AbandonedCheckoutProtocolRestServiceProvider.php
3 years ago
AbandonedCheckoutRestServiceProvider.php
3 years ago
AccountRestServiceProvider.php
3 years ago
ActivationRestServiceProvider.php
3 years ago
BalanceTransactionRestServiceProvider.php
3 years ago
BlockPatternsRestServiceProvider.php
3 years ago
BrandRestServiceProvider.php
3 years ago
BumpRestServiceProvider.php
3 years ago
CancellationActRestServiceProvider.php
3 years ago
CancellationReasonRestServiceProvider.php
3 years ago
ChargesRestServiceProvider.php
3 years ago
CheckEmailRestServiceProvider.php
3 years ago
CheckoutRestServiceProvider.php
3 years ago
CouponRestServiceProvider.php
3 years ago
CustomerLinksRestServiceProvider.php
3 years ago
CustomerNotificationProtocolRestServiceProvider.php
3 years ago
CustomerRestServiceProvider.php
3 years ago
DownloadRestServiceProvider.php
3 years ago
DraftCheckoutRestServiceProvider.php
2 years ago
FulfillmentRestServiceProvider.php
3 years ago
IncomingWebhooksRestServiceProvider.php
2 years ago
IntegrationProvidersRestServiceProvider.php
3 years ago
IntegrationsRestServiceProvider.php
3 years ago
InvoicesRestServiceProvider.php
3 years ago
LicenseRestServiceProvider.php
3 years ago
LineItemsRestServiceProvider.php
3 years ago
LoginRestServiceProvider.php
3 years ago
ManualPaymentMethodsRestServiceProvider.php
3 years ago
MediaRestServiceProvider.php
3 years ago
OrderProtocolRestServiceProvider.php
3 years ago
OrderRestServiceProvider.php
3 years ago
PaymentIntentsRestServiceProvider.php
3 years ago
PaymentMethodsRestServiceProvider.php
2 years ago
PeriodRestServiceProvider.php
3 years ago
PortalProtocolRestServiceProvider.php
3 years ago
PriceRestServiceProvider.php
3 years ago
ProcessorRestServiceProvider.php
3 years ago
ProductGroupsRestServiceProvider.php
3 years ago
ProductMediaRestServiceProvider.php
3 years ago
ProductsRestServiceProvider.php
3 years ago
PromotionRestServiceProvider.php
3 years ago
ProvisionalAccountRestServiceProvider.php
3 years ago
PurchasesRestServiceProvider.php
3 years ago
RefundsRestServiceProvider.php
3 years ago
RegisteredWebhookRestServiceProvider.php
2 years ago
RestServiceInterface.php
3 years ago
RestServiceProvider.php
3 years ago
SettingsRestServiceProvider.php
3 years ago
ShippingMethodRestServiceProvider.php
3 years ago
ShippingProfileRestServiceProvider.php
3 years ago
ShippingProtocolRestServiceProvider.php
3 years ago
ShippingRateRestServiceProvider.php
3 years ago
ShippingZoneRestServiceProvider.php
3 years ago
SiteHealthRestServiceProvider.php
2 years ago
StatisticRestServiceProvider.php
3 years ago
SubscriptionProtocolRestServiceProvider.php
3 years ago
SubscriptionRestServiceProvider.php
3 years ago
TaxProtocolRestServiceProvider.php
3 years ago
TaxRegistrationRestServiceProvider.php
3 years ago
TaxZoneRestServiceProvider.php
3 years ago
UploadsRestServiceProvider.php
3 years ago
VerificationCodeRestServiceProvider.php
3 years ago
WebhooksRestServiceProvider.php
3 years ago
OrderRestServiceProvider.php
117 lines
| 1 | <?php |
| 2 | |
| 3 | namespace SureCart\Rest; |
| 4 | |
| 5 | use SureCart\Rest\RestServiceInterface; |
| 6 | use SureCart\Controllers\Rest\OrderController; |
| 7 | use SureCart\Models\User; |
| 8 | |
| 9 | /** |
| 10 | * Service provider for Price Rest Requests |
| 11 | */ |
| 12 | class OrderRestServiceProvider extends RestServiceProvider implements RestServiceInterface { |
| 13 | /** |
| 14 | * Endpoint. |
| 15 | * |
| 16 | * @var string |
| 17 | */ |
| 18 | protected $endpoint = 'orders'; |
| 19 | |
| 20 | /** |
| 21 | * Rest Controller |
| 22 | * |
| 23 | * @var string |
| 24 | */ |
| 25 | protected $controller = OrderController::class; |
| 26 | |
| 27 | /** |
| 28 | * Methods allowed for the model. |
| 29 | * |
| 30 | * @var array |
| 31 | */ |
| 32 | protected $methods = [ 'index', 'find' ]; |
| 33 | |
| 34 | /** |
| 35 | * Get our sample schema for a post. |
| 36 | * |
| 37 | * @return array The sample schema for a post |
| 38 | */ |
| 39 | public function get_item_schema() { |
| 40 | if ( $this->schema ) { |
| 41 | // Since WordPress 5.3, the schema can be cached in the $schema property. |
| 42 | return $this->schema; |
| 43 | } |
| 44 | |
| 45 | $this->schema = [ |
| 46 | // This tells the spec of JSON Schema we are using which is draft 4. |
| 47 | '$schema' => 'http://json-schema.org/draft-04/schema#', |
| 48 | // The title property marks the identity of the resource. |
| 49 | 'title' => $this->endpoint, |
| 50 | 'type' => 'object', |
| 51 | // In JSON Schema you can specify object properties in the properties attribute. |
| 52 | 'properties' => [ |
| 53 | 'id' => [ |
| 54 | 'description' => esc_html__( 'Unique identifier for the object.', 'surecart' ), |
| 55 | 'type' => 'string', |
| 56 | 'context' => [ 'view', 'edit', 'embed' ], |
| 57 | 'readonly' => true, |
| 58 | ], |
| 59 | ], |
| 60 | ]; |
| 61 | |
| 62 | return $this->schema; |
| 63 | } |
| 64 | |
| 65 | /** |
| 66 | * Filters a response based on the context defined in the schema. |
| 67 | * |
| 68 | * @since 4.7.0 |
| 69 | * |
| 70 | * @param array|\WP_REST_Response $data Response data to filter. |
| 71 | * @param string $context Context defined in the schema. |
| 72 | * @return array Filtered response. |
| 73 | */ |
| 74 | public function filter_response_by_context( $data, $context ) { |
| 75 | $schema = $this->get_item_schema(); |
| 76 | |
| 77 | // if the user can edit customers, show the edit context. |
| 78 | if ( current_user_can( 'edit_sc_customers' ) ) { |
| 79 | return rest_filter_response_by_context( $data, $schema, 'edit' ); |
| 80 | } |
| 81 | |
| 82 | $data = is_a( $data, 'WP_REST_Response' ) ? $data->get_data() : $data; |
| 83 | |
| 84 | // if the user is logged in, and we have customer data. |
| 85 | // if it matches the current customer, then we can show the edit context. |
| 86 | if ( is_user_logged_in() && ! empty( $data['customer'] ) ) { |
| 87 | $customer_id = ! empty( $data['customer']['id'] ) ? $data['customer']['id'] : $data['customer']; |
| 88 | if ( User::current()->customerId() === $customer_id ) { |
| 89 | return rest_filter_response_by_context( $data, $schema, 'edit' ); |
| 90 | } |
| 91 | } |
| 92 | |
| 93 | return rest_filter_response_by_context( $data, $schema, 'view' ); |
| 94 | } |
| 95 | |
| 96 | |
| 97 | /** |
| 98 | * Anyone can get a specific order if they have the unique order id. |
| 99 | * |
| 100 | * @param \WP_REST_Request $request Full details about the request. |
| 101 | * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise. |
| 102 | */ |
| 103 | public function get_item_permissions_check( $request ) { |
| 104 | return current_user_can( 'read_sc_order', $request['id'] ); |
| 105 | } |
| 106 | |
| 107 | /** |
| 108 | * Listing |
| 109 | * |
| 110 | * @param \WP_REST_Request $request Full details about the request. |
| 111 | * @return true|\WP_Error True if the request has access to create items, WP_Error object otherwise. |
| 112 | */ |
| 113 | public function get_items_permissions_check( $request ) { |
| 114 | return current_user_can( 'read_sc_orders', $request->get_params() ); |
| 115 | } |
| 116 | } |
| 117 |