dsm1

I’ve granted the following:
assign_shop_order_terms
delete_others_shop_orders
delete_private_shop_orders
delete_published_shop_orders
delete_shop_order
delete_shop_order_terms
delete_shop_orders
edit_dashboard
edit_others_shop_orders
edit_posts
edit_private_shop_orders
edit_published_shop_orders
edit_shop_order
edit_shop_order_terms
edit_shop_orders
edit_users
list_users
manage_options
manage_shop_order_terms
manage_woocommerce
phone-orders-for-woocommerce
publish_posts
publish_shop_orders
read
read_private_pages
read_private_posts
read_private_products
read_private_shop_coupons
read_private_shop_orders
read_private_shop_webhooks
read_product
read_shop_coupon
read_shop_order
read_shop_webhook
unfiltered_html

Already granted manage_woocommerce, still nothing

Hi Alex,

No, just access to the actual placing of the order screen (admin.php?page=phone-orders-for-woocommerce)

I’ve granted “delete_users” and that hasn’t worked.

Regards

Also @wbrubaker,

Would it be possible to let bob read customers but not write?

We’ve given Bob Read/Write accessin WooCommerce settings but want Read Only on customers.

Is that possible in the hook?

Thanks @wbrubaker,

That is what I’m looking for, the code of never trust Bob with customer data, where are the endpoints set? I can’t see where “customers” are disallowed in that snip (I’m guessing I’ve missed something obvious).

How would I go about, for example blocking “coupons” too?

i.e:

add_filter( 'woocommerce_rest_check_permissions', 'never_trust_bob_with_coupons', 10, 4 );

function never_trust_bob_with_coupons( $permission, $context, $object_id, $type ) {
	return ( 'user' === $type && 'bob' === wp_get_current_user()->user_login ) ? false : $permission;
}

I know my amendment above is wrong but thats the only place I see the endpoint name mentioned!

Hi @jessepearson,

Thats great, but that doesn’t nessasarilly point me in the right direction for specific user restrictions, I found this plugin which offers everything I’m after apart from the fact the plugin is inneffective, it doesn’t actually work…
https://www.ads-software.com/plugins/woocommerce-api-lockdown/

Unless I’ve missed something in the wc-rest-functions.php file?

Please take a look at the plugin, it does describe in a bit more detail as to what I’m after. Note: I’m not asking for support on this plugin, if anything, I’m ideally looking for a functions.php webhook.

Regards

Hi @ryanr14,

Thats correct but this isn’t a user access concern;

Here’s an example:
Users:
Joe
Bob
Carl

All of those users can access:
Products
Customers
Coupons
Orders

What I’m looking for, is, for example, a way to stop Bob, and only Bob from accessing the Customers endpoint, whilst still having access to Products, Coupons and Orders.

I hope that clears things up.

API uses keys, yes.

Hi @shellbeezy,

By user if possible please

Fixed!
Declared global $products; at the start of the fuction! All working!

Aelia Multi Currency…

Added this which helped…

private function _filter_max_subtotal( $condition, $package ) {
//DANIEL MOORE MAKING THIS WORK IN EUROS AS WELL AS DEFAULT CURRENCY
//$factor = $order->get_currency() == “EUR” ? 1.4 : 1;
//$factor = get_woocommerce_currency_symbol() == “EUR” ? 1.4 : 1;
$factor = get_woocommerce_currency_symbol() == “€” ? 1.4 : 1;
//END DANIEL MOORE, FOR NOW…
$subtotal = WC()->cart->subtotal;

if ( isset( $condition[‘value’] ) && ! empty( $condition[‘value’] ) ) {
//DANIEL MOORE IS BACK! THE * $factor IS WHERE I’M AT
$max_subtotal = $this->_parse_number( $condition[‘value’] * $factor );
//ALL DONE! HAVE FUN IN EUROS!
if ( $max_subtotal !== FALSE && $max_subtotal > 0 && $subtotal > $max_subtotal ) {
return TRUE;
}
}

The issue seems to have resolved itself by simply disabling the plugin, installing the free version, disabling and deling that then re-enabling the pro plugin.
In doing so, the Gift Criteria was wiped but overall, this somehow worked?
Can’t argue with that, if it works, it works! I’ll keep a close eye on it in case anything changes.

Still no update, I haven’t forgotten!

We’ve put this on the Pro fourms ourselves as are experiencing the issue : https://ankitpokhrel.com/explore/forums/topic/pop-up-not-showing/#post-5894

Interestingly, the auto addition of the gift appears to be working on pro.
For now, we’ve reverted to the free plugin which works ok (limited obviously!)

If anything appears in the Pro Fourms with regards to info, I’ll keep you posted!

Phew! Thanks for confirming! I tested it with a remote machine off-site too and all went as expected.