fixing terms api permission checks

2018-01-29 17:30:01 -02:00 · 2018-01-29 17:30:01 -02:00 · 7d616c5cca
parent 0b10630a2d
commit 7d616c5cca
2 changed files with 21 additions and 6 deletions
--- a/src/api/endpoints/class-tainacan-rest-terms-controller.php
+++ b/src/api/endpoints/class-tainacan-rest-terms-controller.php
@ -130,7 +130,11 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function create_item_permissions_check( $request ) {
-		return $this->terms_repository->can_edit($this->term);
+        $taxonomy = $this->taxonomy_repository->fetch($request['taxonomy_id']);
+        if ($taxonomy instanceof Entities\Taxonomy) {
+            return $taxonomy->can_edit();
+        }
+        return false;
 	}

 	/**
@ -163,8 +167,11 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function delete_item_permissions_check( $request ) {
-		$term = new Entities\Term($this->terms_repository->fetch($request['term_id']));
-		return $this->terms_repository->can_delete($term);
+        $taxonomy = $this->taxonomy_repository->fetch($request['taxonomy_id']);
+        if ($taxonomy instanceof Entities\Taxonomy) {
+            return $taxonomy->can_edit();
+        }
+        return false;
 	}

 	/**
@ -209,8 +216,11 @@ class TAINACAN_REST_Terms_Controller extends WP_REST_Controller {
 	 * @return bool|WP_Error
 	 */
 	public function update_item_permissions_check( $request ) {
-		$term = new Entities\Term($this->terms_repository->fetch($request['term_id']));
-		return $this->terms_repository->can_edit($term);
+        $taxonomy = $this->taxonomy_repository->fetch($request['taxonomy_id']);
+        if ($taxonomy instanceof Entities\Taxonomy) {
+            return $taxonomy->can_edit();
+        }
+        return false;
 	}

 	/**
--- a/src/classes/repositories/class-tainacan-taxonomies.php
+++ b/src/classes/repositories/class-tainacan-taxonomies.php
@ -162,7 +162,12 @@ class Taxonomies extends Repository {
        // TODO: Pegar taxonomias registradas via código
        
        if( is_numeric($args) ){
-            return new Entities\Taxonomy($args);
+            $existing_post = get_post($args);
+            if ($existing_post instanceof \WP_Post) {
+                return new Entities\Taxonomy($existing_post);
+            } else {
+                return [];
+            }
        } elseif (is_array($args)) {

            $args = array_merge([