/** * Check whether a given request has permission to read customers. * * @param WP_REST_Request $request Full details about the request. * @return WP_Error|boolean */ public function get_items_permissions_check($request) { $customer = get_user_by('id', (int) $request['customer_id']); if (!$customer) { return new WP_Error('woocommerce_rest_customer_invalid', __('Resource does not exist.', 'woocommerce'), array('status' => 404)); } if (!wc_rest_check_user_permissions('read', $customer->id)) { return new WP_Error('woocommerce_rest_cannot_view', __('Sorry, you cannot list resources.', 'woocommerce'), array('status' => rest_authorization_required_code())); } return true; }
/** * Check if a given request has access batch create, update and delete items. * * @param WP_REST_Request $request Full details about the request. * @return boolean */ public function batch_items_permissions_check($request) { if (!wc_rest_check_user_permissions('batch')) { return new WP_Error('woocommerce_rest_cannot_batch', __('Sorry, you are not allowed to manipule this resource.', 'woocommerce'), array('status' => rest_authorization_required_code())); } return true; }
/** * Test wc_rest_check_user_permissions(). * * @since 2.6.0 */ public function test_wc_rest_check_user_permissions() { $this->isFalse(wc_rest_check_user_permissions()); }
/** * Get the current customer. * * @param WP_REST_Request $request Full details about the request. * @return WP_Error|WP_REST_Response */ public function get_current_item($request) { $id = get_current_user_id(); if (empty($id)) { return new WP_Error('woocommerce_rest_not_logged_in', __('You are not currently logged in.', 'woocommerce'), array('status' => 401)); } if (!wc_rest_check_user_permissions('read', $id)) { return new WP_Error('woocommerce_rest_cannot_view', __('Sorry, you cannot view this resource.', 'woocommerce'), array('status' => rest_authorization_required_code())); } $customer = wp_get_current_user(); $response = $this->prepare_item_for_response($customer, $request); $response = rest_ensure_response($response); $response->header('Location', rest_url(sprintf('/%s/%s/%d', $this->namespace, $this->rest_base, $id))); $response->set_status(302); return $response; }