json-endpoints/class.wpcom-json-api-post-endpoint.php 1 location
|
@@ 158-168 (lines=11) @@
|
| 155 |
|
// Permissions |
| 156 |
|
$capabilities = $this->get_current_user_capabilities( $post ); |
| 157 |
|
|
| 158 |
|
switch ( $context ) { |
| 159 |
|
case 'edit' : |
| 160 |
|
if ( ! $capabilities['edit_post'] ) { |
| 161 |
|
return new WP_Error( 'unauthorized', 'User cannot edit post', 403 ); |
| 162 |
|
} |
| 163 |
|
break; |
| 164 |
|
case 'display' : |
| 165 |
|
break; |
| 166 |
|
default : |
| 167 |
|
return new WP_Error( 'invalid_context', 'Invalid API CONTEXT', 400 ); |
| 168 |
|
} |
| 169 |
|
|
| 170 |
|
$can_view = $this->user_can_view_post( $post->ID ); |
| 171 |
|
if ( !$can_view || is_wp_error( $can_view ) ) { |
json-endpoints/class.wpcom-json-api-post-v1-1-endpoint.php 1 location
|
@@ 151-161 (lines=11) @@
|
| 148 |
|
// Permissions |
| 149 |
|
$capabilities = $this->get_current_user_capabilities( $post ); |
| 150 |
|
|
| 151 |
|
switch ( $context ) { |
| 152 |
|
case 'edit' : |
| 153 |
|
if ( ! $capabilities['edit_post'] ) { |
| 154 |
|
return new WP_Error( 'unauthorized', 'User cannot edit post', 403 ); |
| 155 |
|
} |
| 156 |
|
break; |
| 157 |
|
case 'display' : |
| 158 |
|
break; |
| 159 |
|
default : |
| 160 |
|
return new WP_Error( 'invalid_context', 'Invalid API CONTEXT', 400 ); |
| 161 |
|
} |
| 162 |
|
|
| 163 |
|
$can_view = $this->user_can_view_post( $post->ID ); |
| 164 |
|
if ( !$can_view || is_wp_error( $can_view ) ) { |
Automattic /
jetpack
