BP_REST_Group_Invites_Endpoint::update_item_permissions_check( WP_REST_Request $request )
Check if a given request has access to accept a group invitation.
Description
Parameters
- $request
-
(Required) Full details about the request.
Return
(bool|WP_Error)
Source
File: bp-groups/classes/class-bp-rest-group-invites-endpoint.php
public function update_item_permissions_check( $request ) {
$retval = true;
$user_id = bp_loggedin_user_id();
$invite = $this->fetch_single_invite( $request['invite_id'] );
if ( ! $user_id ) {
$retval = new WP_Error(
'bp_rest_authorization_required',
__( 'Sorry, you need to be logged in to see the group invitations.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
if ( true === $retval && ! $invite ) {
$retval = new WP_Error(
'bp_rest_group_invite_invalid_id',
__( 'Invalid group invitation ID.', 'buddyboss' ),
array(
'status' => 404,
)
);
}
// Only the invitee or a site admin should be able to accept an invitation.
if (
true === $retval
&& ! bp_current_user_can( 'bp_moderate' )
&& $user_id !== $invite->user_id
) {
$retval = new WP_Error(
'bp_rest_group_invite_cannot_update_item',
__( 'Sorry, you are not allowed to accept the invitation as requested.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
/**
* Filter the group invites `update_item` permissions check.
*
* @param bool|WP_Error $retval Whether the request can continue.
* @param WP_REST_Request $request The request sent to the API.
*
* @since 0.1.0
*/
return apply_filters( 'bp_rest_group_invites_update_item_permissions_check', $retval, $request );
}
Changelog
| Version | Description |
|---|---|
| 0.1.0 | Introduced. |
Questions?
We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.