WP_REST_Abilities_V1_Run_Controller::check_ability_permissions
Checks if a given request has permission to execute a specific ability.
Method of the class: WP_REST_Abilities_V1_Run_Controller{}
No Hooks.
Returns
true|WP_Error. True if the request has execution permission, WP_Error object otherwise.
Usage
$WP_REST_Abilities_V1_Run_Controller = new WP_REST_Abilities_V1_Run_Controller(); $WP_REST_Abilities_V1_Run_Controller->check_ability_permissions( $request );
- $request(WP_REST_Request) (required)
- Full details about the request.
Changelog
| Since 6.9.0 | Introduced. |
WP_REST_Abilities_V1_Run_Controller::check_ability_permissions() WP REST Abilities V1 Run Controller::check ability permissions code WP 6.9.1
public function check_ability_permissions( $request ) {
$ability = wp_get_ability( $request['name'] );
if ( ! $ability || ! $ability->get_meta_item( 'show_in_rest' ) ) {
return new WP_Error(
'rest_ability_not_found',
__( 'Ability not found.' ),
array( 'status' => 404 )
);
}
$is_valid = $this->validate_request_method(
$request->get_method(),
$ability->get_meta_item( 'annotations' )
);
if ( is_wp_error( $is_valid ) ) {
return $is_valid;
}
$input = $this->get_input_from_request( $request );
$input = $ability->normalize_input( $input );
$is_valid = $ability->validate_input( $input );
if ( is_wp_error( $is_valid ) ) {
$is_valid->add_data( array( 'status' => 400 ) );
return $is_valid;
}
$result = $ability->check_permissions( $input );
if ( is_wp_error( $result ) ) {
$result->add_data( array( 'status' => rest_authorization_required_code() ) );
return $result;
}
if ( ! $result ) {
return new WP_Error(
'rest_ability_cannot_execute',
__( 'Sorry, you are not allowed to execute this ability.' ),
array( 'status' => rest_authorization_required_code() )
);
}
return true;
}