Schema
4 weeks ago
ClassResolver.php
4 weeks ago
GraphQLControllerBase.php
4 weeks ago
Main.php
4 weeks ago
MetadataController.php
4 weeks ago
Principal.php
4 weeks ago
PrincipalResolver.php
4 weeks ago
QueryInfoExtractor.php
4 weeks ago
ResolverHelpers.php
4 weeks ago
Principal.php
68 lines
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace Automattic\WooCommerce\Api\Infrastructure; |
| 6 | |
| 7 | /** |
| 8 | * Default principal class for the WooCommerce dual code+GraphQL API. |
| 9 | * |
| 10 | * Plugins that authenticate against something other than WordPress users must ship |
| 11 | * their own principal class at `<plugin-api-namespace>\Infrastructure\...` together |
| 12 | * with a matching `PrincipalResolver`. Plugins that build on WP-user auth can either |
| 13 | * use this class directly (no resolver needed; the controller falls back to |
| 14 | * `new Principal( wp_get_current_user() )`) or extend it to add their own |
| 15 | * fields. |
| 16 | */ |
| 17 | class Principal { |
| 18 | /** |
| 19 | * Constructor. |
| 20 | * |
| 21 | * @param \WP_User $user The WordPress user behind the request. For anonymous requests this is a `WP_User` with `ID === 0`, as returned by {@see \wp_get_current_user()}. |
| 22 | */ |
| 23 | public function __construct( |
| 24 | public readonly \WP_User $user, |
| 25 | ) { |
| 26 | } |
| 27 | |
| 28 | /** |
| 29 | * Whether the underlying WP user is authenticated. |
| 30 | * |
| 31 | * Convenience for `$principal->user->ID > 0`, the canonical anonymous |
| 32 | * marker in WordPress. Use this in `authorize()` / `execute()` bodies that |
| 33 | * need to distinguish anonymous from authenticated callers. |
| 34 | */ |
| 35 | public function is_authenticated(): bool { |
| 36 | return $this->user->ID > 0; |
| 37 | } |
| 38 | |
| 39 | /** |
| 40 | * Whether this principal may run GraphQL schema introspection on the endpoint. |
| 41 | * |
| 42 | * Implementing `can_introspect()` is opt-in for plugin principal classes, |
| 43 | * a principal that doesn't define it is denied by default. Plugins building |
| 44 | * authenticated endpoints should make an explicit decision per principal |
| 45 | * model rather than inheriting an introspection policy by accident. |
| 46 | */ |
| 47 | public function can_introspect(): bool { |
| 48 | return user_can( $this->user, 'manage_woocommerce' ); |
| 49 | } |
| 50 | |
| 51 | /** |
| 52 | * Whether this principal may activate GraphQL debug mode on the endpoint. |
| 53 | * |
| 54 | * Implementing `can_use_debug_mode()` is opt-in for plugin principal classes, |
| 55 | * a principal that doesn't define it is denied by default. Plugins building |
| 56 | * authenticated endpoints should make an explicit decision per principal |
| 57 | * model rather than inheriting a debug mode policy by accident. |
| 58 | * |
| 59 | * Note that this method's outcome is necessary but not sufficient for debug |
| 60 | * mode to be active: the controller also requires the request to carry |
| 61 | * `_debug=1`. The decision can be overridden by the |
| 62 | * `woocommerce_graphql_can_use_debug_mode` filter. |
| 63 | */ |
| 64 | public function can_use_debug_mode(): bool { |
| 65 | return user_can( $this->user, 'manage_options' ); |
| 66 | } |
| 67 | } |
| 68 |