woocommerce/includes/api/wc-rest-customers-controlle...

652 lines
22 KiB
PHP
Raw Normal View History

2016-02-17 19:29:09 +00:00
<?php
/**
* REST API Customers controller
*
* Handles requests to the /customers endpoint.
*
* @author WooThemes
* @category API
* @package WooCommerce/API
* @since 2.6.0
*/
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* REST API Customers controller class.
*
* @package WooCommerce/API
* @extends WP_REST_Controller
2016-02-17 19:29:09 +00:00
*/
class WC_REST_Customers_Controller extends WP_REST_Controller {
2016-02-17 19:29:09 +00:00
/**
* Route base.
*
* @var string
*/
2016-02-22 18:49:38 +00:00
protected $rest_base = 'customers';
2016-02-17 19:29:09 +00:00
/**
* Register the routes for customers.
*/
public function register_routes() {
register_rest_route( WC_API::REST_API_NAMESPACE, '/' . $this->rest_base, array(
array(
2016-03-02 21:07:23 +00:00
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_items' ),
'permission_callback' => array( $this, 'get_items_permissions_check' ),
'args' => $this->get_collection_params(),
),
array(
2016-03-02 20:58:40 +00:00
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( $this, 'create_item' ),
'permission_callback' => array( $this, 'create_item_permissions_check' ),
2016-03-02 20:58:40 +00:00
'args' => array_merge( $this->get_endpoint_args_for_item_schema( WP_REST_Server::CREATABLE ), array(
'email' => array(
'required' => true,
),
'username' => array(
'required' => 'no' === get_option( 'woocommerce_registration_generate_username', 'yes' ),
),
'password' => array(
'required' => 'yes' === get_option( 'woocommerce_registration_generate_password', 'no' ),
),
) ),
),
'schema' => array( $this, 'get_public_item_schema' ),
) );
2016-02-17 19:29:09 +00:00
register_rest_route( WC_API::REST_API_NAMESPACE, '/' . $this->rest_base . '/(?P<id>[\d]+)', array(
array(
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_item' ),
'permission_callback' => array( $this, 'get_item_permissions_check' ),
'args' => array(
'context' => $this->get_context_param( array( 'default' => 'view' ) ),
),
),
array(
'methods' => WP_REST_Server::EDITABLE,
'callback' => array( $this, 'update_item' ),
'permission_callback' => array( $this, 'update_item_permissions_check' ),
'args' => array_merge( $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ), array(
'password' => array(),
) ),
),
array(
'methods' => WP_REST_Server::DELETABLE,
'callback' => array( $this, 'delete_item' ),
'permission_callback' => array( $this, 'delete_item_permissions_check' ),
'args' => array(
'force' => array(
'default' => false,
'description' => __( 'Required to be true, as resource does not support trashing.' ),
),
'reassign' => array(),
),
),
'schema' => array( $this, 'get_public_item_schema' ),
) );
register_rest_route( WC_API::REST_API_NAMESPACE, '/' . $this->rest_base . '/me', array(
'methods' => WP_REST_Server::READABLE,
'callback' => array( $this, 'get_current_item' ),
'args' => array(
'context' => array(),
),
'schema' => array( $this, 'get_public_item_schema' ),
) );
}
2016-03-02 21:07:23 +00:00
/**
* Check whether a given request has permission to read customers.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|boolean
*/
public function get_items_permissions_check( $request ) {
if ( ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'woocommerce_rest_cannot_view', __( 'Sorry, you cannot list customers.' ), array( 'status' => rest_authorization_required_code() ) );
}
return true;
}
/**
* Check if a given request has access to read a customer.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|boolean
*/
public function get_item_permissions_check( $request ) {
$id = (int) $request['id'];
$customer = get_userdata( $id );
$types = get_post_types( array( 'public' => true ), 'names' );
if ( empty( $id ) || empty( $customer->ID ) ) {
return new WP_Error( 'woocommerce_rest_customer_invalid_id', __( 'Invalid resource id.', 'woocommerce' ), array( 'status' => 404 ) );
}
if ( get_current_user_id() === $id ) {
return true;
}
if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'woocommerce_rest_customer_cannot_view', __( 'Sorry, you cannot view this resource with edit context.', 'woocommerce' ), array( 'status' => rest_authorization_required_code() ) );
} else if ( ! count_user_posts( $id, $types ) && ! current_user_can( 'edit_user', $id ) && ! current_user_can( 'list_users' ) ) {
return new WP_Error( 'woocommerce_rest_customer_cannot_view', __( 'Sorry, you cannot view this resource.' ), array( 'status' => rest_authorization_required_code() ) );
}
return true;
}
2016-03-02 20:58:40 +00:00
/**
* Get all customers.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response
*/
public function get_items( $request ) {
$prepared_args = array();
$prepared_args['exclude'] = $request['exclude'];
$prepared_args['include'] = $request['include'];
$prepared_args['order'] = $request['order'];
$prepared_args['number'] = $request['per_page'];
if ( ! empty( $request['offset'] ) ) {
$prepared_args['offset'] = $request['offset'];
} else {
$prepared_args['offset'] = ( $request['page'] - 1 ) * $prepared_args['number'];
}
$orderby_possibles = array(
'id' => 'ID',
'include' => 'include',
'name' => 'display_name',
'registered_date' => 'registered',
);
$prepared_args['orderby'] = $orderby_possibles[ $request['orderby'] ];
$prepared_args['search'] = $request['search'];
if ( '' !== $prepared_args['search'] ) {
$prepared_args['search'] = '*' . $prepared_args['search'] . '*';
}
if ( ! empty( $request['slug'] ) ) {
$prepared_args['search'] = $request['slug'];
$prepared_args['search_columns'] = array( 'user_nicename' );
}
2016-03-02 21:07:23 +00:00
// Show only customers.
