WooCommerce Code Reference

CheckoutSchema.php

Source code

<?php
namespace Automattic\WooCommerce\StoreApi\Schemas\V1;

use Automattic\WooCommerce\StoreApi\SchemaController;
use Automattic\WooCommerce\StoreApi\Payments\PaymentResult;
use Automattic\WooCommerce\StoreApi\Schemas\ExtendSchema;
use Automattic\WooCommerce\Blocks\Domain\Services\CheckoutFields;
use Automattic\WooCommerce\Blocks\Package;
use Automattic\WooCommerce\StoreApi\Utilities\SanitizationUtils;

/**
 * CheckoutSchema class.
 */
class CheckoutSchema extends AbstractSchema {
	/**
	 * The schema item name.
	 *
	 * @var string
	 */
	protected $title = 'checkout';

	/**
	 * The schema item identifier.
	 *
	 * @var string
	 */
	const IDENTIFIER = 'checkout';

	/**
	 * Billing address schema instance.
	 *
	 * @var BillingAddressSchema
	 */
	protected $billing_address_schema;

	/**
	 * Shipping address schema instance.
	 *
	 * @var ShippingAddressSchema
	 */
	protected $shipping_address_schema;

	/**
	 * Image Attachment schema instance.
	 *
	 * @var ImageAttachmentSchema
	 */
	protected $image_attachment_schema;

	/**
	 * Additional fields controller.
	 *
	 * @var CheckoutFields
	 */
	protected $additional_fields_controller;

	/**
	 * Constructor.
	 *
	 * @param ExtendSchema     $extend Rest Extending instance.
	 * @param SchemaController $controller Schema Controller instance.
	 */
	public function __construct( ExtendSchema $extend, SchemaController $controller ) {
		parent::__construct( $extend, $controller );
		$this->billing_address_schema       = $this->controller->get( BillingAddressSchema::IDENTIFIER );
		$this->shipping_address_schema      = $this->controller->get( ShippingAddressSchema::IDENTIFIER );
		$this->image_attachment_schema      = $this->controller->get( ImageAttachmentSchema::IDENTIFIER );
		$this->additional_fields_controller = Package::container()->get( CheckoutFields::class );
	}

	/**
	 * Checkout schema properties.
	 *
	 * @return array
	 */
	public function get_properties() {
		$additional_field_schema = $this->get_additional_fields_schema();
		return [
			'order_id'          => [
				'description' => __( 'The order ID to process during checkout.', 'woocommerce' ),
				'type'        => 'integer',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
			],
			'status'            => [
				'description' => __( 'Order status. Payment providers will update this value after payment.', 'woocommerce' ),
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
			],
			'order_key'         => [
				'description' => __( 'Order key used to check validity or protect access to certain order data.', 'woocommerce' ),
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
			],
			'order_number'      => [
				'description' => __( 'Order number used for display.', 'woocommerce' ),
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
			],
			'customer_note'     => [
				'description' => __( 'Note added to the order by the customer during checkout.', 'woocommerce' ),
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
			],
			'customer_id'       => [
				'description' => __( 'Customer ID if registered. Will return 0 for guests.', 'woocommerce' ),
				'type'        => 'integer',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
			],
			'billing_address'   => [
				'description' => __( 'Billing address.', 'woocommerce' ),
				'type'        => 'object',
				'context'     => [ 'view', 'edit' ],
				'properties'  => $this->billing_address_schema->get_properties(),
				'arg_options' => [
					'sanitize_callback' => [ $this->billing_address_schema, 'sanitize_callback' ],
					'validate_callback' => [ $this->billing_address_schema, 'validate_callback' ],
				],
				'required'    => true,
			],
			'shipping_address'  => [
				'description' => __( 'Shipping address.', 'woocommerce' ),
				'type'        => 'object',
				'context'     => [ 'view', 'edit' ],
				'properties'  => $this->shipping_address_schema->get_properties(),
				'arg_options' => [
					'sanitize_callback' => [ $this->shipping_address_schema, 'sanitize_callback' ],
					'validate_callback' => [ $this->shipping_address_schema, 'validate_callback' ],
				],
			],
			'payment_method'    => [
				'description' => __( 'The ID of the payment method being used to process the payment.', 'woocommerce' ),
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
				// Validation may be based on cart contents which is not available here; this returns all enabled
				// gateways. Further validation occurs during the request.
				'enum'        => array_values( WC()->payment_gateways->get_payment_gateway_ids() ),
			],
			'create_account'    => [
				'description' => __( 'Whether to create a new user account as part of order processing.', 'woocommerce' ),
				'type'        => 'boolean',
				'context'     => [ 'view', 'edit' ],
			],
			'payment_result'    => [
				'description' => __( 'Result of payment processing, or false if not yet processed.', 'woocommerce' ),
				'type'        => 'object',
				'context'     => [ 'view', 'edit' ],
				'readonly'    => true,
				'properties'  => [
					'payment_status'  => [
						'description' => __( 'Status of the payment returned by the gateway. One of success, pending, failure, error.', 'woocommerce' ),
						'readonly'    => true,
						'type'        => 'string',
					],
					'payment_details' => [
						'description' => __( 'An array of data being returned from the payment gateway.', 'woocommerce' ),
						'readonly'    => true,
						'type'        => 'array',
						'items'       => [
							'type'       => 'object',
							'properties' => [
								'key'   => [
									'type' => 'string',
								],
								'value' => [
									'type' => 'string',
								],
							],
						],
					],
					'redirect_url'    => [
						'description' => __( 'A URL to redirect the customer after checkout. This could be, for example, a link to the payment processors website.', 'woocommerce' ),
						'readonly'    => true,
						'type'        => 'string',
					],
				],
			],
			'additional_fields' => [
				'description' => __( 'Additional fields to be persisted on the order.', 'woocommerce' ),
				'type'        => 'object',
				'context'     => [ 'view', 'edit' ],
				'properties'  => $additional_field_schema,
				'arg_options' => [
					'sanitize_callback' => [ $this, 'sanitize_additional_fields' ],
					'validate_callback' => [ $this, 'validate_additional_fields' ],
				],
				'required'    => $this->schema_has_required_property( $additional_field_schema ),
			],
			self::EXTENDING_KEY => $this->get_extended_schema( self::IDENTIFIER ),
		];
	}

