WP_REST_Menus_Controller::check_has_read_only_access( WP_REST_Request $request ): true|WP_Error

Checks whether the current user has read permission for the endpoint.

Description

This allows for any user that can edit_theme_options or edit any REST API available post type.

Parameters

$requestWP_REST_Requestrequired
Full details about the request.

Return

true|WP_Error True if the current user has permission, WP_Error object otherwise.

Source

protected function check_has_read_only_access( $request ) {
	if ( current_user_can( 'edit_theme_options' ) ) {
		return true;
	}

	if ( current_user_can( 'edit_posts' ) ) {
		return true;
	}

	foreach ( get_post_types( array( 'show_in_rest' => true ), 'objects' ) as $post_type ) {
		if ( current_user_can( $post_type->cap->edit_posts ) ) {
			return true;
		}
	}

	return new WP_Error(
		'rest_cannot_view',
		__( 'Sorry, you are not allowed to view menus.' ),
		array( 'status' => rest_authorization_required_code() )
	);
}

Changelog

VersionDescription
5.9.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.