Contents

Code Reference Classes BP_REST_Group_Invites_Endpoint BP_REST_Group_Invites_Endpoint::delete_item_permissions_check()

BP_REST_Group_Invites_Endpoint::delete_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to delete a group invitation.

Description

Parameters

$request

(Required) Full details about the request.

Return

(bool|WP_Error)

Source

File: bp-groups/classes/class-bp-rest-group-invites-endpoint.php

860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
public function delete_item_permissions_check( $request ) {
    $retval  = true;
    $user_id = bp_loggedin_user_id();
    $invite  = $this->fetch_single_invite( $request['invite_id'] );
 
    if ( ! $user_id ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you need to be logged in to see the group invitations.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    if ( true === $retval && ! $invite ) {
        $retval = new WP_Error(
            'bp_rest_group_invite_invalid_id',
            __( 'Invalid group invitation ID.', 'buddyboss' ),
            array(
                'status' => 404,
            )
        );
    }
 
    // The inviter, the invitee, group admins, and site admins can all delete invites.
    if (
        true === $retval
        && ! bp_current_user_can( 'bp_moderate' )
        && ! in_array( $user_id, array( $invite->user_id, $invite->inviter_id ), true )
        && ! groups_is_user_admin( $user_id, $invite->item_id )
    ) {
        $retval = new WP_Error(
            'bp_rest_group_invite_cannot_delete_item',
            __( 'Sorry, you are not allowed to delete the invitation as requested.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    /**
     * Filter the group invites `delete_item` permissions check.
     *
     * @param bool|WP_Error   $retval  Whether the request can continue.
     * @param WP_REST_Request $request The request sent to the API.
     *
     * @since 0.1.0
     */
    return apply_filters( 'bp_rest_group_invites_delete_item_permissions_check', $retval, $request );
}

Expand full source code Collapse full source code

Changelog

Changelog
Version Description
0.1.0 Introduced.

Uses

Uses
Uses Description
bp-groups/classes/class-bp-rest-group-invites-endpoint.php: BP_REST_Group_Invites_Endpoint::fetch_single_invite()

Helper function to fetch a single group invite.
bp-groups/classes/class-bp-rest-group-invites-endpoint.php: bp_rest_group_invites_delete_item_permissions_check

Filter the group invites delete_item permissions check.
bp-groups/bp-groups-functions.php: groups_is_user_admin()

Check whether a user is an admin of a given group.
bp-core/bp-core-template.php: bp_loggedin_user_id()

Get the ID of the currently logged-in user.
bp-core/bp-core-caps.php: bp_current_user_can()

Check whether the current user has a given capability.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.