Title: WP_HTTP_Polling_Sync_Server::check_permissions Published: May 20, 2026 --- # WP_HTTP_Polling_Sync_Server::check_permissions( WP_REST_Request $request ): bool|󠀁[WP_Error](https://developer.wordpress.org/reference/classes/wp_error/)󠁿 ## In this article * [Parameters](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#parameters) * [Return](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#return) * [Source](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#source) * [Related](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#related) * [Changelog](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#changelog) [ Back to top](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#wp--skip-link--target) Checks if the current user has permission to access a room. ## 󠀁[Parameters](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#parameters)󠁿 `$request`[WP_REST_Request](https://developer.wordpress.org/reference/classes/wp_rest_request/) required The REST request. ## 󠀁[Return](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#return)󠁿 bool|[WP_Error](https://developer.wordpress.org/reference/classes/wp_error/) True if user has permission, otherwise [WP_Error](https://developer.wordpress.org/reference/classes/wp_error/) with details. ## 󠀁[Source](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#source)󠁿 ```php public function check_permissions( WP_REST_Request $request ) { // Minimum cap check. Is user logged in with a contributor role or higher? if ( ! current_user_can( 'edit_posts' ) ) { return new WP_Error( 'rest_cannot_edit', __( 'You do not have permission to perform this action' ), array( 'status' => rest_authorization_required_code() ) ); } $rooms = $request['rooms']; $wp_user_id = get_current_user_id(); foreach ( $rooms as $room ) { $client_id = $room['client_id']; $room = $room['room']; // Check that the client_id is not already owned by another user. $existing_awareness = $this->storage->get_awareness_state( $room ); foreach ( $existing_awareness as $entry ) { if ( $client_id === $entry['client_id'] && $wp_user_id !== $entry['wp_user_id'] ) { return new WP_Error( 'rest_cannot_edit', __( 'Client ID is already in use by another user.' ), array( 'status' => rest_authorization_required_code() ) ); } } $type_parts = explode( '/', $room, 2 ); $object_parts = explode( ':', $type_parts[1] ?? '', 2 ); $entity_kind = $type_parts[0]; $entity_name = $object_parts[0]; $object_id = $object_parts[1] ?? null; if ( ! $this->can_user_sync_entity_type( $entity_kind, $entity_name, $object_id ) ) { return new WP_Error( 'rest_cannot_edit', sprintf( /* translators: %s: The room name encodes the current entity being synced. */ __( 'You do not have permission to sync this entity: %s.' ), $room ), array( 'status' => rest_authorization_required_code() ) ); } } return true; } ``` [View all references](https://developer.wordpress.org/reference/files/wp-includes/collaboration/class-wp-http-polling-sync-server.php/) [View on Trac](https://core.trac.wordpress.org/browser/tags/7.0/src/wp-includes/collaboration/class-wp-http-polling-sync-server.php#L201) [View on GitHub](https://github.com/WordPress/wordpress-develop/blob/7.0/src/wp-includes/collaboration/class-wp-http-polling-sync-server.php#L201-L251) ## 󠀁[Related](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#related)󠁿 | Uses | Description | | [WP_HTTP_Polling_Sync_Server::can_user_sync_entity_type()](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/can_user_sync_entity_type/)`wp-includes/collaboration/class-wp-http-polling-sync-server.php` | Checks if the current user can sync a specific entity type. | | [rest_authorization_required_code()](https://developer.wordpress.org/reference/functions/rest_authorization_required_code/)`wp-includes/rest-api.php` | Returns a contextual HTTP error code for authorization failure. | | [current_user_can()](https://developer.wordpress.org/reference/functions/current_user_can/)`wp-includes/capabilities.php` | Returns whether the current user has the specified capability. | | [__()](https://developer.wordpress.org/reference/functions/__/)`wp-includes/l10n.php` | Retrieves the translation of $text. | | [get_current_user_id()](https://developer.wordpress.org/reference/functions/get_current_user_id/)`wp-includes/user.php` | Gets the current user’s ID. | | [WP_Error::__construct()](https://developer.wordpress.org/reference/classes/wp_error/__construct/)`wp-includes/class-wp-error.php` | Initializes the error. | [Show 4 more](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#) [Show less](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#) ## 󠀁[Changelog](https://developer.wordpress.org/reference/classes/wp_http_polling_sync_server/check_permissions/?output_format=md#changelog)󠁿 | Version | Description | | [7.0.0](https://developer.wordpress.org/reference/since/7.0.0/) | Introduced. | ## User Contributed Notes You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Fclasses%2Fwp_http_polling_sync_server%2Fcheck_permissions%2F) before being able to contribute a note or feedback.