LLMS_REST_Users_Controller::check_roles_permissions( WP_REST_Request $request )
Determine if the current user has permissions to manage the role(s) present in a request
Parameters Parameters
- $request
-
(WP_REST_Request) (Required) Request object.
Return Return
(true|WP_Error)
Source Source
File: libraries/lifterlms-rest/includes/abstracts/class-llms-rest-users-controller.php
$this->meta = new WP_REST_User_Meta_Fields();
}
/**
* Determine if the current user has permissions to manage the role(s) present in a request
*
* @since 1.0.0-beta.1
*
* @param WP_REST_Request $request Request object.
* @return true|WP_Error
*/
protected function check_roles_permissions( $request ) {
global $wp_roles;
$schema = $this->get_item_schema();
$roles = array();
if ( ! empty( $request['roles'] ) ) {
$roles = $request['roles'];
} elseif ( ! empty( $schema['properties']['roles']['default'] ) ) {
$roles = $schema['properties']['roles']['default'];
}
foreach ( $roles as $role ) {
if ( ! isset( $wp_roles->role_objects[ $role ] ) ) {
// Translators: %s = role key.
return llms_rest_bad_request_error( sprintf( __( 'The role %s does not exist.', 'lifterlms' ), $role ) );
}
$potential_role = $wp_roles->role_objects[ $role ];
/*
* Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
* Multisite super admins can freely edit their blog roles -- they possess all caps.
*/
if ( ! ( is_multisite()
&& current_user_can( 'manage_sites' ) )
&& get_current_user_id() === $request['id']
&& ! $potential_role->has_cap( 'edit_users' )
) {
return llms_rest_authorization_required_error( __( 'You are not allowed to give users this role.', 'lifterlms' ) );
}
// Include admin functions to get access to `get_editable_roles()`.
require_once ABSPATH . 'wp-admin/includes/admin.php';
Expand full source code Collapse full source code View on GitHub
Changelog Changelog
| Version | Description |
|---|---|
| 1.0.0-beta.1 | Introduced. |