WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

WP_REST_Terms_Controller::get_items_permissions_check()

WP_REST_Terms_Controller::get_items_permissions_check( WP_REST_Request $request ): bool|WP_Error

In this article

Back to top

Checks if a request has access to read terms in the specified taxonomy.

Parameters

$requestWP_REST_Requestrequired
Full details about the request.

Return

bool|WP_Error True if the request has read access, otherwise false or WP_Error object.

Source

public function get_items_permissions_check( $request ) {
	$tax_obj = get_taxonomy( $this->taxonomy );

	if ( ! $tax_obj || ! $this->check_is_taxonomy_allowed( $this->taxonomy ) ) {
		return false;
	}

	if ( 'edit' === $request['context'] && ! current_user_can( $tax_obj->cap->edit_terms ) ) {
		return new WP_Error(
			'rest_forbidden_context',
			__( 'Sorry, you are not allowed to edit terms in this taxonomy.' ),
			array( 'status' => rest_authorization_required_code() )
		);
	}

	if ( ! empty( $request['post'] ) ) {
		$post = get_post( $request['post'] );

		if ( ! $post ) {
			return new WP_Error(
				'rest_post_invalid_id',
				__( 'Invalid post ID.' ),
				array(
					'status' => 400,
				)
			);
		}

		if ( ! $this->check_read_terms_permission_for_post( $post, $request ) ) {
			return new WP_Error(
				'rest_forbidden_context',
				__( 'Sorry, you are not allowed to view terms for this post.' ),
				array(
					'status' => rest_authorization_required_code(),
				)
			);
		}
	}

	return true;
}

View all references View on Trac View on GitHub

UsesDescription
WP_REST_Terms_Controller::check_read_terms_permission_for_post()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php

Checks if the terms for a post can be read.

WP_REST_Terms_Controller::check_is_taxonomy_allowed()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php

Checks that the taxonomy is valid.

rest_authorization_required_code()wp-includes/rest-api.php

Returns a contextual HTTP error code for authorization failure.

current_user_can()wp-includes/capabilities.php

Returns whether the current user has the specified capability.

get_taxonomy()wp-includes/taxonomy.php

Retrieves the taxonomy object of $taxonomy.

get_post()wp-includes/post.php

Retrieves post data given a post ID or post object.

WP_Error::__construct()wp-includes/class-wp-error.php

Initializes the error.

Show 5 moreShow less
Used byDescription
WP_REST_Menus_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php

Checks if a request has access to read menus.

Changelog

VersionDescription
4.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.