BP_REST_Members_Endpoint::get_item_permissions_check( WP_REST_Request $request )
Checks if a given request has access to read a user.
Parameters Parameters
- $request
-
(WP_REST_Request) (Required) Full details about the request.
Return Return
(true|WP_Error)
Source Source
File: bp-members/classes/class-bp-rest-members-endpoint.php
public function get_item_permissions_check( $request ) { $retval = new WP_Error( 'bp_rest_authorization_required', __( 'Sorry, you are not allowed to perform this action.', 'buddypress' ), array( 'status' => rest_authorization_required_code(), ) ); $user = bp_rest_get_user( $request['id'] ); if ( ! $user instanceof WP_User ) { $retval = new WP_Error( 'bp_rest_member_invalid_id', __( 'Invalid member ID.', 'buddypress' ), array( 'status' => 404, ) ); } elseif ( 'edit' === $request['context'] ) { if ( get_current_user_id() === $user->ID || bp_current_user_can( 'list_users' ) ) { $retval = true; } else { $retval = new WP_Error( 'bp_rest_authorization_required', __( 'Sorry, you are not allowed to view members with the edit context.', 'buddypress' ), array( 'status' => rest_authorization_required_code(), ) ); } } else { $retval = true; } /** * Filter the members `get_item` permissions check. * * @since 5.0.0 * * @param true|WP_Error $retval Returned value. * @param WP_REST_Request $request The request sent to the API. */ return apply_filters( 'bp_rest_members_get_item_permissions_check', $retval, $request ); }
Expand full source code Collapse full source code View on Trac
Changelog Changelog
Version | Description |
---|---|
5.0.0 | Introduced. |