update Store service and tests

wcpos · Nov 25, 2023 · 3e5f313 · 3e5f313
1 parent 0475ff1
commit 3e5f313
Show file tree

Hide file tree

Showing 8 changed files with 805 additions and 116 deletions.
diff --git a/includes/API.php b/includes/API.php
@@ -170,23 +170,28 @@ public function rest_authentication_errors( $errors ) {
 	}
 
 	/**
-	 * @return false|string
+	 * Extract the Authorization Bearer token from the request.
+	 *
+	 * @return string|false
 	 */
 	public function get_auth_header() {
-		// Get HTTP Authorization Header.
-		$header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? sanitize_text_field( $_SERVER['HTTP_AUTHORIZATION'] ) : false;
+		// Check if HTTP_AUTHORIZATION is set in $_SERVER
+		if ( isset( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
+			return sanitize_text_field( $_SERVER['HTTP_AUTHORIZATION'] );
+		}
 
-		// Check for alternative header.
-		if ( ! $header && isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
-			$header = sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] );
+		// Check for alternative header in $_SERVER
+		if ( isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
+			return sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] );
 		}
 
-		// Check for authorization param in URL
-		if ( ! $header && isset( $_GET['authorization'] ) ) {
-			$header = sanitize_text_field( $_GET['authorization'] );
+		// Check for authorization param in URL ($_GET)
+		if ( isset( $_GET['authorization'] ) ) {
+			return sanitize_text_field( $_GET['authorization'] );
 		}
 
-		return $header;
+		// Return false if none of the variables are set
+		return false;
 	}
 
 	/**
@@ -306,21 +311,31 @@ private function prevent_messages(): void {
 	/**
 	 * @param false|int $user_id User ID if one has been determined, false otherwise.
 	 *
-	 * @return int
+	 * @return int|WP_Error
 	 */
 	private function authenticate( $user_id ) {
-		// extract Bearer token from Authorization Header
-		list($token) = sscanf( $this->get_auth_header(), 'Bearer %s' );
+		// check if there is an auth header
+		$auth_header = $this->get_auth_header();
+		if ( ! is_string( $auth_header ) ) {
+			return $user_id;
+		}
+
+		// Extract Bearer token from Authorization Header
+		list($token) = sscanf( $auth_header, 'Bearer %s' );
 
 		if ( $token ) {
 			$decoded_token = $this->auth_service->validate_token( $token );
 
-			if ( empty( $decoded_token ) || is_wp_error( $decoded_token ) ) {
-				return $user_id;
+			// Check if validate_token returned WP_Error and user_id is null
+			if ( is_wp_error( $decoded_token ) && $user_id === null ) {
+					return $decoded_token;
 			}
-			$user = ! empty( $decoded_token->data->user->id ) ? $decoded_token->data->user->id : $user_id;
 
-			return absint( $user );
+			// If the token is valid, set the user_id
+			if ( ! is_wp_error( $decoded_token ) ) {
+				$user_id = $decoded_token->data->user->id;
+				return absint( $user_id );
+			}
 		}
 
 		return $user_id;

diff --git a/includes/API/Stores.php b/includes/API/Stores.php
@@ -2,9 +2,31 @@
 
 namespace WCPOS\WooCommercePOS\API;
 
-use WC_Admin_Settings;
+\defined( 'ABSPATH' ) || die;
+
+if ( ! class_exists( 'WP_REST_Controller' ) ) {
+	return;
+}
+
+use WP_REST_Controller;
+use WCPOS\WooCommercePOS\Services\Store;
+use const WCPOS\WooCommercePOS\SHORT_NAME;
+
+class Stores extends WP_REST_Controller {
+		/**
+		 * Endpoint namespace.
+		 *
+		 * @var string
+		 */
+	protected $namespace = SHORT_NAME . '/v1';
+
+	/**
+	 * Route base.
+	 *
+	 * @var string
+	 */
+	protected $rest_base = 'stores';
 
-class Stores extends Abstracts\Controller {
 	/**
 	 * Stores constructor.
 	 */
@@ -13,72 +35,64 @@ public function __construct() {
 
 
 	public function register_routes(): void {
-		register_rest_route($this->namespace, '/stores', array(
-			'methods'             => 'GET',
-			'callback'            => array( $this, 'get_stores' ),
-			'permission_callback' => '__return_true',
-		));
+		register_rest_route(
+			$this->namespace,
+			'/' . $this->rest_base,
+			array(
+				'methods'             => 'GET',
+				'callback'            => array( $this, 'get_items' ),
+				'permission_callback' => array( $this, 'check_permissions' ),
+			)
+		);
 	}
 
 	/**
-	 * @TODO
-	 * @return
+	 * Retrieve store data.
+	 *
+	 * @param WP_REST_Request $request Full details about the request.
+	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
 	 */
-	public function get_stores() {
-		$data = array(
-			$this->get_store(),
-		);
+	public function get_items( $request ) {
+		try {
+			$store = new Store();
 
-		/**
-		 *
-		 */
-		return apply_filters( 'woocommerce_pos_stores', $data, $this );
-	}
+			// Check if store data is available
+			if ( ! $store ) {
+					return new \WP_Error(
+						'woocommerce_pos_store_not_found',
+						esc_html__( 'Store not found', 'woocommerce-pos' ),
+						array( 'status' => 404 )
+					);
+			}
 
