Contents

Code Reference Classes BP_REST_Document_Endpoint BP_REST_Document_Endpoint::update_item_permissions_check()

BP_REST_Document_Endpoint::update_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to update a document.

Description

Parameters

$request

(Required) Full details about the request.

Return

(bool|WP_Error)

Source

File: bp-document/classes/class-bp-rest-document-endpoint.php

865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
public function update_item_permissions_check( $request ) {
    $retval = true;
 
    if ( ! is_user_logged_in() ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you need to be logged in to update this document.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    $document = new BP_Document( $request['id'] );
 
    if ( true === $retval && empty( $document->id ) ) {
        $retval = new WP_Error(
            'bp_rest_document_invalid_id',
            __( 'Invalid document ID.', 'buddyboss' ),
            array(
                'status' => 404,
            )
        );
    }
 
    if ( true === $retval && ! bp_document_user_can_edit( $document ) ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you are not allowed to update this document.', 'buddyboss' ),
            array(
                'status' => 500,
            )
        );
    }
 
    if ( true === $retval && isset( $request['group_id'] ) && ! empty( $request['group_id'] ) ) {
        if (
            ! bp_is_active( 'groups' )
            || groups_can_user_manage_document( bp_loggedin_user_id(), (int) $request['group_id'] )
        ) {
            $retval = new WP_Error(
                'bp_rest_invalid_permission',
                __( 'You don\'t have a permission to edit a document inside this group.', 'buddyboss' ),
                array(
                    'status' => rest_authorization_required_code(),
                )
            );
        }
    }
 
    /**
     * Filter the document to `update_item` permissions check.
     *
     * @param bool|WP_Error   $retval  Returned value.
     * @param WP_REST_Request $request The request sent to the API.
     *
     * @since 0.1.0
     */
    return apply_filters( 'bp_rest_document_update_item_permissions_check', $retval, $request );
}

Expand full source code Collapse full source code

Changelog

Changelog
Version Description
0.1.0 Introduced.

Uses

Uses
Uses Description
bp-document/classes/class-bp-rest-document-folder-endpoint.php: bp_rest_document_update_item_permissions_check

Filter the document to update_item permissions check.
bp-document/classes/class-bp-document.php: BP_Document::__construct()

Constructor method.
bp-document/bp-document-template.php: bp_document_user_can_edit()

Determine if the current user can edit an document item.
bp-groups/bp-groups-functions.php: groups_can_user_manage_document()

Check whether a user is allowed to manage document in a given group.
bp-core/bp-core-template.php: bp_is_active()

Check whether a given component (or feature of a component) is active.
bp-core/bp-core-template.php: bp_loggedin_user_id()

Get the ID of the currently logged-in user.
Show 1 more use Hide more uses

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.