Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Help using the checkout mutation to create orders. #147

Closed
khuramdogar opened this issue Oct 2, 2019 · 23 comments
Closed

Help using the checkout mutation to create orders. #147

khuramdogar opened this issue Oct 2, 2019 · 23 comments
Labels
question Further information is requested

Comments

@khuramdogar
Copy link

khuramdogar commented Oct 2, 2019

Describe the bug
I am using graphql for create orders from the postman. queries are working fine but I can't run any mutations there is always customer capability error. I am also sending the Bearer token in header to authenticate the customer

To Reproduce
Steps to reproduce the behavior:

  1. http://localhost:8888/testsite/graphql or https://woographql.axistaylor.com/graphql
  2. Headers
    Content-Type:application/graphql Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczpcL1wvd29vZ3JhcGhxbC5heGlzdGF5bG9yLmNvbSIsImlhdCI6MTU3MDAyMTg1OCwibmJmIjoxNTcwMDIxODU4LCJleHAiOjE1NzAwMjIxNTgsImRhdGEiOnsidXNlciI6eyJpZCI6IjMifX19.7drzb9beicfl-SqbPZvzseBGoY4Cf30eoS0x1wyGQIE
  3. run this mutation
mutation MyMutation {
createOrder(input: {clientMutationId: "CreateOrder", customerId: 6, paymentMethod: "bacs", paymentMethodTitle: "Direct Bank Transfer", billing: {address1: "969 Market", city: "San Francisco", address2: "", company: "", country: US, email: "john.doe@example.com", firstName: "John", lastName: "Doe", phone: "12903402832", postcode: "94103", state: "CA"}, shippingLines: {methodId: "flat_rate", methodTitle: "flat_rate", total: "10"}, shipping: {address1: "969 Market", address2: "", city: "San Francisco", country: US, email: "john.doe@example.com", firstName: "JOhn", lastName: "Doe", phone: "180923843204", postcode: "94103", state: "CA"}, isPaid: true, lineItems: {productId: 30, quantity: 1}}) {
  clientMutationId
  order {
    cartHash
    currency
  }
}
}

Expected behavior
The order should be created

Screenshots
Request Screenshot

image

Screenshot 2
Screenshot 2019-10-02 at 5 48 38 PM
Screenshot 3
image

@kidunot89
Copy link
Member

kidunot89 commented Oct 2, 2019

createOrder by default requires that current user have edit-order capability. A capability only found on users with admin or shop manager roles. For public applications it's recommended that the checkout mutation be used instead, however the checkout mutation is still in a experimental phase in my opinion and if you still wish to use the createOrder mutation instead, there is a filter you can use to modify the cap check. Here is a basic example.

function authorized( $authorized ) {
	$authorized = true;
	return $authorized;
}
add_filter( 'authorized_to_create_orders', 'authorized' );

I recommend doing query validation of some kind and not just returning true like in the example.

@khuramdogar
Copy link
Author

Thanks @kidunot89 for your reply but when I query on checkout I got this.

I am sending right authorize header
image

@khuramdogar
Copy link
Author

I have been stuck on this for 2 days. I am experienced JS person and it is my first time interacting with wordpress

@kidunot89
Copy link
Member

Also, I haven't done much in the way of documentation, but I create detailed PR summaries. Here a list of a the major ones. Click the link at the end of bullet point to be taken to any sub PR with example and more details

@umairraza101
Copy link

umairraza101 commented Oct 2, 2019

Hi @khuramdogar & @kidunot89 , I'm facing same issue, Please let me know if you find any solution.

@ali-se-ror
Copy link

@khuramdogar, have you found anything? I am facing some similar issues. Please post if you find anything.

@kidunot89
Copy link
Member

kidunot89 commented Oct 2, 2019

@khuramdogar @umairraza101 @AliHussainciit the woocommerce-session HTTP header is needed for use of the cart and checkout mutation to work properly. You can find out more info and example of how to implement it using React and Apollo here

@khuramdogar
Copy link
Author

@kidunot89 Thank you very much. Is there any way I can test this with Postman or any other rest client.

@kidunot89
Copy link
Member

kidunot89 commented Oct 2, 2019

Hmm, I don't believe so. The header value is sent in GraphQL response of any mutations that change that data, this current includes addToCart and login. I'm not sure how you would retrieve this value in Postman.

@Raja0sama
Copy link

createOrder by default requires that current user have edit-order capability. A capability only found on users with admin or shop manager roles. For public applications it's recommended that the checkout mutation be used instead, however the checkout mutation is still in a experimental phase in my opinion and if you still wish to use the createOrder mutation instead, there is a filter you can use to modify the cap check. Here is a basic example.

function authorized( $authorized ) {
	$authorized = true;
	return $authorized;
}
add_filter( 'authorized_to_create_orders', 'authorized' );

I recommend doing query validation of some kind and not just returning true like in the example.

Even after having those rights, its showing me the error having no rights to make that change :/

@kidunot89 kidunot89 pinned this issue Oct 12, 2019
@kidunot89
Copy link
Member

@Dksami sorry, about the trouble. I found a bug related to user capabilities, it been patched on the develop branch and will be included in the upcoming release. Try downloading or pulling the develop branch and trying again.

@kidunot89 kidunot89 unpinned this issue Nov 26, 2019
@topheroes
Copy link

createOrder by default requires that current user have edit-order capability. A capability only found on users with admin or shop manager roles. For public applications it's recommended that the checkout mutation be used instead, however the checkout mutation is still in a experimental phase in my opinion and if you still wish to use the createOrder mutation instead, there is a filter you can use to modify the cap check. Here is a basic example.

function authorized( $authorized ) {
	$authorized = true;
	return $authorized;
}
add_filter( 'authorized_to_create_orders', 'authorized' );

I recommend doing query validation of some kind and not just returning true like in the example.

It looks like it works on the older versions and doesn't work on the recent one. Is there an alternative?

@jonlovera
Copy link

jonlovera commented Apr 5, 2020

@Dksami @topheroes the filter name changed on the newer versions. Now it's called graphql_woocommerce_authorized_to_create_orders as you can see in line 32.

So it would end up looking like this:

// functions.php
function authorized( $authorized ) {
	$authorized = true;
	return $authorized;
}
add_filter( 'graphql_woocommerce_authorized_to_create_orders', 'authorized' );

Hope that helps :)

UPDATE

Here is how I force the logged user to create orders with their customerID, only if they are logged in.

// functions.php
function authorized($authorized, $order_id = null, $input) {
	if (!$authorized) {
		$user = wp_get_current_user();

		if (!empty($user)) {
			$user_id = $user->data->ID;
			$customer_id = $input['customerId'];

			if (!isset($customer_id) || $customer_id === $user_id) {
				return true;
			}
		}
	}

	return $authorized;
}
add_filter('graphql_woocommerce_authorized_to_create_orders', 'authorized', 1, 3);

function assign_customer_id_to_current_user($order){
	$user = wp_get_current_user();

	if (!empty($user)) {
		$user_id = $user->data->ID;
		$customer_id = $order->get_customer_id();

		if (!$customer_id) {
			$order->set_customer_id($user_id);
			$order->save();
		}
	}

	return $order;
}
add_filter('graphql_woocommerce_after_order_create', 'assign_customer_id_to_current_user');

@kidunot89
Copy link
Member

@jonlovera Thanks so much for catching that i should have made some notes on the hook name changes in the release summary. 😅
@Dksami @topheroes My bad 🤷‍♂️

@kidunot89 kidunot89 changed the title Customer checkout and order mutations are not working Help using the checkout mutation to create orders. May 28, 2020
@kidunot89 kidunot89 pinned this issue May 28, 2020
@kidunot89 kidunot89 added the question Further information is requested label May 28, 2020
@felipepxavier
Copy link

felipepxavier commented Jul 11, 2020

Hi @jonlovera , does this solution of yours solve the problem of orders being linked only to a guest account?
I entered your code in function.php but orders are still linking guest accounts only ..

@jonlovera
Copy link

Hi @felipepxavier, are you using wp-graphql-jwt-authentication?

Might be worth checking what does wp_get_current_user() prints out

@felipepxavier
Copy link

@jonlovera, thanks for the feedback!
Yes, I am using wp-graphql-jwt-authentication, but it was badly configured, solved! ;)

@muhaimincs
Copy link

Hello,

I have a specific rule if customer wants to checkout. My current WP settings require Delivery date as well as the time to place the order. But I couldn't find any docs related to these fields. Any help?

Thanks in advance

@diamondigital
Copy link

Hello, in our case, we were using the createOrder mutation, which is meant for internal order creation. For a standard checkout process, you should use the checkout mutation.

@jakubmas
Copy link

jakubmas commented Jan 4, 2024

Is there a way to specify currency in checkout mutation? I see that this is an option in createOrder but I'm getting User does not have the capabilities necessary to create an order. error.

@diamondigital
Copy link

Is there a way to specify currency in checkout mutation? I see that this is an option in createOrder but I'm getting User does not have the capabilities necessary to create an order. error.

Have you specified the currency in the WooCommerce settings?

@jakubmas
Copy link

jakubmas commented Jan 4, 2024

Yes I did, default currency for my WC is USD but I need to allow also EUR.

@erikdemarco
Copy link

erikdemarco commented Oct 1, 2024

Hi @felipepxavier, are you using wp-graphql-jwt-authentication?

Might be worth checking what does wp_get_current_user() prints out

@jonlovera I'm new to wpgraphql. And confuse how to usecreateOrder for guest checkout. do we also need jwt for this? do you mind to explain how to do it step by step? Because currently the documentation from @kidunot89 on this matter just give a clue it can be done without relying on WooCommerce's session management but doesnt explain how: https://github.com/wp-graphql/wp-graphql-woocommerce/blob/develop/docs/using-checkout-mutation-and-order-mutations.md#using-the-createorder-mutation

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests