WP_REST_Comments_Controller::check_read_post_permission( WP_Post $post, WP_REST_Request $request ): bool

Checks if the post can be read.

Contents

Description

Correctly handles posts with the inherit status.

Top ↑

Parameters

$post WP_Post Required
Post object.
$request WP_REST_Request Required
Request data to check.

Top ↑

Return

bool Whether post can be read.

Top ↑

Source

File: wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php. View all references 

protected function check_read_post_permission( $post, $request ) {
	$post_type = get_post_type_object( $post->post_type );

	// Return false if custom post type doesn't exist
	if ( ! $post_type ) {
		return false;
	}

	$posts_controller = $post_type->get_rest_controller();

	// Ensure the posts controller is specifically a WP_REST_Posts_Controller instance
	// before using methods specific to that controller.
	if ( ! $posts_controller instanceof WP_REST_Posts_Controller ) {
		$posts_controller = new WP_REST_Posts_Controller( $post->post_type );
	}

	$has_password_filter = false;

	// Only check password if a specific post was queried for or a single comment
	$requested_post    = ! empty( $request['post'] ) && ( ! is_array( $request['post'] ) || 1 === count( $request['post'] ) );
	$requested_comment = ! empty( $request['id'] );
	if ( ( $requested_post || $requested_comment ) && $posts_controller->can_access_password_content( $post, $request ) ) {
		add_filter( 'post_password_required', '__return_false' );

		$has_password_filter = true;
	}

	if ( post_password_required( $post ) ) {
		$result = current_user_can( 'edit_post', $post->ID );
	} else {
		$result = $posts_controller->check_read_permission( $post );
	}

	if ( $has_password_filter ) {
		remove_filter( 'post_password_required', '__return_false' );
	}

	return $result;
}

View on Trac View on GitHub

Top ↑

Top ↑

Uses

Uses
Uses Description
WP_REST_Posts_Controller::__construct() wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php

Constructor.
remove_filter() wp-includes/plugin.php

Removes a callback function from a filter hook.
post_password_required() wp-includes/post-template.php

Determines whether the post requires password and whether a correct password has been provided.
current_user_can() wp-includes/capabilities.php

Returns whether the current user has the specified capability.
add_filter() wp-includes/plugin.php

Adds a callback function to a filter hook.
get_post_type_object() wp-includes/post.php

Retrieves a post type object by name.
Show 3 more uses Hide more uses

Top ↑

Used By

Used By
Used By Description
WP_REST_Comments_Controller::check_read_permission() wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Checks if the comment can be read.
WP_REST_Comments_Controller::get_item_permissions_check() wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Checks if a given request has access to read the comment.
WP_REST_Comments_Controller::create_item_permissions_check() wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Checks if a given request has access to create a comment.
WP_REST_Comments_Controller::get_items_permissions_check() wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

Checks if a given request has access to read comments.

Top ↑

Changelog

Changelog
Version Description
4.7.0 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.