|
@@ 59-61 (lines=3) @@
|
| 56 |
|
|
| 57 |
|
$post_type = get_post_type_object( $this->post_type ); |
| 58 |
|
|
| 59 |
|
if ( 'edit' === $request['context'] && ! current_user_can( $post_type->cap->edit_posts ) ) { |
| 60 |
|
return new WP_Error( 'rest_forbidden_context', __( 'Sorry, you are not allowed to edit invoices.', 'invoicing' ), array( 'status' => rest_authorization_required_code() ) ); |
| 61 |
|
} |
| 62 |
|
|
| 63 |
|
// Read checks will be evaluated on a per invoice basis |
| 64 |
|
|
|
@@ 277-285 (lines=9) @@
|
| 274 |
|
|
| 275 |
|
$post_type = get_post_type_object( $this->post_type ); |
| 276 |
|
|
| 277 |
|
if ( ! current_user_can( $post_type->cap->create_posts ) ) { |
| 278 |
|
return new WP_Error( |
| 279 |
|
'rest_cannot_create', |
| 280 |
|
__( 'Sorry, you are not allowed to create invoices as this user.', 'invoicing' ), |
| 281 |
|
array( |
| 282 |
|
'status' => rest_authorization_required_code(), |
| 283 |
|
) |
| 284 |
|
); |
| 285 |
|
} |
| 286 |
|
|
| 287 |
|
return true; |
| 288 |
|
} |
|
@@ 367-375 (lines=9) @@
|
| 364 |
|
|
| 365 |
|
$post_type = get_post_type_object( $this->post_type ); |
| 366 |
|
|
| 367 |
|
if ( ! current_user_can( $post_type->cap->edit_post, $invoice->ID ) ) { |
| 368 |
|
return new WP_Error( |
| 369 |
|
'rest_cannot_edit', |
| 370 |
|
__( 'Sorry, you are not allowed to update this invoice.', 'invoicing' ), |
| 371 |
|
array( |
| 372 |
|
'status' => rest_authorization_required_code(), |
| 373 |
|
) |
| 374 |
|
); |
| 375 |
|
} |
| 376 |
|
|
| 377 |
|
return true; |
| 378 |
|
} |
AyeCode /
invoicing
