Changeset 3476596
- Timestamp:
- 03/06/2026 05:36:59 PM (3 weeks ago)
- Location:
- businesscentralconnector/trunk
- Files:
-
- 2 edited
-
businesscentralconnector.php (modified) (2 diffs)
-
readme.txt (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
businesscentralconnector/trunk/businesscentralconnector.php
r3475978 r3476596 4 4 * Plugin URI: https://help.synfynal.com/articles/index.html 5 5 * Description: Extends WooCommerce API for Business Central integration via Synfynal Connector. Requires Business Central/WooCommerce Connector from AppSource. 6 * Version: 1.1. 46 * Version: 1.1.5 7 7 * Author: Synfynal 8 8 * Author URI: https://www.synfynal.com/ … … 211 211 add_action('woocommerce_rest_insert_customer', 'bccentralconnector_sync_elex_pricing', 20, 3); 212 212 213 add_action('woocommerce_rest_insert_customer', 'bccentralconnector_sync_elex_pricing', 20, 3); 214 215 /** 216 * ===================================================================== 217 * Custom REST endpoint: GET /wp-json/wc/v3/bccentralconnector/user-roles 218 * 219 * Returns all registered WordPress user roles and their slugs. 220 * Authentication is handled by WooCommerce's built-in consumer key / 221 * secret middleware (routes registered under wc/v3 are protected 222 * automatically). The permission callback additionally requires the 223 * authenticated user to hold the `list_users` capability, and rejects 224 * any request whose User-Agent does not contain "Synfynal". 225 * ===================================================================== 226 */ 227 add_action('rest_api_init', 'bccentralconnector_register_user_roles_endpoint'); 228 add_action('rest_api_init', 'bccentralconnector_register_ping_endpoint'); 229 230 function bccentralconnector_register_user_roles_endpoint() { 231 register_rest_route( 232 'wc/v3', 233 '/bccentralconnector/user-roles', 234 array( 235 'methods' => WP_REST_Server::READABLE, 236 'callback' => 'bccentralconnector_get_user_roles', 237 'permission_callback' => 'bccentralconnector_user_roles_permission_check', 238 ) 239 ); 240 } 241 242 function bccentralconnector_register_ping_endpoint() { 243 register_rest_route( 244 'wc/v3', 245 '/bccentralconnector/ping', 246 array( 247 'methods' => WP_REST_Server::READABLE, 248 'callback' => 'bccentralconnector_ping', 249 'permission_callback' => 'bccentralconnector_user_roles_permission_check', 250 ) 251 ); 252 } 253 254 function bccentralconnector_ping() { 255 return array(); 256 } 257 258 /** 259 * Permission callback for the user-roles endpoint. 260 * 261 * Validates: 262 * 1. User-Agent header contains "Synfynal" (same guard used by other handlers). 263 * 2. The WooCommerce-authenticated user has the `list_users` capability, 264 * which is satisfied by any administrator or shop manager API key. 265 * 266 * @param WP_REST_Request $request 267 * @return true|WP_Error 268 */ 269 function bccentralconnector_user_roles_permission_check(WP_REST_Request $request) { 270 // 1. Validate User-Agent 271 $user_agent = $request->get_header('user_agent'); 272 if (empty($user_agent) || stripos($user_agent, 'Synfynal') === false) { 273 return new WP_Error( 274 'rest_forbidden_user_agent', 275 __('Invalid User-Agent.', 'businesscentralconnector'), 276 array('status' => 403) 277 ); 278 } 279 280 // 2. Require an authenticated user with sufficient capability. 281 // WooCommerce consumer key / secret authentication runs before this 282 // callback and sets the current user; unauthenticated requests will 283 // have no user and therefore fail the capability check. 284 if (!current_user_can('list_users')) { 285 return new WP_Error( 286 'rest_forbidden', 287 __('You do not have permission to access this resource.', 'businesscentralconnector'), 288 array('status' => 401) 289 ); 290 } 291 292 return true; 293 } 294 295 /** 296 * Callback for GET /wp-json/wc/v3/bccentralconnector/user-roles. 297 * 298 * Returns a JSON array of objects, each with: 299 * - slug : the role key used internally by WordPress (e.g. "shop_manager") 300 * - name : the human-readable, translated role label (e.g. "Shop manager") 301 * 302 * Example response: 303 * [ 304 * { "slug": "administrator", "name": "Administrator" }, 305 * { "slug": "editor", "name": "Editor" }, 306 * { "slug": "shop_manager", "name": "Shop manager" }, 307 * ... 308 * ] 309 * 310 * @param WP_REST_Request $request 311 * @return WP_REST_Response 312 */ 313 function bccentralconnector_get_user_roles(WP_REST_Request $request) { 314 $roles = array(); 315 316 foreach (wp_roles()->roles as $slug => $role_data) { 317 $roles[] = array( 318 'slug' => $slug, 319 'name' => translate_user_role($role_data['name']), 320 ); 321 } 322 323 return rest_ensure_response($roles); 324 } 325 213 326 /** 214 327 * ===================================================================== -
businesscentralconnector/trunk/readme.txt
r3475978 r3476596 5 5 Requires PHP: 7.0 6 6 Tested up to: 6.8 7 Stable tag: 1.1. 47 Stable tag: 1.1.5 8 8 License: GPLv2 or later 9 9 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 52 52 53 53 == Changelog == 54 = 1.1.5 = 55 * Added the '/bccentralconnector/user-roles' endpoint to return existing user roles from the webstore. 56 * Added the '/bccentralconnector/ping' endpoint to confirm that the plugin exists on the webstore. 57 54 58 = 1.1.4 = 55 59 * Added elex_discount_eligible metadata to manage eligible users. … … 67 71 68 72 == Upgrade Notice == 73 = 1.1.5 = 74 This release introduces the ability to retrieve existing user roles from the webstore via the API. 75 69 76 = 1.1.4 = 70 77 This release adds the possibility to assign users eligible for discounts via the API.
Note: See TracChangeset
for help on using the changeset viewer.