Ensure address field is in address schema before sanitizing/validating it (#45394)

* Ensure field is on schema before sanitizing/validating against it * Sanitize the key as a text field if we don't know what it is * Add changelog * Revert "Sanitize the key as a text field if we don't know what it is" This reverts commit 9f5071051c. * Revert "Ensure field is on schema before sanitizing/validating against it" This reverts commit 109fbe766c. * Omit unknown items in sanization * add test doc block --------- Co-authored-by: Nadir Seghir <nadir.seghir@gmail.com>
2024-03-18 08:00:10 +00:00 · 2024-03-18 08:00:10 +00:00 · dd4babfdf8
parent dbd577cbd6
commit dd4babfdf8
3 changed files with 56 additions and 1 deletions
--- a/plugins/woocommerce/changelog/fix-address-api-warnings
+++ b/plugins/woocommerce/changelog/fix-address-api-warnings
@ -0,0 +1,3 @@
+Significance: patch
+Type: fix
+Comment: Prevent warnings when checking out with additional checkout fields
--- a/plugins/woocommerce/src/StoreApi/Schemas/V1/AbstractAddressSchema.php
+++ b/plugins/woocommerce/src/StoreApi/Schemas/V1/AbstractAddressSchema.php
@ -119,7 +119,9 @@ abstract class AbstractAddressSchema extends AbstractSchema {
 		$sanitization_util = new SanitizationUtils();
 		$address           = (array) $address;
 		$field_schema      = $this->get_properties();
-		$address           = array_reduce(
+		// omit all keys from address that are not in the schema. This should account for email.
+		$address = array_intersect_key( $address, $field_schema );
+		$address = array_reduce(
 			array_keys( $address ),
 			function( $carry, $key ) use ( $address, $validation_util, $field_schema ) {
 				switch ( $key ) {
--- a/plugins/woocommerce/tests/php/src/Blocks/StoreApi/Routes/Cart.php
+++ b/plugins/woocommerce/tests/php/src/Blocks/StoreApi/Routes/Cart.php
@ -51,6 +51,15 @@ class Cart extends ControllerTestCase {
 					'weight'        => 10,
 				)
 			),
+			$fixtures->get_simple_product(
+				array(
+					'name'          => 'Test Product 4',
+					'stock_status'  => 'instock',
+					'regular_price' => 10,
+					'weight'        => 10,
+					'virtual'       => true,
+				)
+			),
 		);

 		// Add product #3 as a cross-sell for product #1.
@ -414,6 +423,47 @@ class Cart extends ControllerTestCase {
 		);
 	}

+	/**
+	 * Test updating customer with a virtual cart only, this should test the address copying functionality.
+	 */
+	public function test_update_customer_virtual_cart() {
+		// Add a virtual item to cart.
+		wc_empty_cart();
+		$this->keys   = array();
+		$this->keys[] = wc()->cart->add_to_cart( $this->products[3]->get_id() );
+
+		$request = new \WP_REST_Request( 'POST', '/wc/store/v1/cart/update-customer' );
+		$request->set_header( 'Nonce', wp_create_nonce( 'wc_store_api' ) );
+		$request->set_body_params(
+			array(
+				'billing_address' => (object) array(
+					'first_name' => 'Han',
+					'last_name'  => 'Solo',
+					'address_1'  => 'Test address 1',
+					'address_2'  => 'Test address 2',
+					'city'       => 'Test City',
+					'state'      => 'AL',
+					'postcode'   => '90210',
+					'country'    => 'US',
+					'email'      => 'testaccount@test.com',
+				),
+			)
+		);
+
+		$this->assertAPIResponse(
+			$request,
+			200,
+			array(
+				'shipping_rates' => array(),
+			)
+		);
+		// Restore cart for other tests.
+		wc_empty_cart();
+		$this->keys   = array();
+		$this->keys[] = wc()->cart->add_to_cart( $this->products[0]->get_id(), 2 );
+		$this->keys[] = wc()->cart->add_to_cart( $this->products[1]->get_id() );
+		wc()->cart->apply_coupon( $this->coupon->get_code() );
+	}

 	/**
 	 * Test applying coupon to cart.