/**
* {@inheritDoc}
*/
public function getOverriddenValue()
{
if ($this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
return $this->userContext->getUserId();
}
return null;
}
/**
* Check if resource for which access is needed has self permissions defined in webapi config.
*
* @param \Magento\Framework\Authorization $subject
* @param callable $proceed
* @param string $resource
* @param string $privilege
*
* @return bool true If resource permission is self, to allow
* customer access without further checks in parent method
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function aroundIsAllowed(\Magento\Framework\Authorization $subject, \Closure $proceed, $resource, $privilege = null)
{
if ($resource == AuthorizationService::PERMISSION_SELF && $this->userContext->getUserId() && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
return true;
} else {
return $proceed($resource, $privilege);
}
}
/**
* {@inheritdoc}
*/
public function getAclRoleId()
{
$userId = $this->userContext->getUserId();
$userType = $this->userContext->getUserType();
$roleCollection = $this->roleCollectionFactory->create();
/** @var Role $role */
$role = $roleCollection->setUserFilter($userId, $userType)->getFirstItem();
if (!$role->getId()) {
return null;
}
return $role->getId();
}
/**
* {@inheritdoc}
*/
public function getByIdentifierNamespace($identifier, $namespace)
{
$this->searchCriteriaBuilder->addFilters([$this->filterBuilder->setField('user_id')->setConditionType('eq')->setValue($this->userContext->getUserId())->create(), $this->filterBuilder->setField('identifier')->setConditionType('eq')->setValue($identifier)->create(), $this->filterBuilder->setField('namespace')->setConditionType('eq')->setValue($namespace)->create()]);
$searchCriteria = $this->searchCriteriaBuilder->create();
$searchResults = $this->bookmarkRepository->getList($searchCriteria);
if ($searchResults->getTotalCount() > 0) {
foreach ($searchResults->getItems() as $searchResult) {
$bookmark = $this->bookmarkRepository->getById($searchResult->getId());
return $bookmark;
}
}
return null;
}
/**
* Override parameter values based on webapi.xml
*
* @param array $inputData Incoming data from request
* @param array $parameters Contains parameters to replace or default
* @return array Data in same format as $inputData with appropriate parameters added or changed
*/
public function override(array $inputData, array $parameters)
{
foreach ($parameters as $name => $paramData) {
$arrayKeys = explode('.', $name);
if ($paramData[Converter::KEY_FORCE] || !$this->isNestedArrayValueSet($inputData, $arrayKeys)) {
if ($paramData[Converter::KEY_VALUE] == '%customer_id%' && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
$value = $this->userContext->getUserId();
} else {
$value = $paramData[Converter::KEY_VALUE];
}
$this->setNestedArrayValue($inputData, $arrayKeys, $value);
}
}
return $inputData;
}
/**
* {@inheritDoc}
*/
public function getOverriddenValue()
{
try {
if ($this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
$customerId = $this->userContext->getUserId();
/** @var \Magento\Quote\Api\Data\CartInterface */
$cart = $this->cartManagement->getCartForCustomer($customerId);
if ($cart) {
return $cart->getId();
}
}
} catch (NoSuchEntityException $e) {
/* do nothing and just return null */
}
return null;
}
/**
* Update bookmarks based on request params
*
* @param BookmarkInterface $bookmark
* @param string $identifier
* @param string $title
* @param string $config
* @return void
*/
protected function updateBookmark(BookmarkInterface $bookmark, $identifier, $title, $config)
{
$updateBookmark = $this->checkBookmark($identifier);
if ($updateBookmark !== false) {
$bookmark = $updateBookmark;
}
$bookmark->setUserId($this->userContext->getUserId())->setNamespace($this->_request->getParam('namespace'))->setIdentifier($identifier)->setTitle($title)->setConfig($config);
$this->bookmarkRepository->save($bookmark);
}
/**
* Override parameter values based on webapi.xml
*
* @param array $inputData Incoming data from request
* @param array $parameters Contains parameters to replace or default
* @return array Data in same format as $inputData with appropriate parameters added or changed
*/
protected function overrideParams(array $inputData, array $parameters)
{
foreach ($parameters as $name => $paramData) {
