Skip to content

Instantly share code, notes, and snippets.

@BrianHenryIE
Created July 1, 2017 21:24
Show Gist options
  • Save BrianHenryIE/afe6d7e5c94b9186e834e8dcc53bb355 to your computer and use it in GitHub Desktop.
Save BrianHenryIE/afe6d7e5c94b9186e834e8dcc53bb355 to your computer and use it in GitHub Desktop.
Allow users to read their orders through WooCommerce REST API
add_filter( 'woocommerce_rest_check_permissions', 'rest_check_permissions', 10, 4 );
public function rest_check_permissions( $permission, $context, $object_id, $post_type ) {
$auth_customer = wp_get_current_user();
$auth_customer_id = $auth_customer->ID;
// Bad/no authentication
if ( $auth_customer_id == 0 ) {
return $permission;
}
if ( $post_type == 'shop_order' && $context == 'read' ) {
// If we're listing orders
if ( isset( $_GET['customer'] ) ) {
$query_customer_id = (int) $_GET['customer'];
if ( $query_customer_id == $auth_customer_id ) {
return true;
}
}
// If it's a single order
if ( $object_id != 0 ) {
$order = new WC_Order($object_id);
$order_customer_id = $order->get_customer_id();
if ($order_customer_id == $auth_customer_id) {
return true;
}
}
}
return $permission;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment