plugin updates
This commit is contained in:
Tony Volpe
@@ -10,6 +10,8 @@
|
||||
|
||||
defined( 'ABSPATH' ) || exit;
|
||||
|
||||
use Automattic\WooCommerce\Internal\Utilities\Types;
|
||||
|
||||
/**
|
||||
* REST API Order Refunds controller class.
|
||||
*
|
||||
@@ -316,11 +318,28 @@ class WC_REST_Order_Refunds_V2_Controller extends WC_REST_Orders_V2_Controller {
|
||||
* The dynamic portion of the hook name, `$this->post_type`,
|
||||
* refers to the object type slug.
|
||||
*
|
||||
* @since 4.5.0
|
||||
*
|
||||
* @param WC_Data $coupon Object object.
|
||||
* @param WP_REST_Request $request Request object.
|
||||
* @param bool $creating If is creating a new object.
|
||||
*/
|
||||
return apply_filters( "woocommerce_rest_pre_insert_{$this->post_type}_object", $refund, $request, $creating );
|
||||
$refund = apply_filters( "woocommerce_rest_pre_insert_{$this->post_type}_object", $refund, $request, $creating );
|
||||
|
||||
// If the filtered result is not a WC_Data instance and is not a WP_Error then something went wrong, but we
|
||||
// still need to honor the declared return type.
|
||||
return Types::ensure_instance_of(
|
||||
$refund,
|
||||
WC_Data::class,
|
||||
function ( $thing ) {
|
||||
return is_wp_error( $thing )
|
||||
? $thing
|
||||
: new WP_Error(
|
||||
'woocommerce_rest_cannot_verify_refund_created',
|
||||
__( 'An unexpected error occurred while generating the refund.', 'woocommerce' )
|
||||
);
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -468,7 +468,7 @@ class WC_REST_Orders_V2_Controller extends WC_REST_CRUD_Controller {
|
||||
}
|
||||
|
||||
// Format the order status.
|
||||
$data['status'] = 'wc-' === substr( $data['status'], 0, 3 ) ? substr( $data['status'], 3 ) : $data['status'];
|
||||
$data['status'] = OrderUtil::remove_status_prefix( $data['status'] );
|
||||
|
||||
// Format line items.
|
||||
foreach ( $format_line_items as $key ) {
|
||||
|
||||
@@ -137,10 +137,48 @@ class WC_REST_Product_Variations_V2_Controller extends WC_REST_Products_V2_Contr
|
||||
*
|
||||
* @since 3.0.0
|
||||
* @param int $id Object ID.
|
||||
* @return WC_Data
|
||||
* @return WC_Data|null
|
||||
*/
|
||||
protected function get_object( $id ) {
|
||||
return wc_get_product( $id );
|
||||
$object = wc_get_product( $id );
|
||||
return ( $object && 0 !== $object->get_parent_id() ) ? $object : null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks that a variation belongs to the specified parent product.
|
||||
*
|
||||
* @param int $variation_id Variation ID.
|
||||
* @param int $parent_id Parent product ID to check against.
|
||||
* @return bool TRUE if variation and parent product exist. FALSE otherwise.
|
||||
*
|
||||
* @since 9.2.0
|
||||
*/
|
||||
protected function check_variation_parent( int $variation_id, int $parent_id ): bool {
|
||||
$variation = $this->get_object( $variation_id );
|
||||
if ( ! $variation || $parent_id !== $variation->get_parent_id() ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$parent = wc_get_product( $variation->get_parent_id() );
|
||||
if ( ! $parent ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a given request has access to read an item.
|
||||
*
|
||||
* @param WP_REST_Request $request Full details about the request.