if ($paramData[Converter::KEY_FORCE] || !isset($inputData[$name])) {
if ($paramData[Converter::KEY_VALUE] == '%customer_id%' && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
$value = $this->userContext->getUserId();
} else {
$value = $paramData[Converter::KEY_VALUE];
}
$inputData[$name] = $value;
}
}
return $inputData;
}
/**
* Update bookmarks based on request params
*
* @param BookmarkInterface $bookmark
* @param string $identifier
* @param string $title
* @param array $config
* @return void
*/
protected function updateBookmark(BookmarkInterface $bookmark, $identifier, $title, array $config = [])
{
$this->filterVars($config);
$bookmark->setUserId($this->userContext->getUserId())->setNamespace($this->_request->getParam('namespace'))->setIdentifier($identifier)->setTitle($title)->setConfig($config)->setCurrent($identifier !== self::CURRENT_IDENTIFIER);
$this->bookmarkRepository->save($bookmark);
$bookmarks = $this->bookmarkManagement->loadByNamespace($this->_request->getParam('namespace'));
foreach ($bookmarks->getItems() as $bookmark) {
if ($bookmark->getIdentifier() == $identifier) {
continue;
}
$bookmark->setCurrent(false);
$this->bookmarkRepository->save($bookmark);
}
}
/**
* Create cart for current logged in customer
*
* @return \Magento\Sales\Model\Quote
* @throws CouldNotSaveException
*/
protected function createCustomerCart()
{
$storeId = $this->storeManager->getStore()->getId();
$customer = $this->customerRegistry->retrieve($this->userContext->getUserId());
$currentCustomerQuote = $this->quoteFactory->create()->loadByCustomer($customer);
if ($currentCustomerQuote->getId() && $currentCustomerQuote->getIsActive()) {
throw new CouldNotSaveException('Cannot create quote');
}
/** @var \Magento\Sales\Model\Quote $quote */
$quote = $this->quoteFactory->create();
$quote->setStoreId($storeId);
$quote->setCustomer($customer);
$quote->setCustomerIsGuest(0);
return $quote;
}
/**
* Creates a cart for the currently logged-in customer.
*
* @param int $storeId
* @return \Magento\Quote\Model\Quote Cart object.
* @throws CouldNotSaveException The cart could not be created.
*/
protected function createCustomerCart($storeId)
{
$customer = $this->customerRepository->getById($this->userContext->getUserId());
try {
$this->quoteRepository->getActiveForCustomer($this->userContext->getUserId());
throw new CouldNotSaveException(__('Cannot create quote'));
} catch (\Magento\Framework\Exception\NoSuchEntityException $e) {
}
/** @var \Magento\Quote\Model\Quote $quote */
$quote = $this->quoteRepository->create();
$quote->setStoreId($storeId);
$quote->setCustomer($customer);
$quote->setCustomerIsGuest(0);
return $quote;
}
/**
* Check whether quote is allowed for current user context
*
* @param \Magento\Quote\Model\Quote $quote
* @return bool
*/
protected function isAllowed(\Magento\Quote\Model\Quote $quote)
{
return $this->userContext->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER ? $quote->getCustomerId() === null || $quote->getCustomerId() == $this->userContext->getUserId() : true;
}
/**
* Checks if order is allowed for current customer
*
* @param \Magento\Sales\Model\Order $order
* @return bool
*/
protected function isAllowed(\Magento\Sales\Model\Order $order)
{
return $this->userContext->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER ? $order->getCustomerId() == $this->userContext->getUserId() : true;
}
/**
* Generate cache ID using current context: user permissions and store
*
* @param string $prefix Prefix is used by hashing function
* @return string
*/
public function generateCacheIdUsingContext($prefix)
{
return hash('md5', $prefix . $this->storeManager->getStore()->getCode() . $this->userContext->getUserType() . $this->userContext->getUserId());
}
/**
* @param \Magento\Quote\Model\GuestCart\GuestCartManagement $subject
* @param string $cartId
* @param int $customerId
* @param int $storeId
* @throws StateException
* @return void
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function beforeAssignCustomer(\Magento\Quote\Model\GuestCart\GuestCartManagement $subject, $cartId, $customerId, $storeId)
{
if ($customerId !== (int) $this->userContext->getUserId()) {
throw new StateException(__('Cannot assign customer to the given cart. You don\'t have permission for this operation.'));
}
}
