BP_REST_Group_Invites_Endpoint::get_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to fetch group invitation.


Parameters Parameters

$request

(WP_REST_Request) (Required) Full details about the request.


Top ↑

Return Return

(true|WP_Error)


Source Source

File: bp-groups/classes/class-bp-rest-group-invites-endpoint.php

	public function get_item_permissions_check( $request ) {
		$user_id = bp_loggedin_user_id();
		$retval  = new WP_Error(
			'bp_rest_authorization_required',
			__( 'Sorry, you are not allowed to perform this action.', 'buddypress' ),
			array(
				'status' => rest_authorization_required_code(),
			)
		);

		if ( ! $user_id ) {
			$retval = new WP_Error(
				'bp_rest_authorization_required',
				__( 'Sorry, you need to be logged in to see the group invitations.', 'buddypress' ),
				array(
					'status' => rest_authorization_required_code(),
				)
			);
		} else {
			$invite = $this->fetch_single_invite( $request['invite_id'] );

			if ( ! $invite ) {
				$retval = new WP_Error(
					'bp_rest_group_invite_invalid_id',
					__( 'Invalid group invitation ID.', 'buddypress' ),
					array(
						'status' => 404,
					)
				);
			} elseif ( bp_current_user_can( 'bp_moderate' ) || $this->can_see( $invite->item_id ) || in_array( $user_id, array( $invite->user_id, $invite->inviter_id ), true ) ) {
				/*
				 * Users can see a specific invitation if they
				 * - are a site admin
				 * - are a group admin of the subject group
				 * - are the invite recipient
				 * - are the inviter
				 */
				$retval = true;
			} else {
				$retval = new WP_Error(
					'bp_rest_group_invites_cannot_get_item',
					__( 'Sorry, you are not allowed to fetch an invitation.', 'buddypress' ),
					array(
						'status' => rest_authorization_required_code(),
					)
				);
			}
		}

		/**
		 * Filter the group membership request `get_item` permissions check.
		 *
		 * @since 5.0.0
		 *
		 * @param true|WP_Error   $retval  Whether the request can continue.
		 * @param WP_REST_Request $request The request sent to the API.
		 */
		return apply_filters( 'bp_rest_group_invites_get_item_permissions_check', $retval, $request );
	}


Top ↑

Changelog Changelog

Changelog
Version Description
5.0.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.