1.1.19 1.1.2 1.1.3 1.1.4 1.1.5 1.1.6 1.1.7 1.1.8 1.1.9 1.10.0 1.10.1 1.10.2 1.10.3 1.10.4 1.11.0 1.11.1 1.11.2 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.7.0 1.7.1 1.7.2 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.9.0 1.9.1 1.9.2 1.9.3 1.9.4 1.9.5 2.0.0 2.0.1 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.10.0 2.10.1 2.11.0 2.11.1 2.11.2 2.11.3 2.11.4 2.12.0 2.13.0 2.14.0 2.14.1 2.15.0 2.15.1 2.16.0 2.16.1 2.16.2 2.16.3 2.17.0 2.17.1 2.17.2 2.18.0 2.19.0 2.19.2 2.19.3 2.19.4 2.2.0 2.2.1 2.20.0 2.20.1 2.20.2 2.20.3 2.20.4 2.20.5 2.20.6 2.21.0 2.22.0 2.22.1 2.23.0 2.24.0 2.25.0 2.25.1 2.25.2 2.26.0 2.27.0 2.27.1 2.28.0 2.29.0 2.29.1 2.29.2 2.29.3 2.29.4 2.3.0 2.3.1 2.30.0 2.31.0 2.31.1 2.31.2 2.31.3 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.40.1 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.8.2 2.8.3 2.8.4 2.9.0 3.0.0 3.0.0-RC1 3.0.0-RC2 3.0.0-beta1 3.0.0-beta2 3.0.1 3.0.2 3.0.3 3.0.4 3.0.5 3.1.0 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.10.0 3.10.1 3.11.0 3.12.0 3.13.0 3.13.1 3.13.2 3.13.3 3.13.4 3.14.0 3.15.0 3.15.1 3.15.2 3.15.3 3.15.4 3.15.5 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.16.6 3.16.7 3.16.8 3.17.0 3.17.1 3.17.2 3.17.3 3.17.4 3.17.5 3.17.6 3.18.0 3.19.0 3.19.1 3.19.2 3.2.0 3.2.1 3.2.2 3.20.0 3.20.1 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.4.3 3.5.0 3.5.1 3.5.2 3.5.3 3.6.0 3.6.1 3.6.2 3.7.0 3.7.1 3.7.2 3.7.3 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.9.0 4.0.0 4.0.1 4.0.2 4.0.3 trunk 4.1.0 0.2.19.1 4.1.1 1.0.0 4.2.0 1.0.1 1.0.2
surecart / app / src / Rest / CheckoutRestServiceProvider.php
surecart / app / src / Rest Last commit date
AbandonedCheckoutProtocolRestServiceProvider.php 3 years ago AbandonedCheckoutRestServiceProvider.php 3 years ago AccountRestServiceProvider.php 3 years ago ActivationRestServiceProvider.php 3 years ago BalanceTransactionRestServiceProvider.php 3 years ago BlockPatternsRestServiceProvider.php 3 years ago BrandRestServiceProvider.php 3 years ago BumpRestServiceProvider.php 3 years ago ChargesRestServiceProvider.php 3 years ago CheckEmailRestServiceProvider.php 3 years ago CheckoutRestServiceProvider.php 3 years ago CouponRestServiceProvider.php 3 years ago CustomerLinksRestServiceProvider.php 3 years ago CustomerNotificationProtocolRestServiceProvider.php 3 years ago CustomerRestServiceProvider.php 3 years ago DownloadRestServiceProvider.php 3 years ago IntegrationProvidersRestServiceProvider.php 3 years ago IntegrationsRestServiceProvider.php 3 years ago InvoicesRestServiceProvider.php 3 years ago LicenseRestServiceProvider.php 3 years ago LoginRestServiceProvider.php 3 years ago ManualPaymentMethodsRestServiceProvider.php 3 years ago MediaRestServiceProvider.php 3 years ago OrderProtocolRestServiceProvider.php 3 years ago OrderRestServiceProvider.php 3 years ago PaymentIntentsRestServiceProvider.php 3 years ago PaymentMethodsRestServiceProvider.php 3 years ago PeriodRestServiceProvider.php 3 years ago PortalProtocolRestServiceProvider.php 3 years ago PriceRestServiceProvider.php 3 years ago ProcessorRestServiceProvider.php 3 years ago ProductGroupsRestServiceProvider.php 3 years ago ProductsRestServiceProvider.php 3 years ago PromotionRestServiceProvider.php 3 years ago PurchasesRestServiceProvider.php 3 years ago RefundsRestServiceProvider.php 3 years ago RestServiceInterface.php 3 years ago RestServiceProvider.php 3 years ago SettingsRestServiceProvider.php 3 years ago StatisticRestServiceProvider.php 3 years ago SubscriptionProtocolRestServiceProvider.php 3 years ago SubscriptionRestServiceProvider.php 3 years ago TaxProtocolRestServiceProvider.php 3 years ago TaxRegistrationRestServiceProvider.php 3 years ago TaxZoneRestServiceProvider.php 3 years ago UploadsRestServiceProvider.php 3 years ago VerificationCodeRestServiceProvider.php 3 years ago WebhooksRestServiceProvider.php 3 years ago
CheckoutRestServiceProvider.php
274 lines
1 <?php
2
3 namespace SureCart\Rest;
4
5 use SureCart\Rest\RestServiceInterface;
6 use SureCart\Controllers\Rest\CheckoutsController;
7 use SureCart\Form\FormValidationService;
8 use SureCart\Models\Form;
9 use SureCart\Models\User;
10
11 /**
12 * Service provider for Price Rest Requests
13 */
14 class CheckoutRestServiceProvider extends RestServiceProvider implements RestServiceInterface {
15 /**
16 * Endpoint.
17 *
18 * @var string
19 */
20 protected $endpoint = 'checkouts';
21
22 /**
23 * Rest Controller
24 *
25 * @var string
26 */
27 protected $controller = CheckoutsController::class;
28
29 /**
30 * Methods allowed for the model.
31 *
32 * @var array
33 */
34 protected $methods = [ 'index', 'create', 'find', 'edit' ];
35
36 /**
37 * Register Additional REST Routes
38 *
39 * @return void
40 */
41 public function registerRoutes() {
42 register_rest_route(
43 "$this->name/v$this->version",
44 $this->endpoint . '/(?P<id>\S+)/finalize/',
45 [
46 [
47 'methods' => \WP_REST_Server::EDITABLE,
48 'callback' => $this->callback( $this->controller, 'finalize' ),
49 'permission_callback' => [ $this, 'finalize_permissions_check' ],
50 ],
51 // Register our schema callback.
52 'schema' => [ $this, 'get_item_schema' ],
53 ]
54 );
55 register_rest_route(
56 "$this->name/v$this->version",
57 $this->endpoint . '/(?P<id>\S+)/confirm/',
58 [
59 [
60 'methods' => \WP_REST_Server::EDITABLE,
61 'callback' => $this->callback( $this->controller, 'confirm' ),
62 'permission_callback' => [ $this, 'confirm_permissions_check' ],
63 ],
64 // Register our schema callback.
65 'schema' => [ $this, 'get_item_schema' ],
66 ]
67 );
68 register_rest_route(
69 "$this->name/v$this->version",
70 $this->endpoint . '/(?P<id>\S+)/manually_pay/',
71 [
72 [
73 'methods' => \WP_REST_Server::EDITABLE,
74 'callback' => $this->callback( $this->controller, 'manuallyPay' ),
75 'permission_callback' => [ $this, 'manually_pay_permissions_check' ],
76 ],
77 // Register our schema callback.
78 'schema' => [ $this, 'get_item_schema' ],
79 ]
80 );
81 }
82
83 /**
84 * Get our sample schema for a post.
85 *
86 * @return array The sample schema for a post
87 */
88 public function get_item_schema() {
89 if ( $this->schema ) {
90 // Since WordPress 5.3, the schema can be cached in the $schema property.
91 return $this->schema;
92 }
93
94 $this->schema = [
95 // This tells the spec of JSON Schema we are using which is draft 4.
96 '$schema' => 'http://json-schema.org/draft-04/schema#',
97 // The title property marks the identity of the resource.
98 'title' => $this->endpoint,
99 'type' => 'object',
100 // In JSON Schema you can specify object properties in the properties attribute.
101 'properties' => [
102 'id' => [
103 'description' => esc_html__( 'Unique identifier for the object.', 'surecart' ),
104 'type' => 'string',
105 'context' => [ 'view', 'edit', 'embed' ],
106 'readonly' => true,
107 ],
108 'currency' => [
109 'description' => esc_html__( 'The currency for the session.', 'surecart' ),
110 'type' => 'string',
111 ],
112 'metadata' => [
113 'description' => esc_html__( 'Metadata for the order.', 'surecart' ),
114 'type' => 'object',
115 // 'context' => [ 'edit' ],
116 ],
117 'customer_id' => [
118 'description' => esc_html__( 'The customer id for the order.', 'surecart' ),
119 'type' => 'string',
120 'context' => [ 'edit' ],
121 ],
122 'customer' => [
123 'description' => esc_html__( 'The customer for the session.', 'surecart' ),
124 'type' => 'object',
125 'context' => [ 'edit' ],
126 ],
127 'line_items' => [
128 'description' => esc_html__( 'The line items for the session.', 'surecart' ),
129 'type' => 'object',
130 ],
131 'discount' => [
132 'description' => esc_html__( 'The discount for the session.', 'surecart' ),
133 'type' => 'object',
134 ],
135 ],
136 ];
137
138 return $this->schema;
139 }
140
141 /**
142 * Finalizing an order requires some server side form validation.
143 *
144 * @param \WP_REST_Request $request Full details about the request.
145 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
146 */
147 public function finalize_permissions_check( \WP_REST_Request $request ) {
148 // form id is required.
149 if ( empty( $request['form_id'] ) ) {
150 return new \WP_Error( 'form_id_required', esc_html__( 'Form ID is required.', 'surecart' ), [ 'status' => 400 ] );
151 }
152
153 // get form.
154 $form = get_post( $request['form_id'] );
155
156 if ( ! $form || 'sc_form' !== Form::getPostType() ) {
157 // form not found.
158 return new \WP_Error( 'form_id_invalid', esc_html__( 'Form ID is invalid.', 'surecart' ), [ 'status' => 400 ] );
159 }
160
161 // validate form input.
162 $validator = new FormValidationService( $form->post_content, $request->get_body_params() );
163 $validated = $validator->validate();
164 if ( is_wp_error( $validated ) ) {
165 return $validated;
166 }
167
168 return true;
169 }
170
171 /**
172 * Confirming an order was paid for.
173 *
174 * @param \WP_REST_Request $request Full details about the request.
175 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
176 */
177 public function confirm_permissions_check( \WP_REST_Request $request ) {
178 return $this->get_item_permissions_check( $request );
179 }
180
181 /**
182 * Filters a response based on the context defined in the schema.
183 *
184 * @since 4.7.0
185 *
186 * @param array|\WP_REST_Response $data Response data to filter.
187 * @param string $context Context defined in the schema.
188 * @return array Filtered response.
189 */
190 public function filter_response_by_context( $data, $context ) {
191 $schema = $this->get_item_schema();
192
193 // if the user can edit customers, show the edit context.
194 if ( current_user_can( 'edit_sc_customers' ) ) {
195 return rest_filter_response_by_context( $data, $schema, 'edit' );
196 }
197
198 $data = is_a( $data, 'WP_REST_Response' ) ? $data->get_data() : $data;
199
200 // if the user is logged in, and we have customer data.
201 // if it matches the current customer, then we can show the edit context.
202 if ( is_user_logged_in() && ! empty( $data['customer'] ) ) {
203 $customer_id = ! empty( $data['customer']['id'] ) ? $data['customer']['id'] : $data['customer'];
204 if ( User::current()->customerId() === $customer_id ) {
205 return rest_filter_response_by_context( $data, $schema, 'edit' );
206 }
207 }
208
209 return rest_filter_response_by_context( $data, $schema, 'view' );
210 }
211
212
213 /**
214 * Anyone can get a specific order if they have the unique order id.
215 *
216 * @param \WP_REST_Request $request Full details about the request.
217 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
218 */
219 public function get_item_permissions_check( $request ) {
220 return true;
221 }
222
223 /**
224 * Listing
225 *
226 * @param \WP_REST_Request $request Full details about the request.
227 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
228 */
229 public function get_items_permissions_check( $request ) {
230 return current_user_can( 'read_sc_checkouts', $request->get_params() );
231 }
232
233 /**
234 * Anyone can create.
235 *
236 * @param \WP_REST_Request $request Full details about the request.
237 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
238 */
239 public function create_item_permissions_check( $request ) {
240 return true;
241 }
242
243 /**
244 * Update permissions.
245 *
246 * @param \WP_REST_Request $request Full details about the request.
247 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
248 */
249 public function update_item_permissions_check( $request ) {
250 return true;
251 }
252
253 /**
254 * Nobody can delete.
255 *
256 * @param \WP_REST_Request $request Full details about the request.
257 * @return false
258 */
259 public function delete_item_permissions_check( $request ) {
260 return false;
261 }
262
263 /**
264 * Can the user manually mark the checkout as paid?
265 *
266 * @param \WP_REST_Request $request Full details about the request.
267 *
268 * @return boolean
269 */
270 public function manually_pay_permissions_check( $request ) {
271 return current_user_can( 'edit_sc_checkouts' );
272 }
273 }
274