Sales endpoint should return empty array when provided an invalid payment ID

[cklosowski]

See: https://github.com/easydigitaldownloads/EDD-Software-Licensing/issues/1411

Bug Report

Expected behavior

When attempting to retrieve a sale by id via the EDD REST API, and the provided id does not exist, the response should be an empty sales record, e.g.

GET /edd-api/sales/?id=1&key=xxx&token=yyy

{
  "sales"=> [
    {}
  ],
  "request_speed"=>0.005464792251586914
}

Actual behavior

When attempting to retrieve a sale by id via the EDD REST API, and the provided id does not exist, the response is an empty sales record, e.g.

The get sales by id is probably expected to be a low-intensity request, and too many clients hitting the "get sales" endpoint with an id that doesn't exist can result in an inadvertent DOS attack against a large site.

GET /edd-api/sales/?id=1&key=xxx&token=yyy

{
  "sales"=> [
    {
      "ID"=>"",
      "transaction_id"=>nil,
      "key"=>"",
      "subtotal"=>0,
      "tax"=>0,
      "fees"=>nil,
      "total"=>0,
      "gateway"=>"",
      "email"=>"",
      "date"=>"",
      "discounts"=>nil,
      "products"=>[],
  ],
  "request_speed"=>30.093647003173828
}

Steps to reproduce the behavior

Perform a request to the REST API sales endpoint with an id that does exist, e.g.: GET /edd-api/sales/?id=1&key=xxx&token=yyy.

The response will include an empty sales record,

Proposed Fix

The most conservative fix would seem to be we should return an empty set of sales, instead of an empty sales object.

Information:

EDD Version (or branch): master
WordPress Version: All