WP_REST_Post_Types_Controller::get_items_permissions_check() – Method

WP_REST_Post_Types_Controller::get_items_permissions_check( WP_REST_Request $request ): true|WP_Error

Checks whether a given request has permission to read types.

Parameters

$requestWP_REST_Requestrequired: Full details about the request.

Return

true|WP_Error True if the request has read access, WP_Error object otherwise.

Source

public function get_items_permissions_check( $request ) {
	if ( 'edit' === $request['context'] ) {
		$types = get_post_types( array( 'show_in_rest' => true ), 'objects' );

		foreach ( $types as $type ) {
			if ( current_user_can( $type->cap->edit_posts ) ) {
				return true;
			}
		}

		return new WP_Error(
			'rest_cannot_view',
			__( 'Sorry, you are not allowed to edit posts in this post type.' ),
			array( 'status' => rest_authorization_required_code() )
		);
	}

	return true;
}

View all references View on Trac View on GitHub

Uses	Description
rest_authorization_required_code()`wp-includes/rest-api.php`	Returns a contextual HTTP error code for authorization failure.
current_user_can()`wp-includes/capabilities.php`	Returns whether the current user has the specified capability.
get_post_types()`wp-includes/post.php`	Gets a list of all registered post type objects.
WP_Error::__construct()`wp-includes/class-wp-error.php`	Initializes the error.

Show 2 more Show less

Changelog

Version	Description
4.7.0	Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.