Skip to content

Commit e2fed81

Browse files
kilbotkilbot
committed
for fix tax rates permissions
1 parent e49de80 commit e2fed81

File tree

3 files changed

+24
-3
lines changed

3 files changed

+24
-3
lines changed

includes/API/Taxes_Controller.php

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,12 +39,30 @@ class Taxes_Controller extends WC_REST_Taxes_Controller {
3939
*/
4040
public function __construct() {
4141
add_filter( 'woocommerce_pos_rest_dispatch_taxes_request', array( $this, 'wcpos_dispatch_request' ), 10, 4 );
42+
add_filter( 'woocommerce_rest_check_permissions', array( $this, 'check_permissions' ) );
4243

4344
if ( method_exists( parent::class, '__construct' ) ) {
4445
parent::__construct();
4546
}
4647
}
4748

49+
/**
50+
* Check if the current user can view the taxes.
51+
* Note: WC REST API currently requires manage_woocommerce capability to access the endpoint (even for read only).
52+
* This would stop the Cashier role from being able to view the taxes, so we check for read_private_products instead.
53+
*
54+
* @param mixed $permission
55+
*
56+
* @return bool
57+
*/
58+
public function check_permissions( $permission ) {
59+
if ( ! $permission ) {
60+
return current_user_can( 'read_private_products' );
61+
}
62+
63+
return $permission;
64+
}
65+
4866
/**
4967
* Dispatch request to parent controller, or override if needed.
5068
*

readme.txt

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ Contributors: kilbot
33
Tags: cart, e-commerce, ecommerce, inventory, point-of-sale, pos, sales, sell, shop, shopify, store, vend, woocommerce, wordpress-ecommerce
44
Requires at least: 5.6 & WooCommerce 5.3
55
Tested up to: 6.4
6-
Stable tag: 1.4.1
6+
Stable tag: 1.4.2
77
License: GPL-3.0
88
License URI: http://www.gnu.org/licenses/gpl-3.0.html
99

@@ -63,6 +63,9 @@ There is more information on our website at [https://wcpos.com](https://wcpos.co
6363

6464
== Changelog ==
6565

66+
= 1.4.2 - 2024/01/12 =
67+
* Urgent Fix: users with role 'cashier' unable to access tax rates API
68+
6669
= 1.4.1 - 2024/01/12 =
6770
* No change, just messed up the release to WordPress.org
6871

woocommerce-pos.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* Plugin Name: WooCommerce POS
44
* Plugin URI: https://wordpress.org/plugins/woocommerce-pos/
55
* Description: A simple front-end for taking WooCommerce orders at the Point of Sale. Requires <a href="http://wordpress.org/plugins/woocommerce/">WooCommerce</a>.
6-
* Version: 1.4.1
6+
* Version: 1.4.2
77
* Author: kilbot
88
* Author URI: http://wcpos.com
99
* Text Domain: woocommerce-pos
@@ -22,7 +22,7 @@
2222
namespace WCPOS\WooCommercePOS;
2323

2424
// Define plugin constants.
25-
const VERSION = '1.4.1';
25+
const VERSION = '1.4.2';
2626
const PLUGIN_NAME = 'woocommerce-pos';
2727
const SHORT_NAME = 'wcpos';
2828
\define( __NAMESPACE__ . '\PLUGIN_FILE', plugin_basename( __FILE__ ) ); // 'woocommerce-pos/woocommerce-pos.php'

0 commit comments

Comments
 (0)