	/**
	 * Return the response for checkout.
	 *
	 * @param object $item Results from checkout action.
	 * @return array
	 */
	public function get_item_response( $item ) {
		return $this->get_checkout_response( $item->order, $item->payment_result );
	}

	/**
	 * Get the checkout response based on the current order and any payments.
	 *
	 * @param \WC_Order     $order Order object.
	 * @param PaymentResult $payment_result Payment result object.
	 * @return array
	 */
	protected function get_checkout_response( \WC_Order $order, PaymentResult $payment_result = null ) {
		return [
			'order_id'          => $order->get_id(),
			'status'            => $order->get_status(),
			'order_key'         => $order->get_order_key(),
			'order_number'      => $order->get_order_number(),
			'customer_note'     => $order->get_customer_note(),
			'customer_id'       => $order->get_customer_id(),
			'billing_address'   => (object) $this->billing_address_schema->get_item_response( $order ),
			'shipping_address'  => (object) $this->shipping_address_schema->get_item_response( $order ),
			'payment_method'    => $order->get_payment_method(),
			'payment_result'    => [
				'payment_status'  => $payment_result->status,
				'payment_details' => $this->prepare_payment_details_for_response( $payment_result->payment_details ),
				'redirect_url'    => $payment_result->redirect_url,
			],
			'additional_fields' => $this->get_additional_fields_response( $order ),
			self::EXTENDING_KEY => $this->get_extended_data( self::IDENTIFIER ),
		];
	}

	/**
	 * This prepares the payment details for the response so it's following the
	 * schema where it's an array of objects.
	 *
	 * @param array $payment_details An array of payment details from the processed payment.
	 *
	 * @return array An array of objects where each object has the key and value
	 *               as distinct properties.
	 */
	protected function prepare_payment_details_for_response( array $payment_details ) {
		return array_map(
			function ( $key, $value ) {
				return (object) [
					'key'   => $key,
					'value' => $value,
				];
			},
			array_keys( $payment_details ),
			$payment_details
		);
	}

	/**
	 * Get the additional fields response.
	 *
	 * @param \WC_Order $order Order object.
	 * @return array
	 */
	protected function get_additional_fields_response( \WC_Order $order ) {
		$fields = wp_parse_args(
			$this->additional_fields_controller->get_all_fields_from_object( $order, 'other' ),
			$this->additional_fields_controller->get_all_fields_from_object( wc()->customer, 'other' )
		);

		$additional_field_schema = $this->get_additional_fields_schema();
		foreach ( $fields as $key => $value ) {
			if ( ! isset( $additional_field_schema[ $key ] ) ) {
				unset( $fields[ $key ] );
				continue;
			}
			// This makes sure we're casting checkboxes from "1" and "0" to boolean. In the frontend, "0" is treated as truthy.
			if ( isset( $additional_field_schema[ $key ]['type'] ) && 'boolean' === $additional_field_schema[ $key ]['type'] ) {
				$fields[ $key ] = (bool) $value;
			} else {
				$fields[ $key ] = $this->prepare_html_response( $value );
			}
		}

		return $fields;
	}

	/**
	 * Get the schema for additional fields.
	 *
	 * @return array
	 */
	protected function get_additional_fields_schema() {
		return $this->generate_additional_fields_schema(
			$this->additional_fields_controller->get_fields_for_location( 'contact' ),
			$this->additional_fields_controller->get_fields_for_location( 'order' )
		);
	}