|
||||
* @return WP_Error|boolean
|
||||
*/
|
||||
public function get_item_permissions_check( $request ) {
|
||||
if ( ! $this->check_variation_parent( (int) $request['id'], (int) $request['product_id'] ) ) {
|
||||
return new WP_Error( "woocommerce_rest_{$this->post_type}_invalid_id", __( 'Invalid ID.', 'woocommerce' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
return parent::get_item_permissions_check( $request );
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -150,18 +188,31 @@ class WC_REST_Product_Variations_V2_Controller extends WC_REST_Products_V2_Contr
|
||||
* @return WP_Error|boolean
|
||||
*/
|
||||
public function update_item_permissions_check( $request ) {
|
||||
if ( ! $this->check_variation_parent( (int) $request['id'], (int) $request['product_id'] ) ) {
|
||||
return new WP_Error( "woocommerce_rest_{$this->post_type}_invalid_id", __( 'Invalid ID.', 'woocommerce' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
$object = $this->get_object( (int) $request['id'] );
|
||||
|
||||
if ( $object && 0 !== $object->get_id() && ! wc_rest_check_post_permissions( $this->post_type, 'edit', $object->get_id() ) ) {
|
||||
return new WP_Error( 'woocommerce_rest_cannot_edit', __( 'Sorry, you are not allowed to edit this resource.', 'woocommerce' ), array( 'status' => rest_authorization_required_code() ) );
|
||||
}
|
||||
|
||||
// Check if variation belongs to the correct parent product.
|
||||
if ( $object && 0 !== $object->get_parent_id() && absint( $request['product_id'] ) !== $object->get_parent_id() ) {
|
||||
return new WP_Error( 'woocommerce_rest_cannot_edit', __( 'Parent product does not match current variation.', 'woocommerce' ), array( 'status' => rest_authorization_required_code() ) );
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a given request has access to delete an item.
|
||||
*
|
||||
* @param WP_REST_Request $request Full details about the request.
|
||||
* @return bool|WP_Error
|
||||
*/
|
||||
public function delete_item_permissions_check( $request ) {
|
||||
if ( ! $this->check_variation_parent( (int) $request['id'], (int) $request['product_id'] ) ) {
|
||||
return new WP_Error( "woocommerce_rest_{$this->post_type}_invalid_id", __( 'Invalid ID.', 'woocommerce' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
return true;
|
||||
return parent::delete_item_permissions_check( $request );
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -486,7 +486,7 @@ class WC_REST_System_Status_V2_Controller extends WC_REST_Controller {
|
||||
'readonly' => true,
|
||||
'properties' => array(
|
||||
'api_enabled' => array(
|
||||
'description' => __( 'REST API enabled?', 'woocommerce' ),
|
||||
'description' => __( 'Legacy REST API enabled?', 'woocommerce' ),
|
||||
'type' => 'boolean',
|
||||
'context' => array( 'view' ),
|
||||
'readonly' => true,
|
||||
|
||||
@@ -97,13 +97,15 @@ class WC_REST_Tax_Classes_V2_Controller extends WC_REST_Tax_Classes_V1_Controlle
|
||||
$tax_class = WC_Tax::get_tax_class_by( 'slug', sanitize_title( $request['slug'] ) );
|
||||
}
|
||||
|
||||
$data = array();
|
||||
if ( $tax_class ) {
|
||||
$class = $this->prepare_item_for_response( $tax_class, $request );
|
||||
$class = $this->prepare_response_for_collection( $class );
|
||||
$data[] = $class;
|
||||
if ( ! $tax_class ) {
|
||||
return new WP_Error( 'woocommerce_rest_tax_class_invalid_slug', __( 'Invalid slug.', 'woocommerce' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
$data = array();
|
||||
$class = $this->prepare_item_for_response( $tax_class, $request );
|
||||
$class = $this->prepare_response_for_collection( $class );
|
||||
$data[] = $class;
|
||||
|
||||
return rest_ensure_response( $data );
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,7 +36,7 @@ class WC_REST_Webhooks_V2_Controller extends WC_REST_Webhooks_V1_Controller {
|
||||
$webhook = wc_get_webhook( $id );
|
||||
|
||||
if ( empty( $webhook ) || is_null( $webhook ) ) {
|
||||
return new WP_Error( "woocommerce_rest_{$this->post_type}_invalid_id", __( 'ID is invalid.', 'woocommerce' ), array( 'status' => 400 ) );
|
||||
return new WP_Error( "woocommerce_rest_{$this->post_type}_invalid_id", __( 'ID is invalid.', 'woocommerce' ), array( 'status' => 404 ) );
|
||||
}
|
||||
|
||||
$data = array(
|
||||
|
||||
Reference in New Issue
Block a user