BP_REST_Document_Endpoint::update_item_permissions_check( WP_REST_Request $request )
Check if a given request has access to update a document.
Description
Parameters
- $request
-
(Required) Full details about the request.
Return
(bool|WP_Error)
Source
File: bp-document/classes/class-bp-rest-document-endpoint.php
public function update_item_permissions_check( $request ) {
$retval = true;
if ( ! is_user_logged_in() ) {
$retval = new WP_Error(
'bp_rest_authorization_required',
__( 'Sorry, you need to be logged in to update this document.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
$document = new BP_Document( $request['id'] );
if ( true === $retval && empty( $document->id ) ) {
$retval = new WP_Error(
'bp_rest_document_invalid_id',
__( 'Invalid document ID.', 'buddyboss' ),
array(
'status' => 404,
)
);
}
if ( true === $retval && ! bp_document_user_can_edit( $document ) ) {
$retval = new WP_Error(
'bp_rest_authorization_required',
__( 'Sorry, you are not allowed to update this document.', 'buddyboss' ),
array(
'status' => 500,
)
);
}
if ( true === $retval && isset( $request['group_id'] ) && ! empty( $request['group_id'] ) ) {
if (
! bp_is_active( 'groups' )
|| groups_can_user_manage_document( bp_loggedin_user_id(), (int) $request['group_id'] )
) {
$retval = new WP_Error(
'bp_rest_invalid_permission',
__( 'You don\'t have a permission to edit a document inside this group.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
}
/**
* Filter the document to `update_item` permissions check.
*
* @param bool|WP_Error $retval Returned value.
* @param WP_REST_Request $request The request sent to the API.
*
* @since 0.1.0
*/
return apply_filters( 'bp_rest_document_update_item_permissions_check', $retval, $request );
}
Changelog
| Version | Description |
|---|---|
| 0.1.0 | Introduced. |
Questions?
We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.