Skip to content

Commit

Permalink
Check user before canceling subscription
Browse files Browse the repository at this point in the history
  • Loading branch information
@aimeos
aimeos committed Jun 11, 2024
1 parent b1960c0 commit d4eac06
Showing 1 changed file with 6 additions and 5 deletions.
11 changes: 6 additions & 5 deletions src/Controller/Frontend/Subscription/Standard.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,8 @@ public function __clone()
*/
public function cancel( string $id ) : \Aimeos\MShop\Subscription\Item\Iface
{
$item = $this->manager->get( $id );
$item = $this->object()->get( $id );

$item = $item->setDateEnd( $item->getDateNext() ?: date( 'Y-m-d' ) )
->setReason( \Aimeos\MShop\Subscription\Item\Iface::REASON_CANCEL );

Expand Down Expand Up @@ -201,16 +202,16 @@ public function compare( string $operator, string $key, $value ) : Iface
*/
public function get( string $id ) : \Aimeos\MShop\Subscription\Item\Iface
{
$userId = $this->context()->user();
$user = $this->context()->user();

$filter = $this->manager->filter( null )->add( [
'order.customerid' => $userId,
'order.customerid' => $user,
'subscription.id' => $id
] );

return $this->manager->search( $filter, $this->domains )->first( function() use ( $id, $userId ) {
return $this->manager->search( $filter, $this->domains )->first( function() use ( $id, $user ) {
$msg = 'Invalid subscription ID "%1$s" for customer ID "%2$s"';
throw new \Aimeos\Controller\Frontend\Subscription\Exception( sprintf( $msg, $id, $userId ) );
throw new \Aimeos\Controller\Frontend\Subscription\Exception( sprintf( $msg, $id, $user ) );
} );
}

Expand Down

0 comments on commit d4eac06

Please sign in to comment.