Contents

Code Reference Classes BP_REST_Document_Endpoint BP_REST_Document_Endpoint::create_item_permissions_check()

BP_REST_Document_Endpoint::create_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to create a document.

Description

Parameters

$request

(Required) Full data about the request.

Return

(WP_Error|bool)

Source

File: bp-document/classes/class-bp-rest-document-endpoint.php

600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
public function create_item_permissions_check( $request ) {
    $retval = true;
 
    if ( ! is_user_logged_in() ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you are not allowed to create a document.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    if ( ! is_user_logged_in() ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you are not allowed to create a folder.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    if ( true === $retval && isset( $request['group_id'] ) && ! empty( $request['group_id'] ) ) {
        if (
            ! bp_is_active( 'groups' )
            || groups_can_user_manage_document( bp_loggedin_user_id(), (int) $request['group_id'] )
            || ! function_exists( 'bp_is_group_document_support_enabled' )
            || ( function_exists( 'bp_is_group_document_support_enabled' ) && false === bp_is_group_document_support_enabled() )
        ) {
            $retval = new WP_Error(
                'bp_rest_invalid_permission',
                __( 'You don\'t have a permission to create a document inside this group.', 'buddyboss' ),
                array(
                    'status' => rest_authorization_required_code(),
                )
            );
        }
    }
 
    if ( true === $retval && isset( $request['folder_id'] ) && ! empty( $request['folder_id'] ) ) {
        $parent_folder = new BP_Document_Folder( $request['folder_id'] );
        if ( empty( $parent_folder->id ) ) {
            $retval = new WP_Error(
                'bp_rest_invalid_parent_folder_id',
                __( 'Invalid Parent Folder ID.', 'buddyboss' ),
                array(
                    'status' => 400,
                )
            );
        } elseif ( ! bp_folder_user_can_edit( $parent_folder->id ) ) {
            $retval = new WP_Error(
                'bp_rest_invalid_permission',
                __( 'You don\'t have a permission to create a document inside this folder.', 'buddyboss' ),
                array(
                    'status' => rest_authorization_required_code(),
                )
            );
        }
    }
 
    /**
     * Filter the document `create_item` permissions check.
     *
     * @param bool|WP_Error   $retval  Returned value.
     * @param WP_REST_Request $request The request sent to the API.
     *
     * @since 0.1.0
     */
    return apply_filters( 'bp_rest_document_create_items_permissions_check', $retval, $request );
}

Expand full source code Collapse full source code

Changelog

Changelog
Version Description
0.1.0 Introduced.

Uses

Uses
Uses Description
bp-document/bp-document-functions.php: bp_get_attachment_document_id()

Get document id for the attachment.
bp-document/classes/class-bp-rest-document-endpoint.php: bp_rest_document_create_items_permissions_check

Filter the document create_item permissions check.
bp-document/classes/class-bp-document-folder.php: BP_Document_Folder::__construct()

Constructor method.
bp-document/bp-document-template.php: bp_folder_user_can_edit()

Determine if the current user can edit an folder item.
bp-media/bp-media-settings.php: bp_is_group_document_support_enabled()

Checks if media group document support is enabled.
bp-groups/bp-groups-functions.php: groups_can_user_manage_document()

Check whether a user is allowed to manage document in a given group.
bp-core/bp-core-template.php: bp_is_active()

Check whether a given component (or feature of a component) is active.
bp-core/bp-core-template.php: bp_loggedin_user_id()

Get the ID of the currently logged-in user.
Show 3 more uses Hide more uses

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.