Contents

Code Reference Classes BP_REST_XProfile_Data_Endpoint BP_REST_XProfile_Data_Endpoint::update_item_permissions_check()

BP_REST_XProfile_Data_Endpoint::update_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to save XProfile field data.

Description

Parameters

$request

(Required) Full data about the request.

Return

(WP_Error|bool)

Source

File: bp-xprofile/classes/class-bp-rest-xprofile-data-endpoint.php

326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
public function update_item_permissions_check( $request ) {
    $retval = true;
 
    if ( ! is_user_logged_in() ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you need to be logged in to save XProfile data.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    $user = bp_rest_get_user( $request->get_param( 'user_id' ) );
 
    if ( true === $retval && ! $user instanceof WP_User ) {
        $retval = new WP_Error(
            'bp_rest_invalid_id',
            __( 'Invalid member ID.', 'buddyboss' ),
            array(
                'status' => 404,
            )
        );
    }
 
    $field = $this->get_xprofile_field_object( $request->get_param( 'field_id' ) );
    if ( true === $retval && empty( $field->id ) ) {
        return new WP_Error(
            'bp_rest_invalid_id',
            __( 'Invalid field ID.', 'buddyboss' ),
            array(
                'status' => 404,
            )
        );
    }
 
    if ( true === $retval && ! bp_current_user_can( 'bp_moderate' ) ) {
        $retval = $this->fields_endpoint->get_xprofile_field_display_permission( $retval, $field->id );
    }
 
    if ( true === $retval && ! $this->can_see( $user->ID ) ) {
        $retval = new WP_Error(
            'bp_rest_authorization_required',
            __( 'Sorry, you cannot save XProfile field data.', 'buddyboss' ),
            array(
                'status' => rest_authorization_required_code(),
            )
        );
    }
 
    /**
     * Filter the XProfile data `update_item` permissions check.
     *
     * @param bool|WP_Error $retval Returned value.
     * @param WP_REST_Request $request The request sent to the API.
     *
     * @since 0.1.0
     */
    return apply_filters( 'bp_rest_xprofile_data_update_item_permissions_check', $retval, $request );
}

Expand full source code Collapse full source code

Changelog

Changelog
Version Description
0.1.0 Introduced.

Uses

Uses
Uses Description
bp-xprofile/classes/class-bp-rest-xprofile-data-endpoint.php: BP_REST_XProfile_Data_Endpoint::get_xprofile_field_object()

Get XProfile field object.
bp-xprofile/classes/class-bp-rest-xprofile-data-endpoint.php: BP_REST_XProfile_Data_Endpoint::can_see()

Can this user see the XProfile data?
bp-xprofile/classes/class-bp-rest-xprofile-data-endpoint.php: bp_rest_xprofile_data_update_item_permissions_check

Filter the XProfile data update_item permissions check.
bp-core/bp-core-rest-api.php: bp_rest_get_user()

Get the user object, if the ID is valid.
bp-core/bp-core-caps.php: bp_current_user_can()

Check whether the current user has a given capability.

Questions?

We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.