BP_REST_Group_Membership_Endpoint::update_item_permissions_check( WP_REST_Request $request )

Check if a given request has access to update a group member.

Description
- Parameters
- Return
- Source
- Changelog
User Contributed Notes

Description Description

Parameters Parameters

$request: (Required) Full details about the request.

Top ↑

Return Return

(true|WP_Error)

Top ↑

Source Source

File: bp-groups/classes/class-bp-rest-group-membership-endpoint.php

	public function update_item_permissions_check( $request ) {
		$retval = true;

		if ( ! is_user_logged_in() ) {
			$retval = new WP_Error(
				'bp_rest_authorization_required',
				__( 'Sorry, you need to be logged in to make an update.', 'buddypress' ),
				array(
					'status' => rest_authorization_required_code(),
				)
			);
		}

		$user = bp_rest_get_user( $request['user_id'] );

		if ( true === $retval && ! $user instanceof WP_User ) {
			$retval = new WP_Error(
				'bp_rest_group_member_invalid_id',
				__( 'Invalid group member ID.', 'buddypress' ),
				array(
					'status' => 404,
				)
			);
		}

		$group = $this->groups_endpoint->get_group_object( $request['group_id'] );
		if ( true === $retval && ! $group instanceof BP_Groups_Group ) {
			$retval = new WP_Error(
				'bp_rest_group_invalid_id',
				__( 'Invalid group ID.', 'buddypress' ),
				array(
					'status' => 404,
				)
			);
		}

		// Site administrators can do anything.
		if ( true === $retval && bp_current_user_can( 'bp_moderate' ) ) {
			$retval = true;
		} else {

			$loggedin_user_id = bp_loggedin_user_id();
			if ( true === $retval && in_array( $request['action'], [ 'ban', 'unban', 'promote', 'demote' ], true ) ) {
				if ( ! groups_is_user_admin( $loggedin_user_id, $group->id ) ) {
					$messages = array(
						'ban'     => __( 'Sorry, you are not allowed to ban this group member.', 'buddypress' ),
						'unban'   => __( 'Sorry, you are not allowed to unban this group member.', 'buddypress' ),
						'promote' => __( 'Sorry, you are not allowed to promote this group member.', 'buddypress' ),
						'demote'  => __( 'Sorry, you are not allowed to demote this group member.', 'buddypress' ),
					);

					$retval = new WP_Error(
						'bp_rest_group_member_cannot_' . $request['action'],
						$messages[ $request['action'] ],
						array(
							'status' => rest_authorization_required_code(),
						)
					);
				} else {
					$retval = true;
				}
			}
		}

		/**
		 * Filter the group members `update_item` permissions check.
		 *
		 * @since 5.0.0
		 *
		 * @param bool|WP_Error   $retval  Returned value.
		 * @param WP_REST_Request $request The request sent to the API.
		 */
		return apply_filters( 'bp_rest_group_members_update_item_permissions_check', $retval, $request );
	}

Expand full source code Collapse full source code

Top ↑

Changelog Changelog

Changelog
Version	Description
5.0.0	Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.

Dev Resources

BP_REST_Group_Membership_Endpoint::update_item_permissions_check( WP_REST_Request $request )

Contents

Description Description

Parameters Parameters

Return Return

Source Source

Changelog Changelog

User Contributed Notes User Contributed Notes

BP_REST_Group_Membership_Endpoint::update_item_permissions_check( WP_REST_Request $request )

Contents

Description #Description

Parameters #Parameters

Return #Return

Source #Source

Changelog #Changelog

User Contributed Notes #User Contributed Notes

Description Description

Parameters Parameters

Return Return

Source Source

Changelog Changelog

User Contributed Notes User Contributed Notes