tmdinosaurcenter
/
tainacan
mirror of https://github.com/tainacan/tainacan
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

change collections api permission checks #274

This commit is contained in:
Leo Germani 2019-10-21 14:26:09 -03:00
parent 31ef06a8dd
commit 5fb5293c72
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/api/endpoints/class-tainacan-rest-collections-controller.php
View File

@ -250,8 +250,7 @@ class REST_Collections_Controller extends REST_Controller {
* @throws \Exception
*/
public function get_items_permissions_check($request){
$dummy = new Entities\Collection();
if ( 'edit' === $request['context'] && ! current_user_can($dummy->get_capabilities()->edit_posts) ) {
if ( 'edit' === $request['context'] && ! current_user_can($this->collections_repository->get_capabilities()->edit_posts) ) {
return false;
}
@ -269,11 +268,11 @@ class REST_Collections_Controller extends REST_Controller {
$collection = $this->collections_repository->fetch($request['collection_id']);
if(($collection instanceof Entities\Collection)) {
if('edit' === $request['context'] && !$collection->can_read()) {
if('edit' === $request['context'] && !$collection->can_edit()) {
return false;
}
return true;
return $collection->can_read();
}
return false;
@ -331,8 +330,7 @@ class REST_Collections_Controller extends REST_Controller {
* @throws \Exception
*/
public function create_item_permissions_check( $request ) {
$dummy = new Entities\Collection();
return current_user_can($dummy->get_capabilities()->edit_posts);
return current_user_can($this->collections_repository->get_capabilities()->edit_posts);
}
/**