PluginProbe ʕ •ᴥ•ʔ
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments / 2.13.0
SureCart – Ecommerce Made Easy For Selling Physical Products, Digital Downloads, Subscriptions, Donations, & Payments v2.13.0
4.4.2 4.4.1 4.4.0 4.3.3 4.3.2 4.3.1 4.3.0 4.2.3 4.2.2 4.2.1 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.10 1.1.11 1.1.12 1.1.13 1.1.14 1.1.15 1.1.16 1.1.17 1.1.18 1.1.19 1.1.2 1.1.3 1.1.4 1.1.5 1.1.6 1.1.7 1.1.8 1.1.9 1.10.0 1.10.1 1.10.2 1.10.3 1.10.4 1.11.0 1.11.1 1.11.2 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.4.0 1.4.1 1.4.2 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.7.0 1.7.1 1.7.2 1.8.0 1.8.1 1.8.2 1.8.3 1.8.4 1.8.5 1.9.0 1.9.1 1.9.2 1.9.3 1.9.4 1.9.5 2.0.0 2.0.1 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.10.0 2.10.1 2.11.0 2.11.1 2.11.2 2.11.3 2.11.4 2.12.0 2.13.0 2.14.0 2.14.1 2.15.0 2.15.1 2.16.0 2.16.1 2.16.2 2.16.3 2.17.0 2.17.1 2.17.2 2.18.0 2.19.0 2.19.2 2.19.3 2.19.4 2.2.0 2.2.1 2.20.0 2.20.1 2.20.2 2.20.3 2.20.4 2.20.5 2.20.6 2.21.0 2.22.0 2.22.1 2.23.0 2.24.0 2.25.0 2.25.1 2.25.2 2.26.0 2.27.0 2.27.1 2.28.0 2.29.0 2.29.1 2.29.2 2.29.3 2.29.4 2.3.0 2.3.1 2.30.0 2.31.0 2.31.1 2.31.2 2.31.3 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.40.0 2.40.1 2.5.0 2.5.1 2.5.2 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.8.2 2.8.3 2.8.4 2.9.0 3.0.0 3.0.0-RC1 3.0.0-RC2 3.0.0-beta1 3.0.0-beta2 3.0.1 3.0.2 3.0.3 3.0.4 3.0.5 3.1.0 3.1.1 3.1.2 3.1.3 3.1.4 3.1.5 3.1.6 3.10.0 3.10.1 3.11.0 3.12.0 3.13.0 3.13.1 3.13.2 3.13.3 3.13.4 3.14.0 3.15.0 3.15.1 3.15.2 3.15.3 3.15.4 3.15.5 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.16.6 3.16.7 3.16.8 3.17.0 3.17.1 3.17.2 3.17.3 3.17.4 3.17.5 3.17.6 3.18.0 3.19.0 3.19.1 3.19.2 3.2.0 3.2.1 3.2.2 3.20.0 3.20.1 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.4.3 3.5.0 3.5.1 3.5.2 3.5.3 3.6.0 3.6.1 3.6.2 3.7.0 3.7.1 3.7.2 3.7.3 3.8.0 3.8.1 3.8.2 3.8.3 3.8.4 3.8.5 3.9.0 4.0.0 4.0.1 4.0.2 4.0.3 trunk 4.1.0 0.2.19.1 4.1.1 1.0.0 4.2.0 1.0.1 1.0.2
surecart / app / src / Rest / CheckoutRestServiceProvider.php
surecart / app / src / Rest Last commit date
AbandonedCheckoutProtocolRestServiceProvider.php 3 years ago AbandonedCheckoutRestServiceProvider.php 2 years ago AccountRestServiceProvider.php 3 years ago ActivationRestServiceProvider.php 3 years ago BalanceTransactionRestServiceProvider.php 3 years ago BlockPatternsRestServiceProvider.php 3 years ago BrandRestServiceProvider.php 3 years ago BumpRestServiceProvider.php 3 years ago CancellationActRestServiceProvider.php 3 years ago CancellationReasonRestServiceProvider.php 3 years ago ChargesRestServiceProvider.php 3 years ago CheckEmailRestServiceProvider.php 3 years ago CheckoutRestServiceProvider.php 3 years ago CouponRestServiceProvider.php 3 years ago CustomerNotificationProtocolRestServiceProvider.php 3 years ago CustomerRestServiceProvider.php 3 years ago DownloadRestServiceProvider.php 3 years ago DraftCheckoutRestServiceProvider.php 2 years ago FulfillmentRestServiceProvider.php 3 years ago IncomingWebhooksRestServiceProvider.php 2 years ago IntegrationProvidersRestServiceProvider.php 3 years ago IntegrationsRestServiceProvider.php 3 years ago InvoicesRestServiceProvider.php 3 years ago LicenseRestServiceProvider.php 3 years ago LineItemsRestServiceProvider.php 3 years ago LoginRestServiceProvider.php 3 years ago ManualPaymentMethodsRestServiceProvider.php 3 years ago MediaRestServiceProvider.php 2 years ago OrderProtocolRestServiceProvider.php 3 years ago OrderRestServiceProvider.php 3 years ago PaymentIntentsRestServiceProvider.php 3 years ago PaymentMethodsRestServiceProvider.php 2 years ago PeriodRestServiceProvider.php 3 years ago PortalProtocolRestServiceProvider.php 3 years ago PriceRestServiceProvider.php 3 years ago ProcessorRestServiceProvider.php 3 years ago ProductCollectionsRestServiceProvider.php 2 years ago ProductGroupsRestServiceProvider.php 3 years ago ProductMediaRestServiceProvider.php 3 years ago ProductsRestServiceProvider.php 2 years ago PromotionRestServiceProvider.php 3 years ago ProvisionalAccountRestServiceProvider.php 3 years ago PurchasesRestServiceProvider.php 3 years ago RefundsRestServiceProvider.php 3 years ago RegisteredWebhookRestServiceProvider.php 2 years ago RestServiceInterface.php 3 years ago RestServiceProvider.php 3 years ago ReturnItemsRestServiceProvider.php 2 years ago ReturnReasonsRestServiceProvider.php 2 years ago ReturnRequestsRestServiceProvider.php 2 years ago SettingsRestServiceProvider.php 3 years ago ShippingMethodRestServiceProvider.php 3 years ago ShippingProfileRestServiceProvider.php 3 years ago ShippingProtocolRestServiceProvider.php 3 years ago ShippingRateRestServiceProvider.php 3 years ago ShippingZoneRestServiceProvider.php 3 years ago SiteHealthRestServiceProvider.php 2 years ago StatisticRestServiceProvider.php 3 years ago SubscriptionProtocolRestServiceProvider.php 3 years ago SubscriptionRestServiceProvider.php 3 years ago TaxProtocolRestServiceProvider.php 3 years ago TaxRegistrationRestServiceProvider.php 3 years ago TaxZoneRestServiceProvider.php 3 years ago UploadsRestServiceProvider.php 3 years ago VariantOptionsRestServiceProvider.php 2 years ago VariantValuesRestServiceProvider.php 2 years ago VariantsRestServiceProvider.php 2 years ago VerificationCodeRestServiceProvider.php 3 years ago WebhooksRestServiceProvider.php 3 years ago
CheckoutRestServiceProvider.php
297 lines
1 <?php
2
3 namespace SureCart\Rest;
4
5 use SureCart\Rest\RestServiceInterface;
6 use SureCart\Controllers\Rest\CheckoutsController;
7 use SureCart\Form\FormValidationService;
8 use SureCart\Models\Form;
9 use SureCart\Models\Product;
10 use SureCart\Models\User;
11
12 /**
13 * Service provider for Price Rest Requests
14 */
15 class CheckoutRestServiceProvider extends RestServiceProvider implements RestServiceInterface {
16 /**
17 * Endpoint.
18 *
19 * @var string
20 */
21 protected $endpoint = 'checkouts';
22
23 /**
24 * Rest Controller
25 *
26 * @var string
27 */
28 protected $controller = CheckoutsController::class;
29
30 /**
31 * Methods allowed for the model.
32 *
33 * @var array
34 */
35 protected $methods = [ 'index', 'create', 'find', 'edit' ];
36
37 /**
38 * Register Additional REST Routes
39 *
40 * @return void
41 */
42 public function registerRoutes() {
43 register_rest_route(
44 "$this->name/v$this->version",
45 $this->endpoint . '/(?P<id>\S+)/finalize/',
46 [
47 [
48 'methods' => \WP_REST_Server::EDITABLE,
49 'callback' => $this->callback( $this->controller, 'finalize' ),
50 'permission_callback' => [ $this, 'finalize_permissions_check' ],
51 ],
52 // Register our schema callback.
53 'schema' => [ $this, 'get_item_schema' ],
54 ]
55 );
56 register_rest_route(
57 "$this->name/v$this->version",
58 $this->endpoint . '/(?P<id>\S+)/confirm/',
59 [
60 [
61 'methods' => \WP_REST_Server::EDITABLE,
62 'callback' => $this->callback( $this->controller, 'confirm' ),
63 'permission_callback' => [ $this, 'confirm_permissions_check' ],
64 ],
65 // Register our schema callback.
66 'schema' => [ $this, 'get_item_schema' ],
67 ]
68 );
69 register_rest_route(
70 "$this->name/v$this->version",
71 $this->endpoint . '/(?P<id>\S+)/manually_pay/',
72 [
73 [
74 'methods' => \WP_REST_Server::EDITABLE,
75 'callback' => $this->callback( $this->controller, 'manuallyPay' ),
76 'permission_callback' => [ $this, 'manually_pay_permissions_check' ],
77 ],
78 // Register our schema callback.
79 'schema' => [ $this, 'get_item_schema' ],
80 ]
81 );
82 register_rest_route(
83 "$this->name/v$this->version",
84 $this->endpoint . '/(?P<id>\S+)/cancel/',
85 [
86 [
87 'methods' => \WP_REST_Server::EDITABLE,
88 'callback' => $this->callback( $this->controller, 'cancel' ),
89 'permission_callback' => [ $this, 'cancel_item_permissions_check' ],
90 ],
91 // Register our schema callback.
92 'schema' => [ $this, 'get_item_schema' ],
93 ]
94 );
95 }
96
97 /**
98 * Get our sample schema for a post.
99 *
100 * @return array The sample schema for a post
101 */
102 public function get_item_schema() {
103 if ( $this->schema ) {
104 // Since WordPress 5.3, the schema can be cached in the $schema property.
105 return $this->schema;
106 }
107
108 $this->schema = [
109 // This tells the spec of JSON Schema we are using which is draft 4.
110 '$schema' => 'http://json-schema.org/draft-04/schema#',
111 // The title property marks the identity of the resource.
112 'title' => $this->endpoint,
113 'type' => 'object',
114 // In JSON Schema you can specify object properties in the properties attribute.
115 'properties' => [
116 'id' => [
117 'description' => esc_html__( 'Unique identifier for the object.', 'surecart' ),
118 'type' => 'string',
119 'context' => [ 'view', 'edit', 'embed' ],
120 'readonly' => true,
121 ],
122 'currency' => [
123 'description' => esc_html__( 'The currency for the session.', 'surecart' ),
124 'type' => 'string',
125 ],
126 'metadata' => [
127 'description' => esc_html__( 'Metadata for the order.', 'surecart' ),
128 'type' => 'object',
129 // 'context' => [ 'edit' ],
130 ],
131 'customer_id' => [
132 'description' => esc_html__( 'The customer id for the order.', 'surecart' ),
133 'type' => 'string',
134 'context' => [ 'edit' ],
135 ],
136 'customer' => [
137 'description' => esc_html__( 'The customer for the session.', 'surecart' ),
138 'type' => 'object',
139 'context' => [ 'edit' ],
140 ],
141 'line_items' => [
142 'description' => esc_html__( 'The line items for the session.', 'surecart' ),
143 'type' => 'object',
144 ],
145 'discount' => [
146 'description' => esc_html__( 'The discount for the session.', 'surecart' ),
147 'type' => 'object',
148 ],
149 ],
150 ];
151
152 return $this->schema;
153 }
154
155 /**
156 * Finalizing an order requires some server side form validation.
157 *
158 * @param \WP_REST_Request $request Full details about the request.
159 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
160 */
161 public function finalize_permissions_check( \WP_REST_Request $request ) {
162 // form id or a product id is required.
163 if ( empty( $request['form_id'] ) && empty( $request['product_id'] ) ) {
164 return new \WP_Error( 'form_id_required', esc_html__( 'Form ID is required.', 'surecart' ), [ 'status' => 400 ] );
165 }
166
167 // get form.
168 if ( ! empty( $request['form_id'] ) ) {
169 $form = get_post( $request['form_id'] );
170 if ( ! $form || 'sc_form' !== $form->post_type ) {
171 return new \WP_Error( 'form_id_invalid', esc_html__( 'Form ID is invalid.', 'surecart' ), [ 'status' => 400 ] );
172 }
173 // validate form input based on saved form content.
174 $validator = new FormValidationService( $form->post_content, $request->get_body_params() );
175 $validated = $validator->validate();
176 if ( is_wp_error( $validated ) ) {
177 return $validated;
178 }
179 }
180
181 return true;
182 }
183
184 /**
185 * Confirming an order was paid for.
186 *
187 * @param \WP_REST_Request $request Full details about the request.
188 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
189 */
190 public function confirm_permissions_check( \WP_REST_Request $request ) {
191 return $this->get_item_permissions_check( $request );
192 }
193
194 /**
195 * Filters a response based on the context defined in the schema.
196 *
197 * @since 4.7.0
198 *
199 * @param array|\WP_REST_Response $data Response data to filter.
200 * @param string $context Context defined in the schema.
201 * @return array Filtered response.
202 */
203 public function filter_response_by_context( $data, $context ) {
204 $schema = $this->get_item_schema();
205
206 // if the user can edit customers, show the edit context.
207 if ( current_user_can( 'edit_sc_customers' ) ) {
208 return rest_filter_response_by_context( $data, $schema, 'edit' );
209 }
210
211 $data = is_a( $data, 'WP_REST_Response' ) ? $data->get_data() : $data;
212
213 // if the user is logged in, and we have customer data.
214 // if it matches the current customer, then we can show the edit context.
215 if ( is_user_logged_in() && ! empty( $data['customer'] ) ) {
216 $customer_id = ! empty( $data['customer']['id'] ) ? $data['customer']['id'] : $data['customer'];
217 if ( User::current()->customerId() === $customer_id ) {
218 return rest_filter_response_by_context( $data, $schema, 'edit' );
219 }
220 }
221
222 return rest_filter_response_by_context( $data, $schema, 'view' );
223 }
224
225
226 /**
227 * Anyone can get a specific order if they have the unique order id.
228 *
229 * @param \WP_REST_Request $request Full details about the request.
230 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
231 */
232 public function get_item_permissions_check( $request ) {
233 return true;
234 }
235
236 /**
237 * Listing
238 *
239 * @param \WP_REST_Request $request Full details about the request.
240 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
241 */
242 public function get_items_permissions_check( $request ) {
243 return current_user_can( 'read_sc_checkouts', $request->get_params() );
244 }
245
246 /**
247 * Anyone can create.
248 *
249 * @param \WP_REST_Request $request Full details about the request.
250 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
251 */
252 public function create_item_permissions_check( $request ) {
253 return true;
254 }
255
256 /**
257 * Update permissions.
258 *
259 * @param \WP_REST_Request $request Full details about the request.
260 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
261 */
262 public function update_item_permissions_check( $request ) {
263 return true;
264 }
265
266 /**
267 * Nobody can delete.
268 *
269 * @param \WP_REST_Request $request Full details about the request.
270 * @return false
271 */
272 public function delete_item_permissions_check( $request ) {
273 return false;
274 }
275
276 /**
277 * Can the user manually mark the checkout as paid?
278 *
279 * @param \WP_REST_Request $request Full details about the request.
280 *
281 * @return boolean
282 */
283 public function manually_pay_permissions_check( $request ) {
284 return current_user_can( 'edit_sc_checkouts' );
285 }
286
287 /**
288 * Cancelling orders.
289 *
290 * @param \WP_REST_Request $request Full details about the request.
291 * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise.
292 */
293 public function cancel_item_permissions_check( $request ) {
294 return current_user_can( 'edit_sc_orders' );
295 }
296 }
297