Limit a WordPress Pages post collection request to only users with the required permissions
<?php | |
/** | |
* Limit a Pages post collection request to only users with the required permissions. | |
* | |
* @author Kellen Mace | |
* | |
* @param array $args Key value array of query var to query value. | |
* | |
* @return array $args Key value array of query var to query value, possibly modified. | |
*/ | |
function km_limit_rest_api_read_access_to_protected_pages( $args ) { | |
// If this user is logged in, then query for Pages as usual, | |
// including both those that are protected and those that aren't. | |
// If desired, you could go a step further and check if they | |
// have a certain role/capabilities. | |
if ( is_user_logged_in() ) { | |
return $args; | |
} | |
// If the user is not logged in, modify the query to only include | |
// Pages that are not protected. | |
$args['meta_query'][] = [ | |
'key' => '_is_protected_content', | |
'value' => true, | |
'compare' => '!=', | |
]; | |
$args['meta_query']['relation'] = 'AND'; | |
return $args; | |
} | |
add_filter( 'rest_page_query', 'km_limit_rest_api_read_access_to_protected_pages' ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment