WP_REST_Comments_Controller::check_read_post_permission( WP_Post $post, WP_REST_Request $request ): bool

Checks if the post can be read.

Description

Correctly handles posts with the inherit status.

Parameters

$postWP_Postrequired
Post object.
$requestWP_REST_Requestrequired
Request data to check.

Return

bool Whether post can be read.

Source

protected function check_read_post_permission( $post, $request ) {
	$post_type = get_post_type_object( $post->post_type );

	// Return false if custom post type doesn't exist
	if ( ! $post_type ) {
		return false;
	}

	$posts_controller = $post_type->get_rest_controller();

	/*
	 * Ensure the posts controller is specifically a WP_REST_Posts_Controller instance
	 * before using methods specific to that controller.
	 */
	if ( ! $posts_controller instanceof WP_REST_Posts_Controller ) {
		$posts_controller = new WP_REST_Posts_Controller( $post->post_type );
	}

	$has_password_filter = false;

	// Only check password if a specific post was queried for or a single comment
	$requested_post    = ! empty( $request['post'] ) && ( ! is_array( $request['post'] ) || 1 === count( $request['post'] ) );
	$requested_comment = ! empty( $request['id'] );
	if ( ( $requested_post || $requested_comment ) && $posts_controller->can_access_password_content( $post, $request ) ) {
		add_filter( 'post_password_required', '__return_false' );

		$has_password_filter = true;
	}

	if ( post_password_required( $post ) ) {
		$result = current_user_can( 'edit_post', $post->ID );
	} else {
		$result = $posts_controller->check_read_permission( $post );
	}

	if ( $has_password_filter ) {
		remove_filter( 'post_password_required', '__return_false' );
	}

	return $result;
}

Changelog

VersionDescription
4.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.