$prepared_args['role'] = 'customer';
2016-03-02 20:58:40 +00:00
/**
* Filter arguments, before passing to WP_User_Query, when querying users via the REST API.
*
* @see https://developer.wordpress.org/reference/classes/wp_user_query/
*
* @param array $prepared_args Array of arguments for WP_User_Query.
* @param WP_REST_Request $request The current request.
*/
$prepared_args = apply_filters( 'woocommerce_rest_customer_query', $prepared_args, $request );
$query = new WP_User_Query( $prepared_args );
$users = array();
foreach ( $query->results as $user ) {
$data = $this->prepare_item_for_response( $user, $request );
$users[] = $this->prepare_response_for_collection( $data );
}
$response = rest_ensure_response( $users );
// Store pagation values for headers then unset for count query.
$per_page = (int) $prepared_args['number'];
$page = ceil( ( ( (int) $prepared_args['offset'] ) / $per_page ) + 1 );
$prepared_args['fields'] = 'ID';
$total_users = $query->get_total();
if ( $total_users < 1 ) {
// Out-of-bounds, run the query again without LIMIT for total count.
unset( $prepared_args['number'] );
unset( $prepared_args['offset'] );
$count_query = new WP_User_Query( $prepared_args );
$total_users = $count_query->get_total();
}
$response->header( 'X-WP-Total', (int) $total_users );
$max_pages = ceil( $total_users / $per_page );
$response->header( 'X-WP-TotalPages', (int) $max_pages );
$base = add_query_arg( $request->get_query_params(), rest_url( sprintf( '/%s/%s', WC_API::REST_API_NAMESPACE, $this->rest_base ) ) );
if ( $page > 1 ) {
$prev_page = $page - 1;
if ( $prev_page > $max_pages ) {
$prev_page = $max_pages;
}
$prev_link = add_query_arg( 'page', $prev_page, $base );
$response->link_header( 'prev', $prev_link );
}
if ( $max_pages > $page ) {
$next_page = $page + 1;
$next_link = add_query_arg( 'page', $next_page, $base );
$response->link_header( 'next', $next_link );
}
return $response;
}
/**
* Get a single customer.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response
*/
public function get_item( $request ) {
$id = (int) $request['id'];
$customer = get_userdata( $id );
if ( empty( $id ) || empty( $customer->ID ) ) {
return new WP_Error( 'woocommerce_rest_customer_invalid_id', __( 'Invalid resource id.', 'woocommerce' ), array( 'status' => 404 ) );
}
$customer = $this->prepare_item_for_response( $customer, $request );
$response = rest_ensure_response( $customer );
return $response;
}
/**
* Get the current customer.
*
* @param WP_REST_Request $request Full details about the request.
* @return WP_Error|WP_REST_Response
*/
public function get_current_item( $request ) {
$current_customer_id = get_current_user_id();
if ( empty( $current_customer_id ) ) {
return new WP_Error( 'woocommerce_rest_not_logged_in', __( 'You are not currently logged in.', 'woocommerce' ), array( 'status' => 401 ) );
}
$customer = wp_get_current_user();
$response = $this->prepare_item_for_response( $customer, $request );
$response = rest_ensure_response( $response );
$response->header( 'Location', rest_url( sprintf( '/%s/%s/%d', WC_API::REST_API_NAMESPACE, $this->rest_base, $current_customer_id ) ) );
$response->set_status( 302 );
return $response;
}
/**
* Prepare a single customer output for response.
*
* @param WP_User $customer Customer object.
* @param WP_REST_Request $request Request object.
* @return WP_REST_Response $response Response data.
*/
public function prepare_item_for_response( $customer, $request ) {
$last_order = wc_get_customer_last_order( $customer->ID );
$data = array(
'id' => $customer->ID,
'created_at' => wc_api_prepare_date_response( $customer->user_registered ),
2016-03-02 20:58:40 +00:00
'updated_at' => $customer->last_update ? wc_api_prepare_date_response( date( 'Y-m-d H:i:s', $customer->last_update ) ) : null,
'email' => $customer->user_email,
'first_name' => $customer->first_name,
'last_name' => $customer->last_name,
'username' => $customer->user_login,
'last_order' => array(
'id' => is_object( $last_order ) ? $last_order->id : null,
'date' => is_object( $last_order ) ? wc_api_prepare_date_response( $last_order->post->post_date_gmt ) : null
),
'orders_count' => wc_get_customer_order_count( $customer->ID ),
'total_spent' => wc_format_decimal( wc_get_customer_total_spent( $customer->ID ), 2 ),
'avatar_url' => wc_get_customer_avatar_url( $customer->customer_email ),
'billing_address' => array(
'first_name' => $customer->billing_first_name,
'last_name' => $customer->billing_last_name,
'company' => $customer->billing_company,
'address_1' => $customer->billing_address_1,
'address_2' => $customer->billing_address_2,
'city' => $customer->billing_city,
'state' => $customer->billing_state,
'postcode' => $customer->billing_postcode,
'country' => $customer->billing_country,
'email' => $customer->billing_email,
'phone' => $customer->billing_phone,
),
'shipping_address' => array(
'first_name' => $customer->shipping_first_name,
'last_name' => $customer->shipping_last_name,
'company' => $customer->shipping_company,
'address_1' => $customer->shipping_address_1,
'address_2' => $customer->shipping_address_2,
'city' => $customer->shipping_city,
'state' => $customer->shipping_state,
'postcode' => $customer->shipping_postcode,
'country' => $customer->shipping_country,
),
);
$context = ! empty( $request['context'] ) ? $request['context'] : 'view';
$data = $this->add_additional_fields_to_object( $data, $request );
$data = $this->filter_response_by_context( $data, $context );
// Wrap the data in a response object.
$response = rest_ensure_response( $data );
$response->add_links( $this->prepare_links( $customer ) );
/**
* Filter customer data returned from the REST API.
*
* @param WP_REST_Response $response The response object.
* @param WP_User $customer User object used to create response.
* @param WP_REST_Request $request Request object.
*/
return apply_filters( 'woocommerce_rest_prepare_customer', $response, $customer, $request );
}
/**
* Prepare links for the request.
*
* @param WP_User $customer User object.
* @return array Links for the given user.
*/
protected function prepare_links( $customer ) {
$links = array(
'self' => array(
'href' => rest_url( sprintf( '/%s/%s/%d', WC_API::REST_API_NAMESPACE, $this->rest_base, $customer->ID ) ),
),
'collection' => array(
'href' => rest_url( sprintf( '/%s/%s', WC_API::REST_API_NAMESPACE, $this->rest_base ) ),
),
);
return $links;
}
/**
* Get the User's schema, conforming to JSON Schema
*
* @return array
*/
public function get_item_schema() {
global $wp_roles;
$schema = array(
'$schema' => 'http://json-schema.org/draft-04/schema#',
'title' => 'customer',
'type' => 'object',
'properties' => array(
'id' => array(
'description' => __( 'Unique identifier for the resource.', 'woocommerce' ),
'type' => 'integer',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'created_at' => array(
'description' => __( "The date the customer was created, in the site's timezone.", 'woocommerce' ),
'type' => 'date-time',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'updated_at' => array(
'description' => __( "The date the customer was last modified, in the site's timezone.", 'woocommerce' ),
'type' => 'date-time',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'email' => array(
'description' => __( 'The email address for the customer.', 'woocommerce' ),
'type' => 'string',
'format' => 'email',
'context' => array( 'view', 'edit' ),
),
'first_name' => array(
'description' => __( 'Customer first name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_text_field',
),
),
'last_name' => array(
'description' => __( 'Customer last name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_text_field',
),
),
'username' => array(
'description' => __( 'Customer login name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'arg_options' => array(
'sanitize_callback' => 'sanitize_user',
),
),
'password' => array(
'description' => __( 'Customer password.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'edit' ),
),
'last_order' => array(
'description' => __( 'Last order data.', 'woocommerce' ),
'type' => 'object',
'context' => array( 'view', 'edit' ),
'readonly' => true,
'properties' => array(
'id' => array(
'description' => __( 'Last order ID.', 'woocommerce' ),
'type' => 'integer',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'date' => array(
