Fixed missing authorization in purchase verification

[girishpanchal30]

Closes https://github.com/Codeinwp/otter-internals/issues/270

Summary

Get the Stripe product ID from the price ID to get only the granted content based on the selected product.

Checklist before the final review

• Included E2E or unit tests for the changes in this PR.
• Visual elements are not affected by independent changes.
• It is at least compatible with the minimum WordPress version.
• It loads additional script in frontend only if it is required.
• Does not impact the Core Web Vitals.
• In case of deprecation, old blocks are safely migrated.
• It is usable in Widgets and FSE.
• Copy/Paste is working if the attributes are modified.
• PR is following the best practices

[Copilot]

Pull request overview

Ensures purchase verification only grants access to content for the Stripe product(s) actually paid for in the Checkout Session (issue #270).

Changes:

• Fetches Checkout Session line items and derives the set of paid Stripe product IDs.
• Validates the product_id from the success_url against the paid product IDs before persisting purchase data.
• Aborts saving customer/purchase metadata when the requested product does not match what was purchased.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[pirate-bot]

Bundle Size Diff

Package	Old Size	New Size	Diff
Animations	276.77 KB	276.77 KB	0 B (0.00%)
Blocks	1.55 MB	1.55 MB	0 B (0.00%)
CSS	105.9 KB	105.9 KB	0 B (0.00%)
Dashboard	204.08 KB	204.08 KB	0 B (0.00%)
Onboarding	165.94 KB	165.94 KB	0 B (0.00%)
Export Import	102.86 KB	102.86 KB	0 B (0.00%)
Pro	412.21 KB	412.21 KB	0 B (0.00%)

[pirate-bot]

Plugin build for 7027094 is ready 🛎️!

• Download Otter – Page Builder Blocks & Extensions for Gutenberg - Production ~ Development
• Download Otter Pro - Production ~ Development
• Download Blocks Animation - Production ~ Development
• Download Blocks CSS - Production ~ Development
• Download Blocks Export Import - Production ~ Development

[pirate-bot]

E2E Tests

Playwright Test Status:

Performance Results

serverResponse: {"q25":416.7,"q50":421.5,"q75":449.1,"cnt":10}, firstPaint: {"q25":329.8,"q50":353.9,"q75":402.7,"cnt":10}, domContentLoaded: {"q25":1571.9,"q50":1584.2,"q75":1602.8,"cnt":10}, loaded: {"q25":1572.2,"q50":1584.55,"q75":1603,"cnt":10}, firstContentfulPaint: {"q25":3281.1,"q50":3305.05,"q75":3318.7,"cnt":10}, firstBlock: {"q25":6602.6,"q50":6619.95,"q75":6659.7,"cnt":10}, type: {"q25":12.54,"q50":12.76,"q75":13.1,"cnt":10}, typeWithoutInspector: {"q25":11.45,"q50":11.63,"q75":12.31,"cnt":10}, typeWithTopToolbar: {"q25":15.68,"q50":16.81,"q75":17.48,"cnt":10}, typeContainer: {"q25":6.98,"q50":7.45,"q75":8.09,"cnt":10}, focus: {"q25":50.4,"q50":50.85,"q75":53.94,"cnt":10}, inserterOpen: {"q25":17.25,"q50":18.26,"q75":19.5,"cnt":10}, inserterSearch: {"q25":5.45,"q50":5.66,"q75":5.92,"cnt":10}, inserterHover: {"q25":2.39,"q50":2.5,"q75":2.73,"cnt":20}, loadPatterns: {"q25":1084.48,"q50":1111.63,"q75":1217.22,"cnt":10}, listViewOpen: {"q25":83.17,"q50":89.72,"q75":95.25,"cnt":10}

[pirate-bot]

🎉 This PR is included in version 3.1.8 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