LLMS_REST_Authentication::check_permissions( mixed $result, WP_REST_Server $server, WP_REST_Request $request )

Check if the API Key can perform the request.

Parameters Parameters


(mixed) (Required) Response to replace the requested version with.


(WP_REST_Server) (Required) Server instance.


(WP_REST_Request) (Required) Request used to generate the response.

Top ↑

Return Return


Top ↑

Source Source

File: libraries/lifterlms-rest/includes/class-llms-rest-authentication.php

	public function check_permissions( $result, $server, $request ) {

		if ( $this->api_key ) {

			$allowed = $this->api_key->has_permission( $request->get_method() );
			if ( ! $allowed ) {
				return llms_rest_authorization_required_error( '', false );

			// Update the API key's last access time.
			$this->api_key->set( 'last_access', current_time( 'mysql' ) )->save();


		return $result;

Top ↑

Changelog Changelog

Version Description
1.0.0-beta.12 Call llms_rest_authorization_required_error() instructing to not check if the current user is logged in to avoid infinite loops.
1.0.0-beta.1 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.