+			$data = $store->get_data();
+			$response = rest_ensure_response( array( $data ) );
 
+			return $response;
 
-	public function get_store(): array {
-		return array_merge(
-			array(
-				'id'     => 0,
-				'name'   => get_option( 'blogname' ),
-				'locale' => get_locale(),
-			),
-			array(
-				/**
-				 * Get POS Settings
-				 */
-				'default_customer' => woocommerce_pos_get_settings( 'general', 'default_customer' ),
-				'default_customer_is_cashier' => woocommerce_pos_get_settings( 'general', 'default_customer_is_cashier' ),
-				/**
-				 * Get the General settings from WooCommerce
-				 */
-				'store_address' => WC_Admin_Settings::get_option( 'woocommerce_store_address' ),
-				'store_address_2' => WC_Admin_Settings::get_option( 'woocommerce_store_address_2' ),
-				'store_city' => WC_Admin_Settings::get_option( 'woocommerce_store_city' ),
-				'default_country' => WC_Admin_Settings::get_option( 'woocommerce_default_country' ),
-				'store_postcode' => WC_Admin_Settings::get_option( 'woocommerce_store_postcode' ),
-				'default_customer_address' => WC_Admin_Settings::get_option( 'woocommerce_default_customer_address' ),
-				'calc_taxes' => WC_Admin_Settings::get_option( 'woocommerce_calc_taxes' ),
-				'enable_coupons' => WC_Admin_Settings::get_option( 'woocommerce_enable_coupons' ),
-				'calc_discounts_sequentially' => WC_Admin_Settings::get_option( 'woocommerce_calc_discounts_sequentially' ),
-				'currency' => WC_Admin_Settings::get_option( 'woocommerce_currency' ),
-				'currency_pos' => WC_Admin_Settings::get_option( 'woocommerce_currency_pos' ),
-				'price_thousand_sep' => WC_Admin_Settings::get_option( 'woocommerce_price_thousand_sep' ),
-				'price_decimal_sep' => WC_Admin_Settings::get_option( 'woocommerce_price_decimal_sep' ),
-				'price_num_decimals' => WC_Admin_Settings::get_option( 'woocommerce_price_num_decimals' ),
-				/**
-				 * Get the Tax settings from WooCommerce
-				 */
-				'prices_include_tax' => WC_Admin_Settings::get_option( 'woocommerce_prices_include_tax' ),
-				'tax_based_on' => 'base', // default should be base, perhaps have a setting for this?
-				'shipping_tax_class' => WC_Admin_Settings::get_option( 'woocommerce_shipping_tax_class' ),
-				'tax_round_at_subtotal' => WC_Admin_Settings::get_option( 'woocommerce_tax_round_at_subtotal' ),
-				'tax_display_shop' => WC_Admin_Settings::get_option( 'woocommerce_tax_display_shop' ),
-				'tax_display_cart' => WC_Admin_Settings::get_option( 'woocommerce_tax_display_cart' ),
-				'price_display_suffix' => WC_Admin_Settings::get_option( 'woocommerce_price_display_suffix' ),
-				'tax_total_display' => WC_Admin_Settings::get_option( 'woocommerce_tax_total_display' ),
-			)
-		);
+		} catch ( \Exception $e ) {
+			return new \WP_Error(
+				'woocommerce_pos_store_retrieval_failed',
+				esc_html__( 'Failed to retrieve store data', 'woocommerce-pos' ),
+				array( 'status' => 500 )
+			);
+		}
+	}
+
+	/**
+	 * Check if the user is logged in.
+	 *
+	 * @return bool|WP_Error True if the user is logged in, WP_Error otherwise.
+	 */
+	public function check_permissions() {
+		if ( ! is_user_logged_in() ) {
+				return new \WP_Error(
+					'woocommerce_pos_rest_forbidden',
+					esc_html__( 'You do not have permissions to view this data.', 'woocommerce-pos' ),
+					array( 'status' => rest_authorization_required_code() )
+				);
+		}
+
+		return true;
 	}
 }
diff --git a/includes/Services/Auth.php b/includes/Services/Auth.php
@@ -6,21 +6,11 @@
 use WCPOS\Vendor\Firebase\JWT\JWT;
 use WCPOS\Vendor\Firebase\JWT\Key;
 use Ramsey\Uuid\Uuid;
-use WCPOS\WooCommercePOS\API\Stores;
 use WP_Error;
 use WP_User;
 use const DAY_IN_SECONDS;
 
 class Auth {
-	/**
-	 *
-	 */
-	protected $stores_service;
-
-	public function __construct() {
-		$this->stores_service = new Stores();
-	}
-
 	/**
 	 * Generate a secret key if it doesn't exist, or return the existing one
 	 *
@@ -177,7 +167,6 @@ public function get_user_data( WP_User $user ): array {
 			'nice_name'    => $user->user_nicename,
 			'display_name' => $user->display_name,
 			'avatar_url'   => get_avatar_url( $user->ID ),
-			'stores'       => $this->stores_service->get_stores(),
 		);
 
 		return $data;