* GET /customers//orders * * @since 2.1 * @param array $routes * @return array */ public function register_routes( $routes ) { # GET|POST /customers $routes[ $this->base ] = array( array( array( $this, 'get_customers' ), WC_API_SERVER::READABLE ), array( array( $this, 'create_customer' ), WC_API_SERVER::CREATABLE | WC_API_SERVER::ACCEPT_DATA ), ); # GET /customers/count $routes[ $this->base . '/count'] = array( array( array( $this, 'get_customers_count' ), WC_API_SERVER::READABLE ), ); # GET|PUT|DELETE /customers/ $routes[ $this->base . '/(?P\d+)' ] = array( array( array( $this, 'get_customer' ), WC_API_SERVER::READABLE ), array( array( $this, 'edit_customer' ), WC_API_SERVER::EDITABLE | WC_API_SERVER::ACCEPT_DATA ), array( array( $this, 'delete_customer' ), WC_API_SERVER::DELETABLE ), ); # GET /customers//orders $routes[ $this->base . '/(?P\d+)/orders' ] = array( array( array( $this, 'get_customer_orders' ), WC_API_SERVER::READABLE ), ); return $routes; } /** * Get all customers * * @since 2.1 * @param array $fields * @param array $filter * @return array */ public function get_customers( $fields = null, $filter = array() ) { $query = $this->query_customers( $filter ); $customers = array(); foreach( $query->results as $user_id ) { if ( ! $this->is_readable( $user_id ) ) continue; $customers[] = $this->get_customer( $user_id, $fields ); } // TODO: add navigation/total count headers for pagination return array( 'customers' => $customers ); } /** * Get the customer for the given ID * * @since 2.1 * @param int $id the customer ID * @param string $fields * @return array */ public function get_customer( $id, $fields = null ) { global $wpdb; $id = $this->validate_request( $id, 'customer', 'read' ); if ( is_wp_error( $id ) ) return $id; $customer = new WP_User( $id ); // get info about user's last order $last_order = $wpdb->get_row( "SELECT id, post_date FROM $wpdb->posts AS posts LEFT JOIN {$wpdb->postmeta} AS meta on posts.ID = meta.post_id WHERE meta.meta_key = '_customer_user' AND meta.meta_value = {$customer->ID} AND posts.post_type = 'shop_order' AND posts.post_status = 'publish' " ); $customer_data = array( 'id' => $customer->ID, 'created_at' => $customer->user_registered, 'email' => $customer->user_email, 'first_name' => $customer->first_name, 'last_name' => $customer->last_name, 'username' => $customer->user_login, 'last_order_id' => is_object( $last_order ) ? $last_order->id : null, 'last_order_date' => is_object( $last_order ) ? $last_order->post_date : null, 'orders_count' => $customer->_order_count, 'total_spent' => (string) number_format( $customer->_money_spent, 2 ), 'avatar_url' => $this->get_avatar_url( $customer->customer_email ), 'billing_address' => array( 'first_name' => $customer->billing_first_name, 'last_name' => $customer->billing_last_name, 'company' => $customer->billing_company, 'address_1' => $customer->billing_address_1, 'address_2' => $customer->billing_address_2, 'city' => $customer->billing_city, 'state' => $customer->billing_state, 'postcode' => $customer->billing_postcode, 'country' => $customer->billing_country, 'email' => $customer->billing_email, 'phone' => $customer->billing_phone, ), 'shipping_address' => array( 'first_name' => $customer->shipping_first_name, 'last_name' => $customer->shipping_last_name, 'company' => $customer->shipping_company, 'address_1' => $customer->shipping_address_1, 'address_2' => $customer->shipping_address_2, 'city' => $customer->shipping_city, 'state' => $customer->shipping_state, 'postcode' => $customer->shipping_postcode, 'country' => $customer->shipping_country, ), ); return apply_filters( 'woocommerce_api_customer_response', $customer_data, $customer, $fields, $this->server ); } /** * Get the total number of customers * * @since 2.1 * @param array $filter * @return array */ public function get_customers_count( $filter = array() ) { $query = $this->query_customers( $filter ); // TODO: permissions? return array( 'count' => $query->get_total() ); } /** * Create a customer * * @since 2.1 * @param array $data * @return array */ public function create_customer( $data ) { if ( ! current_user_can( 'create_users' ) ) return new WP_Error( 'woocommerce_api_user_cannot_create_customer', __( 'You do not have permission to create this customer', 'woocommerce' ), array( 'status' => 401 ) ); // TODO: implement - woocommerce_create_new_customer() return array(); } /** * Edit a customer * * @since 2.1 * @param int $id the customer ID * @param array $data * @return array */ public function edit_customer( $id, $data ) { $id = $this->validate_request( $id, 'customer', 'edit' ); if ( ! is_wp_error( $id ) ) return $id; // TODO: implement return $this->get_customer( $id ); } /** * Delete a customer * * @since 2.1 * @param int $id the customer ID * @return array */ public function delete_customer( $id ) { $id = $this->validate_request( $id, 'customer', 'delete' ); if ( ! is_wp_error( $id ) ) return $id; return $this->delete( $id, 'customer' ); } /** * Get the orders for a customer * * @since 2.1 * @param int $id the customer ID * @param string $fields fields to include in response * @return array */ public function get_customer_orders( $id, $fields = null ) { global $wpdb; $id = $this->validate_request( $id, 'customer', 'read' ); if ( is_wp_error( $id ) ) return $id; $order_ids = $wpdb->get_col( $wpdb->prepare( "SELECT id FROM $wpdb->posts AS posts LEFT JOIN {$wpdb->postmeta} AS meta on posts.ID = meta.post_id WHERE meta.meta_key = '_customer_user' AND meta.meta_value = '%s' AND posts.post_type = 'shop_order' AND posts.post_status = 'publish' ", $id ) ); if ( empty( $order_ids ) ) return array( 'orders' => array() ); $orders = array(); foreach ( $order_ids as $order_id ) { $orders[] = WC()->api->WC_API_Orders->get_order( $order_id, $fields ); } return apply_filters( 'woocommerce_api_customer_orders_response', array( 'orders' => $orders ), $id, $fields, $order_ids, $this->server ); } /** * Helper method to get customer user objects * * @since 2.1 * @param array $args request arguments for filtering query * @return array */ private function query_customers( $args = array() ) { // set base query arguments $query_args = array( 'fields' => 'ID', 'role' => 'customer', 'orderby' => 'registered', ); if ( ! empty( $args['q'] ) ) $query_args['search'] = $args['q']; if ( ! empty( $args['limit'] ) ) $query_args['number'] = $args['limit']; if ( ! empty( $args['offset'] ) ) $query_args['offset'] = $args['offset']; if ( ! empty( $args['created_at_min'] ) ) $this->created_at_min = $args['created_at_min']; if ( ! empty( $args['created_at_max'] ) ) $this->created_at_max = $args['created_at_max']; // TODO: support page argument - requires custom implementation as WP_User_Query has no built-in pagination like WP_Query return new WP_User_Query( $query_args ); } /** * Add customer data to orders * * @since 2.1 * @param $order_data * @param $order * @return array */ public function add_customer_data( $order_data, $order ) { if ( 0 == $order->customer_user ) { $order_data['customer'] = 'guest'; } else { $order_data['customer'] = $this->get_customer( $order->customer_user ); } return $order_data; } /** * Modify the WP_User_Query to support filtering on the date the customer was created * * @since 2.1 * @param WP_User_Query $query */ public function modify_user_query( $query ) { if ( $this->created_at_min ) $query->query_where .= sprintf( " AND DATE(user_registered) >= '%s'", date( 'Y-m-d H:i:s', strtotime( $this->created_at_min ) ) ); // TODO: date formatting if ( $this->created_at_max ) $query->query_where .= sprintf( " AND DATE(user_registered) <= '%s'", date( 'Y-m-d H:i:s', strtotime( $this->created_at_max ) ) ); // TODO: date formatting } /** * Wrapper for @see get_avatar() which doesn't simply return * the URL so we need to pluck it from the HTML img tag * * @since 2.1 * @param string $email the customer's email * @return string the URL to the customer's avatar */ private function get_avatar_url( $email ) { $dom = new DOMDocument(); $dom->loadHTML( get_avatar( $email ) ); $url = $dom->getElementsByTagName( 'img' )->item( 0 )->getAttribute( 'src' ); return ( ! empty( $url ) ) ? $url : null; } /** * Validate the request by checking: * * 1) the ID is a valid integer * 2) the ID returns a valid WP_User * 3) the current user has the proper permissions * * @since 2.1 * @see WC_API_Resource::validate_request() * @param string|int $id the customer ID * @param string $type the request type, unused because this method overrides the parent class * @param string $context the context of the request, either `read`, `edit` or `delete` * @return int|WP_Error valid user ID or WP_Error if any of the checks fails */ protected function validate_request( $id, $type, $context ) { $id = absint( $id ); // validate ID if ( empty( $id ) ) return new WP_Error( 'woocommerce_api_invalid_customer_id', __( 'Invalid customer ID', 'woocommerce' ), array( 'status' => 404 ) ); // non-existent IDs return a valid WP_User object with the user ID = 0 $customer = new WP_User( $id ); if ( 0 === $customer->ID ) return new WP_Error( 'woocommerce_api_invalid_customer', __( 'Invalid customer', 'woocommerce' ), array( 'status' => 404 ) ); // validate permissions switch ( $context ) { case 'read': if ( ! current_user_can( 'list_users' ) ) return new WP_Error( 'woocommerce_api_user_cannot_read_customer', __( 'You do not have permission to read this customer', 'woocommerce' ), array( 'status' => 401 ) ); break; case 'edit': if ( ! current_user_can( 'edit_users' ) ) return new WP_Error( 'woocommerce_api_user_cannot_edit_customer', __( 'You do not have permission to edit this customer', 'woocommerce' ), array( 'status' => 401 ) ); break; case 'delete': if ( ! current_user_can( 'delete_users' ) ) return new WP_Error( 'woocommerce_api_user_cannot_delete_customer', __( 'You do not have permission to delete this customer', 'woocommerce' ), array( 'status' => 401 ) ); break; } return $id; } /** * Check if the current user can read users * * @since 2.1 * @see WC_API_Resource::is_readable() * @param int|WP_Post $post unused * @return bool true if the current user can read users, false otherwise */ protected function is_readable( $post ) { return current_user_can( 'list_users' ); } }