BP_REST_Group_Invites_Endpoint::delete_item_permissions_check( WP_REST_Request $request )
Check if a given request has access to delete a group invitation.
Description
Parameters
- $request
-
(Required) Full details about the request.
Return
(bool|WP_Error)
Source
File: bp-groups/classes/class-bp-rest-group-invites-endpoint.php
public function delete_item_permissions_check( $request ) {
$retval = true;
$user_id = bp_loggedin_user_id();
$invite = $this->fetch_single_invite( $request['invite_id'] );
if ( ! $user_id ) {
$retval = new WP_Error(
'bp_rest_authorization_required',
__( 'Sorry, you need to be logged in to see the group invitations.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
if ( true === $retval && ! $invite ) {
$retval = new WP_Error(
'bp_rest_group_invite_invalid_id',
__( 'Invalid group invitation ID.', 'buddyboss' ),
array(
'status' => 404,
)
);
}
// The inviter, the invitee, group admins, and site admins can all delete invites.
if (
true === $retval
&& ! bp_current_user_can( 'bp_moderate' )
&& ! in_array( $user_id, array( $invite->user_id, $invite->inviter_id ), true )
&& ! groups_is_user_admin( $user_id, $invite->item_id )
) {
$retval = new WP_Error(
'bp_rest_group_invite_cannot_delete_item',
__( 'Sorry, you are not allowed to delete the invitation as requested.', 'buddyboss' ),
array(
'status' => rest_authorization_required_code(),
)
);
}
/**
* Filter the group invites `delete_item` permissions check.
*
* @param bool|WP_Error $retval Whether the request can continue.
* @param WP_REST_Request $request The request sent to the API.
*
* @since 0.1.0
*/
return apply_filters( 'bp_rest_group_invites_delete_item_permissions_check', $retval, $request );
}
Changelog
| Version | Description |
|---|---|
| 0.1.0 | Introduced. |
Questions?
We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.