Exemplo n.º 1
0
 /**
  * {@inheritDoc}
  */
 public function getOverriddenValue()
 {
     if ($this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
         return $this->userContext->getUserId();
     }
     return null;
 }
Exemplo n.º 2
0
 /**
  * Check if resource for which access is needed has self permissions defined in webapi config.
  *
  * @param \Magento\Framework\Authorization $subject
  * @param callable $proceed
  * @param string $resource
  * @param string $privilege
  *
  * @return bool true If resource permission is self, to allow
  * customer access without further checks in parent method
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function aroundIsAllowed(\Magento\Framework\Authorization $subject, \Closure $proceed, $resource, $privilege = null)
 {
     if ($resource == AuthorizationService::PERMISSION_SELF && $this->userContext->getUserId() && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
         return true;
     } else {
         return $proceed($resource, $privilege);
     }
 }
Exemplo n.º 3
0
 /**
  * {@inheritdoc}
  */
 public function create()
 {
     $quote = $this->userContext->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER ? $this->createCustomerCart() : $this->createAnonymousCart();
     try {
         $quote->save();
     } catch (\Exception $e) {
         throw new CouldNotSaveException('Cannot create quote');
     }
     return $quote->getId();
 }
Exemplo n.º 4
0
 /**
  * {@inheritdoc}
  */
 public function getAclRoleId()
 {
     $userId = $this->userContext->getUserId();
     $userType = $this->userContext->getUserType();
     $roleCollection = $this->roleCollectionFactory->create();
     /** @var Role $role */
     $role = $roleCollection->setUserFilter($userId, $userType)->getFirstItem();
     if (!$role->getId()) {
         return null;
     }
     return $role->getId();
 }
Exemplo n.º 5
0
 /**
  * Override parameter values based on webapi.xml
  *
  * @param array $inputData Incoming data from request
  * @param array $parameters Contains parameters to replace or default
  * @return array Data in same format as $inputData with appropriate parameters added or changed
  */
 public function override(array $inputData, array $parameters)
 {
     foreach ($parameters as $name => $paramData) {
         $arrayKeys = explode('.', $name);
         if ($paramData[Converter::KEY_FORCE] || !$this->isNestedArrayValueSet($inputData, $arrayKeys)) {
             if ($paramData[Converter::KEY_VALUE] == '%customer_id%' && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
                 $value = $this->userContext->getUserId();
             } else {
                 $value = $paramData[Converter::KEY_VALUE];
             }
             $this->setNestedArrayValue($inputData, $arrayKeys, $value);
         }
     }
     return $inputData;
 }
Exemplo n.º 6
0
 /**
  * {@inheritDoc}
  */
 public function getOverriddenValue()
 {
     try {
         if ($this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
             $customerId = $this->userContext->getUserId();
             /** @var \Magento\Quote\Api\Data\CartInterface */
             $cart = $this->cartManagement->getCartForCustomer($customerId);
             if ($cart) {
                 return $cart->getId();
             }
         }
     } catch (NoSuchEntityException $e) {
         /* do nothing and just return null */
     }
     return null;
 }
Exemplo n.º 7
0
 /**
  * Override parameter values based on webapi.xml
  *
  * @param array $inputData Incoming data from request
  * @param array $parameters Contains parameters to replace or default
  * @return array Data in same format as $inputData with appropriate parameters added or changed
  */
 protected function overrideParams(array $inputData, array $parameters)
 {
     foreach ($parameters as $name => $paramData) {
         if ($paramData[Converter::KEY_FORCE] || !isset($inputData[$name])) {
             if ($paramData[Converter::KEY_VALUE] == '%customer_id%' && $this->userContext->getUserType() === UserContextInterface::USER_TYPE_CUSTOMER) {
                 $value = $this->userContext->getUserId();
             } else {
                 $value = $paramData[Converter::KEY_VALUE];
             }
             $inputData[$name] = $value;
         }
     }
     return $inputData;
 }
Exemplo n.º 8
0
 /**
  * Check whether access is allowed for cart list resource
  *
  * @param \Magento\Quote\Api\CartRepositoryInterface $subject
  * @param SearchCriteria $searchCriteria
  *
  * @return void
  * @throws AuthorizationException if access denied
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function beforeGetList(\Magento\Quote\Api\CartRepositoryInterface $subject, SearchCriteria $searchCriteria)
 {
     if (!in_array($this->userContext->getUserType(), $this->allowedUserTypes)) {
         throw new AuthorizationException(__('Access denied'));
     }
 }
Exemplo n.º 9
0
 /**
  * Check whether quote is allowed for current user context
  *
  * @param \Magento\Quote\Model\Quote $quote
  * @return bool
  */
 protected function isAllowed(\Magento\Quote\Model\Quote $quote)
 {
     return $this->userContext->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER ? $quote->getCustomerId() === null || $quote->getCustomerId() == $this->userContext->getUserId() : true;
 }
Exemplo n.º 10
0
 /**
  * Checks if order is allowed for current customer
  *
  * @param \Magento\Sales\Model\Order $order
  * @return bool
  */
 protected function isAllowed(\Magento\Sales\Model\Order $order)
 {
     return $this->userContext->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER ? $order->getCustomerId() == $this->userContext->getUserId() : true;
 }
Exemplo n.º 11
0
 /**
  * Generate cache ID using current context: user permissions and store
  *
  * @param string $prefix Prefix is used by hashing function
  * @return string
  */
 public function generateCacheIdUsingContext($prefix)
 {
     return hash('md5', $prefix . $this->storeManager->getStore()->getCode() . $this->userContext->getUserType() . $this->userContext->getUserId());
 }
Exemplo n.º 12
0
 /**
  * Check whether access is allowed for cart list resource
  *
  * @param \Magento\Checkout\Service\V1\Cart\ReadServiceInterface $subject
  * @param SearchCriteria $searchCriteria
  *
  * @return void
  * @throws AuthorizationException if access denied
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function beforeGetCartList(\Magento\Checkout\Service\V1\Cart\ReadServiceInterface $subject, SearchCriteria $searchCriteria)
 {
     if (!in_array($this->userContext->getUserType(), $this->allowedUserTypes)) {
         throw new AuthorizationException('Access denied');
     }
 }
Exemplo n.º 13
0
 /**
  * Check whether access is allowed for create cart resource
  *
  * @param \Magento\Quote\Api\CartManagementInterface $subject
  * @param int $cartId
  * @param int $customerId
  * @param int $storeId
  *
  * @return void
  * @throws AuthorizationException if access denied
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function beforeAssignCustomer(\Magento\Quote\Api\CartManagementInterface $subject, $cartId, $customerId, $storeId)
 {
     if (!in_array($this->userContext->getUserType(), $this->allowedUserTypes)) {
         throw new AuthorizationException(__('Access denied'));
     }
 }
Exemplo n.º 14
0
 /**
  * Check whether access is allowed for create cart resource
  *
  * @param \Magento\Checkout\Service\V1\Cart\WriteServiceInterface $subject
  * @param int $cartId
  * @param int $customerId
  *
  * @return void
  * @throws AuthorizationException if access denied
  * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  */
 public function beforeAssignCustomer(\Magento\Checkout\Service\V1\Cart\WriteServiceInterface $subject, $cartId, $customerId)
 {
     if (!in_array($this->userContext->getUserType(), $this->allowedUserTypes)) {
         throw new AuthorizationException('Access denied');
     }
 }