Skip to content

Commit 1f19103

Browse files
kidunot89kidunot89
authored
feat: woographql_viewable_order_types hook added (#741)
* feat: woographql_viewable_order_types hook added * chore: WPCS compliance met
1 parent 8c779b4 commit 1f19103

File tree

2 files changed

+18
-6
lines changed

2 files changed

+18
-6
lines changed

includes/model/class-order.php

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,14 +64,26 @@ protected function get_restricted_cap() {
6464
return $cap;
6565
}
6666

67+
/**
68+
* Return order types viewable by proven ownership.
69+
*
70+
* @return array
71+
*/
72+
protected function get_viewable_order_types() {
73+
return apply_filters(
74+
'woographql_viewable_order_types',
75+
[ 'shop_order' ],
76+
);
77+
}
78+
6779
/**
6880
* Whether or not the customer of the order matches the current user.
6981
*
7082
* @return bool
7183
*/
7284
protected function owner_matches_current_user() {
7385
// Get Customer ID.
74-
if ( 'shop_order' === $this->post_type ) {
86+
if ( in_array( $this->post_type, $this->get_viewable_order_types(), true ) ) {
7587
$customer_id = $this->wc_data->get_customer_id();
7688
} else {
7789
$customer_id = get_post_meta( '_customer_user', $this->wc_data->get_parent_id(), true );
@@ -94,7 +106,7 @@ protected function owner_matches_current_user() {
94106
* @return bool
95107
*/
96108
public function guest_order_customer_matches_current_user() {
97-
if ( 'shop_order' === $this->post_type ) {
109+
if ( in_array( $this->post_type, $this->get_viewable_order_types(), true ) ) {
98110
$customer_email = $this->wc_data->get_billing_email();
99111
} else {
100112
$customer_email = get_post_meta( '_billing_email', $this->wc_data->get_parent_id(), true );

includes/type/object/class-customer-type.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -227,14 +227,14 @@ public static function register() {
227227
register_graphql_fields(
228228
'Customer',
229229
[
230-
'availablePaymentMethods' => [
230+
'availablePaymentMethods' => [
231231
'type' => [ 'list_of' => 'PaymentToken' ],
232232
'description' => __( 'Customer\'s stored payment tokens.', 'wp-graphql-woocommerce' ),
233233
'resolve' => function( $source ) {
234234
if ( get_current_user_id() === $source->ID ) {
235235
return array_values( \WC_Payment_Tokens::get_customer_tokens( $source->ID ) );
236236
}
237-
237+
238238
throw new UserError( __( 'Not authorized to view this user\'s payment methods.', 'wp-graphql-woocommerce' ) );
239239
},
240240
],
@@ -251,7 +251,7 @@ function ( $token ) {
251251
);
252252
return $tokens;
253253
}
254-
254+
255255
throw new UserError( __( 'Not authorized to view this user\'s payment methods.', 'wp-graphql-woocommerce' ) );
256256
},
257257
],
@@ -268,7 +268,7 @@ function ( $token ) {
268268
);
269269
return $tokens;
270270
}
271-
271+
272272
throw new UserError( __( 'Not authorized to view this user\'s payment methods.', 'wp-graphql-woocommerce' ) );
273273
},
274274
],

0 commit comments

Comments
 (0)