	/**
	 * Generate the schema for additional fields.
	 *
	 * @param array[] ...$args One or more arrays of additional fields.
	 * @return array
	 */
	protected function generate_additional_fields_schema( ...$args ) {
		$additional_fields = array_merge( ...$args );
		$schema            = [];
		foreach ( $additional_fields as $key => $field ) {
			$field_schema = [
				'description' => $field['label'],
				'type'        => 'string',
				'context'     => [ 'view', 'edit' ],
				'required'    => $field['required'],
			];

			if ( 'select' === $field['type'] ) {
				$field_schema['enum'] = array_map(
					function ( $option ) {
						return $option['value'];
					},
					$field['options']
				);
			}

			if ( 'checkbox' === $field['type'] ) {
				$field_schema['type'] = 'boolean';
			}

			$schema[ $key ] = $field_schema;
		}
		return $schema;
	}

	/**
	 * Check if any additional field is required, so that the parent item is required as well.
	 *
	 * @param array $additional_fields_schema Additional fields schema.
	 * @return bool
	 */
	protected function schema_has_required_property( $additional_fields_schema ) {
		return array_reduce(
			array_keys( $additional_fields_schema ),
			function ( $carry, $key ) use ( $additional_fields_schema ) {
				return $carry || $additional_fields_schema[ $key ]['required'];
			},
			false
		);
	}

	/**
	 * Sanitize and format additional fields object.
	 *
	 * @param array $fields Values being sanitized.
	 * @return array
	 */
	public function sanitize_additional_fields( $fields ) {
		$properties         = $this->get_additional_fields_schema();
		$sanitization_utils = new SanitizationUtils();
		$fields             = $sanitization_utils->wp_kses_array(
			array_reduce(
				array_keys( $fields ),
				function ( $carry, $key ) use ( $fields, $properties ) {
					if ( ! isset( $properties[ $key ] ) ) {
						return $carry;
					}
					$field_schema   = $properties[ $key ];
					$rest_sanitized = rest_sanitize_value_from_schema( wp_unslash( $fields[ $key ] ), $field_schema, $key );
					$rest_sanitized = $this->additional_fields_controller->sanitize_field( $key, $rest_sanitized );
					$carry[ $key ]  = $rest_sanitized;
					return $carry;
				},
				[]
			)
		);

		return $sanitization_utils->wp_kses_array( $fields );
	}

	/**
	 * Validate additional fields object.
	 *
	 * @see rest_validate_value_from_schema
	 *
	 * @param array            $fields Value being sanitized.
	 * @param \WP_REST_Request $request The Request.
	 * @return true|\WP_Error
	 */
	public function validate_additional_fields( $fields, $request ) {
		$errors                  = new \WP_Error();
		$fields                  = $this->sanitize_additional_fields( $fields );
		$additional_field_schema = $this->get_additional_fields_schema();

		// Loop over the schema instead of the fields. This is to ensure missing fields are validated.
		foreach ( $additional_field_schema as $key => $schema ) {
			if ( ! isset( $fields[ $key ] ) && ! $schema['required'] ) {
				// Optional fields can go missing.
				continue;
			}

			$field_value = isset( $fields[ $key ] ) ? $fields[ $key ] : null;
			$result      = rest_validate_value_from_schema( $field_value, $schema, $key );

			// Only allow custom validation on fields that pass the schema validation.
			if ( true === $result ) {
				$result = $this->additional_fields_controller->validate_field( $key, $field_value );
			}

			if ( is_wp_error( $result ) && $result->has_errors() ) {
				$location = $this->additional_fields_controller->get_field_location( $key );
				foreach ( $result->get_error_codes() as $code ) {
					$result->add_data(
						array(
							'location' => $location,
							'key'      => $key,
						),
						$code
					);
				}
				$errors->merge_from( $result );
			}
		}

		// Validate groups of properties per registered location.
		$locations = array( 'contact', 'order' );

		foreach ( $locations as $location ) {
			$location_fields = $this->additional_fields_controller->filter_fields_for_location( $fields, $location );
			$result          = $this->additional_fields_controller->validate_fields_for_location( $location_fields, $location, 'other' );

			if ( is_wp_error( $result ) && $result->has_errors() ) {
				$errors->merge_from( $result );
			}
		}

		return $errors->has_errors() ? $errors : true;
	}
}