'description' => __( 'UTC DateTime of the customer last order.', 'woocommerce' ),
'type' => 'date-time',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
),
),
'orders_count' => array(
'description' => __( 'Quantity of orders made by the customer.', 'woocommerce' ),
'type' => 'integer',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'total_spent' => array(
'description' => __( 'Total amount spent.', 'woocommerce' ),
'type' => 'float',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'avatar_url' => array(
'description' => __( 'Avatar URL.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
'readonly' => true,
),
'billing_address' => array(
'description' => __( 'List of billing address data.', 'woocommerce' ),
'type' => 'object',
'context' => array( 'view', 'edit' ),
'properties' => array(
'first_name' => array(
'description' => __( 'First name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'last_name' => array(
'description' => __( 'Last name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'company' => array(
'description' => __( 'Company name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'address_1' => array(
'description' => __( 'Address line 1.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'address_2' => array(
'description' => __( 'Address line 2.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'city' => array(
'description' => __( 'City name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'state' => array(
'description' => __( 'ISO code or name of the state, province or district.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'postcode' => array(
'description' => __( 'Postal code.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'country' => array(
'description' => __( 'ISO code of the country.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'email' => array(
'description' => __( 'Email address.', 'woocommerce' ),
'type' => 'string',
'format' => 'email',
'context' => array( 'view', 'edit' ),
),
'phone' => array(
'description' => __( 'Phone number.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
),
),
'shipping_address' => array(
'description' => __( 'List of shipping address data.', 'woocommerce' ),
'type' => 'object',
'context' => array( 'view', 'edit' ),
'properties' => array(
'first_name' => array(
'description' => __( 'First name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'last_name' => array(
'description' => __( 'Last name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'company' => array(
'description' => __( 'Company name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'address_1' => array(
'description' => __( 'Address line 1.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'address_2' => array(
'description' => __( 'Address line 2.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'city' => array(
'description' => __( 'City name.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'state' => array(
'description' => __( 'ISO code or name of the state, province or district.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'postcode' => array(
'description' => __( 'Postal code.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
'country' => array(
'description' => __( 'ISO code of the country.', 'woocommerce' ),
'type' => 'string',
'context' => array( 'view', 'edit' ),
),
),
),
),
);
return $this->add_additional_fields_schema( $schema );
2016-02-17 19:29:09 +00:00
}
2016-03-02 20:58:40 +00:00
/**
* Get the query params for collections
*
* @return array
*/
public function get_collection_params() {
$query_params = parent::get_collection_params();
$query_params['context']['default'] = 'view';
$query_params['exclude'] = array(
'description' => __( 'Ensure result set excludes specific ids.', 'woocommerce' ),
'type' => 'array',
'default' => array(),
'sanitize_callback' => 'wp_parse_id_list',
);
$query_params['include'] = array(
'description' => __( 'Limit result set to specific ids.', 'woocommerce' ),
'type' => 'array',
'default' => array(),
'sanitize_callback' => 'wp_parse_id_list',
);
$query_params['offset'] = array(
'description' => __( 'Offset the result set by a specific number of items.', 'woocommerce' ),
'type' => 'integer',
'sanitize_callback' => 'absint',
'validate_callback' => 'rest_validate_request_arg',
);
$query_params['order'] = array(
'default' => 'asc',
'description' => __( 'Order sort attribute ascending or descending.', 'woocommerce' ),
'enum' => array( 'asc', 'desc' ),
'sanitize_callback' => 'sanitize_key',
'type' => 'string',
'validate_callback' => 'rest_validate_request_arg',
);
$query_params['orderby'] = array(
'default' => 'name',
'description' => __( 'Sort collection by object attribute.', 'woocommerce' ),
'enum' => array(
'id',
'include',
'name',
'registered_date',
),
'sanitize_callback' => 'sanitize_key',
'type' => 'string',
'validate_callback' => 'rest_validate_request_arg',
);
$query_params['slug'] = array(
'description' => __( 'Limit result set to resources with a specific slug.', 'woocommerce' ),
'type' => 'string',
'validate_callback' => 'rest_validate_request_arg',
);
return $query_params;
}
2016-02-17 19:29:09 +00:00
}