Last active
January 27, 2018 12:34
-
-
Save milindmore22/2b830f2dd3120670d2b4dc1587b6f242 to your computer and use it in GitHub Desktop.
WP default registered user end point
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php#L64 | |
register_rest_route( | |
$this->namespace, '/' . $this->rest_base . '/(?P<id>[\d]+)', | |
array( | |
'methods' => WP_REST_Server::READABLE, | |
'callback' => array( $this, 'get_item' ), | |
'permission_callback' => array( $this, 'get_item_permissions_check' ), | |
'args' => array( | |
'context' => $this->get_context_param( array( 'default' => 'view' ) ), | |
), ), | |
); | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Checks if a given request has access to read a user. | |
* | |
* @since 4.7.0 | |
* | |
* @param WP_REST_Request $request Full details about the request. | |
* @return true|WP_Error True if the request has read access for the item, otherwise WP_Error object. | |
*/ | |
public function get_item_permissions_check( $request ) { | |
$user = $this->get_user( $request['id'] ); | |
if ( is_wp_error( $user ) ) { | |
return $user; | |
} | |
$types = get_post_types( array( 'show_in_rest' => true ), 'names' ); | |
if ( get_current_user_id() === $user->ID ) { | |
return true; | |
} | |
if ( 'edit' === $request['context'] && ! current_user_can( 'list_users' ) ) { | |
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you are not allowed to list users.' ), array( 'status' => rest_authorization_required_code() ) ); | |
} elseif ( ! count_user_posts( $user->ID, $types ) && ! current_user_can( 'edit_user', $user->ID ) && ! current_user_can( 'list_users' ) ) { | |
return new WP_Error( 'rest_user_cannot_view', __( 'Sorry, you are not allowed to list users.' ), array( 'status' => rest_authorization_required_code() ) ); | |
} | |
return true; | |
} | |
// https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php#L359 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment