magento
diff --git a/‎app/code/Magento/CustomerGraphQl/Model/Resolver/Customer/Account/ChangePassword.php
Lines changed: 88 additions & 0 deletions b/‎app/code/Magento/CustomerGraphQl/Model/Resolver/Customer/Account/ChangePassword.php
Lines changed: 88 additions & 0 deletions
diff --git a/‎app/code/Magento/CustomerGraphQl/etc/schema.graphqls
Lines changed: 1 addition & 0 deletions b/‎app/code/Magento/CustomerGraphQl/etc/schema.graphqls
Lines changed: 1 addition & 0 deletions
diff --git a/‎app/code/Magento/QuoteGraphQl/Model/Authorization/IsCartMutationAllowedForCurrentUser.php
Lines changed: 67 additions & 0 deletions b/‎app/code/Magento/QuoteGraphQl/Model/Authorization/IsCartMutationAllowedForCurrentUser.php
Lines changed: 67 additions & 0 deletions
diff --git a/‎app/code/Magento/QuoteGraphQl/Model/Resolver/Coupon/ApplyCouponToCart.php
Lines changed: 110 additions & 0 deletions b/‎app/code/Magento/QuoteGraphQl/Model/Resolver/Coupon/ApplyCouponToCart.php
Lines changed: 110 additions & 0 deletions
diff --git a/‎app/code/Magento/QuoteGraphQl/Model/Resolver/Coupon/RemoveCouponFromCart.php
Lines changed: 97 additions & 0 deletions b/‎app/code/Magento/QuoteGraphQl/Model/Resolver/Coupon/RemoveCouponFromCart.php
Lines changed: 97 additions & 0 deletions
@@ -0,0 +1,88 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\CustomerGraphQl\Model\Resolver\Customer\Account;
+
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Customer\Api\AccountManagementInterface;
+use Magento\Customer\Model\Customer;
+use Magento\CustomerGraphQl\Model\Resolver\Customer\CustomerDataProvider;
+use Magento\Framework\GraphQl\Config\Element\Field;
+use Magento\Framework\GraphQl\Exception\GraphQlAuthorizationException;
+use Magento\Framework\GraphQl\Exception\GraphQlInputException;
+use Magento\Framework\GraphQl\Query\ResolverInterface;
+use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
+
+/**
+ * @inheritdoc
+ */
+class ChangePassword implements ResolverInterface
+{
+    /**
+     * @var UserContextInterface
+     */
+    private $userContext;
+
+    /**
+     * @var AccountManagementInterface
+     */
+    private $accountManagement;
+
+    /**
+     * @var CustomerDataProvider
+     */
+    private $customerResolver;
+
+    /**
+     * @param UserContextInterface $userContext
+     * @param AccountManagementInterface $accountManagement
+     * @param CustomerDataProvider $customerResolver
+     */
+    public function __construct(
+        UserContextInterface $userContext,
+        AccountManagementInterface $accountManagement,
+        CustomerDataProvider $customerResolver
+    ) {
+        $this->userContext = $userContext;
+        $this->accountManagement = $accountManagement;
+        $this->customerResolver = $customerResolver;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function resolve(
+        Field $field,
+        $context,
+        ResolveInfo $info,
+        array $value = null,
+        array $args = null
+    ) {
+        if (!isset($args['currentPassword'])) {
+            throw new GraphQlInputException(__('"currentPassword" value should be specified'));
+        }
+
+        if (!isset($args['newPassword'])) {
+            throw new GraphQlInputException(__('"newPassword" value should be specified'));
+        }
+
+        $customerId = (int)$this->userContext->getUserId();
+        if ($customerId === 0) {
+            throw new GraphQlAuthorizationException(
+                __(
+                    'Current customer does not have access to the resource "%1"',
+                    [Customer::ENTITY]
+                )
+            );
+        }
+
+        $this->accountManagement->changePasswordById($customerId, $args['currentPassword'], $args['newPassword']);
+        $data = $this->customerResolver->getCustomerById($customerId);
+
+        return $data;
+    }
+}
@@ -7,6 +7,7 @@ type Query {
 
 type Mutation {
     generateCustomerToken(email: String!, password: String!): CustomerToken @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\GenerateCustomerToken") @doc(description:"Retrieve Customer token")
+    changeCustomerPassword(currentPassword: String!, newPassword: String!): Customer @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\ChangePassword") @doc(description:"Changes password for logged in customer")
 }
 
 type CustomerToken {
 
@@ -0,0 +1,67 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\QuoteGraphQl\Model\Authorization;
+
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\GraphQl\Exception\GraphQlNoSuchEntityException;
+use Magento\Quote\Api\CartRepositoryInterface;
+
+/**
+ * Service for checking that the shopping cart operations are allowed for current user
+ */
+class IsCartMutationAllowedForCurrentUser
+{
+    /**
+     * @var CartRepositoryInterface
+     */
+    private $cartRepository;
+
+    /**
+     * @var UserContextInterface
+     */
+    private $userContext;
+
+    /**
+     * @param UserContextInterface $userContext
+     * @param CartRepositoryInterface $cartRepository
+     */
+    public function __construct(
+        UserContextInterface $userContext,
+        CartRepositoryInterface $cartRepository
+    ) {
+        $this->userContext = $userContext;
+        $this->cartRepository = $cartRepository;
+    }
+
+    /**
+     * Check that the shopping cart operations are allowed for current user
+     *
+     * @param int $quoteId
+     * @return bool
+     * @throws GraphQlNoSuchEntityException
+     */
+    public function execute(int $quoteId): bool
+    {
+        try {
+            $quote = $this->cartRepository->get($quoteId);
+        } catch (NoSuchEntityException $exception) {
+            throw new GraphQlNoSuchEntityException(__($exception->getMessage()));
+        }
+
+        $customerId = $quote->getCustomerId();
+
+        /* Guest cart, allow operations */
+        if (!$customerId) {
+            return true;
+        }
+
+        /* If the quote belongs to the current customer allow operations */
+        return $customerId == $this->userContext->getUserId();
+    }
+}
@@ -0,0 +1,110 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\QuoteGraphQl\Model\Resolver\Coupon;
+
+use Magento\Framework\Exception\CouldNotSaveException;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\GraphQl\Config\Element\Field;
+use Magento\Framework\GraphQl\Exception\GraphQlAuthorizationException;
+use Magento\Framework\GraphQl\Exception\GraphQlInputException;
+use Magento\Framework\GraphQl\Exception\GraphQlNoSuchEntityException;
+use Magento\Framework\GraphQl\Query\ResolverInterface;
+use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
+use Magento\Quote\Api\CouponManagementInterface;
+use Magento\Quote\Model\MaskedQuoteIdToQuoteIdInterface;
+use Magento\QuoteGraphQl\Model\Authorization\IsCartMutationAllowedForCurrentUser;
+
+/**
+ * @inheritdoc
+ */
+class ApplyCouponToCart implements ResolverInterface
+{
+    /**
+     * @var CouponManagementInterface
+     */
+    private $couponManagement;
+
+    /**
+     * @var MaskedQuoteIdToQuoteIdInterface
+     */
+    private $maskedQuoteIdToQuoteId;
+
+    /**
+     * @var IsCartMutationAllowedForCurrentUser
+     */
+    private $isCartMutationAllowedForCurrentUser;
+
+    /**
+     * @param CouponManagementInterface $couponManagement
+     * @param MaskedQuoteIdToQuoteIdInterface $maskedQuoteIdToId
+     * @param IsCartMutationAllowedForCurrentUser $isCartMutationAllowedForCurrentUser
+     */
+    public function __construct(
+        CouponManagementInterface $couponManagement,
+        MaskedQuoteIdToQuoteIdInterface $maskedQuoteIdToId,
+        IsCartMutationAllowedForCurrentUser $isCartMutationAllowedForCurrentUser
+    ) {
+        $this->couponManagement = $couponManagement;
+        $this->maskedQuoteIdToQuoteId = $maskedQuoteIdToId;
+        $this->isCartMutationAllowedForCurrentUser = $isCartMutationAllowedForCurrentUser;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function resolve(Field $field, $context, ResolveInfo $info, array $value = null, array $args = null)
+    {
+        if (!isset($args['input']['cart_id'])) {
+            throw new GraphQlInputException(__('Required parameter "cart_id" is missing'));
+        }
+        $maskedCartId = $args['input']['cart_id'];
+
+        if (!isset($args['input']['coupon_code'])) {
+            throw new GraphQlInputException(__('Required parameter "coupon_code" is missing'));
+        }
+        $couponCode = $args['input']['coupon_code'];
+
+        try {
+            $cartId = $this->maskedQuoteIdToQuoteId->execute($maskedCartId);
+        } catch (NoSuchEntityException $exception) {
+            throw new GraphQlNoSuchEntityException(
+                __('Could not find a cart with ID "%masked_cart_id"', ['masked_cart_id' => $maskedCartId])
+            );
+        }
+
+        if (false === $this->isCartMutationAllowedForCurrentUser->execute($cartId)) {
+            throw new GraphQlAuthorizationException(
+                __(
+                    'The current user cannot perform operations on cart "%masked_cart_id"',
+                    ['masked_cart_id' => $maskedCartId]
+                )
+            );
+        }
+
+        /* Check current cart does not have coupon code applied */
+        $appliedCouponCode = $this->couponManagement->get($cartId);
+        if (!empty($appliedCouponCode)) {
+            throw new GraphQlInputException(
+                __('A coupon is already applied to the cart. Please remove it to apply another')
+            );
+        }
+
+        try {
+            $this->couponManagement->set($cartId, $couponCode);
+        } catch (NoSuchEntityException $exception) {
+            throw new GraphQlNoSuchEntityException(__($exception->getMessage()));
+        } catch (CouldNotSaveException $exception) {
+            throw new GraphQlInputException(__($exception->getMessage()));
+        }
+
+        $data['cart']['applied_coupon'] = [
+            'code' => $couponCode,
+        ];
+        return $data;
+    }
+}
@@ -0,0 +1,97 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\QuoteGraphQl\Model\Resolver\Coupon;
+
+use Magento\Framework\Exception\CouldNotDeleteException;
+use Magento\Framework\Exception\NoSuchEntityException;
+use Magento\Framework\GraphQl\Config\Element\Field;
+use Magento\Framework\GraphQl\Exception\GraphQlAuthorizationException;
+use Magento\Framework\GraphQl\Exception\GraphQlInputException;
+use Magento\Framework\GraphQl\Exception\GraphQlNoSuchEntityException;
+use Magento\Framework\GraphQl\Query\ResolverInterface;
+use Magento\Framework\GraphQl\Schema\Type\ResolveInfo;
+use Magento\Quote\Api\CouponManagementInterface;
+use Magento\Quote\Model\MaskedQuoteIdToQuoteIdInterface;
+use Magento\QuoteGraphQl\Model\Authorization\IsCartMutationAllowedForCurrentUser;
+
+/**
+ * @inheritdoc
+ */
+class RemoveCouponFromCart implements ResolverInterface
+{
+    /**
+     * @var MaskedQuoteIdToQuoteIdInterface
+     */
+    private $maskedQuoteIdToId;
+
+    /**
+     * @var CouponManagementInterface
+     */
+    private $couponManagement;
+
+    /**
+     * @var IsCartMutationAllowedForCurrentUser
+     */
+    private $isCartMutationAllowedForCurrentUser;
+
+    /**
+     * @param CouponManagementInterface $couponManagement
+     * @param IsCartMutationAllowedForCurrentUser $isCartMutationAllowedForCurrentUser
+     * @param MaskedQuoteIdToQuoteIdInterface $maskedQuoteIdToId
+     */
+    public function __construct(
+        CouponManagementInterface $couponManagement,
+        IsCartMutationAllowedForCurrentUser $isCartMutationAllowedForCurrentUser,
+        MaskedQuoteIdToQuoteIdInterface $maskedQuoteIdToId
+    ) {
+        $this->couponManagement = $couponManagement;
+        $this->isCartMutationAllowedForCurrentUser = $isCartMutationAllowedForCurrentUser;
+        $this->maskedQuoteIdToId = $maskedQuoteIdToId;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function resolve(Field $field, $context, ResolveInfo $info, array $value = null, array $args = null)
+    {
+        if (!isset($args['input']['cart_id'])) {
+            throw new GraphQlInputException(__('Required parameter "cart_id" is missing'));
+        }
+        $maskedCartId = $args['input']['cart_id'];
+
+        try {
+            $cartId = $this->maskedQuoteIdToId->execute($maskedCartId);
+        } catch (NoSuchEntityException $exception) {
+            throw new GraphQlNoSuchEntityException(
+                __('Could not find a cart with ID "%masked_cart_id"', ['masked_cart_id' => $maskedCartId])
+            );
+        }
+
+        if (false === $this->isCartMutationAllowedForCurrentUser->execute($cartId)) {
+            throw new GraphQlAuthorizationException(
+                __(
+                    'The current user cannot perform operations on cart "%masked_cart_id"',
+                    ['masked_cart_id' => $maskedCartId]
+                )
+            );
+        }
+
+        try {
+            $this->couponManagement->remove($cartId);
+        } catch (NoSuchEntityException $exception) {
+            throw new GraphQlNoSuchEntityException(__($exception->getMessage()));
+        } catch (CouldNotDeleteException $exception) {
+            throw new GraphQlInputException(__($exception->getMessage()));
+        }
+
+        $data['cart']['applied_coupon'] = [
+            'code' => '',
+        ];
+        return $data;
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ type Query {`
`7`	`7`
`8`	`8`	`type Mutation {`
`9`	`9`	`generateCustomerToken(email: String!, password: String!): CustomerToken @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\GenerateCustomerToken") @doc(description:"Retrieve Customer token")`
	`10`	`+ changeCustomerPassword(currentPassword: String!, newPassword: String!): Customer @resolver(class: "\\Magento\\CustomerGraphQl\\Model\\Resolver\\Customer\\Account\\ChangePassword") @doc(description:"Changes password for logged in customer")`
`10`	`11`	`}`
`11`	`12`
`12`	`13`	`type CustomerToken {`