- Timestamp:
- 10/02/2024 03:23:39 AM (9 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/bp-members/classes/class-bp-members-rest-controller.php
r14028 r14034 244 244 $member = reset( $member_query->results ); 245 245 246 $member = $this->prepare_item_for_response( $member, $request ); 247 $response = rest_ensure_response( $member ); 248 249 return $response; 246 $member = $this->prepare_item_for_response( $member, $request ); 247 248 return rest_ensure_response( $member ); 250 249 } 251 250 … … 258 257 * @since 15.0.0 259 258 * 260 * @param 259 * @param WP_REST_Request $request Full details about the request. 261 260 * @return true|WP_Error 262 261 */ … … 281 280 ) 282 281 ); 283 } elseif ( 'edit' === $request->get_param( 'context' ) ) { 284 if ( get_current_user_id() === $user->ID || bp_current_user_can( 'list_users' ) ) { 285 $retval = true; 286 } else { 287 $retval = new WP_Error( 288 'bp_rest_authorization_required', 289 __( 'Sorry, you are not allowed to view members with the edit context.', 'buddypress' ), 290 array( 291 'status' => rest_authorization_required_code(), 292 ) 293 ); 294 } 295 } else { 282 } elseif ( get_current_user_id() === $user->ID && ! bp_is_user_spammer( $user->ID ) ) { 283 $retval = true; 284 } elseif ( 'edit' === $request->get_param( 'context' ) && ! bp_current_user_can( 'list_users' ) ) { 285 $retval = new WP_Error( 286 'bp_rest_authorization_required', 287 __( 'Sorry, you are not allowed to view members with the edit context.', 'buddypress' ), 288 array( 'status' => rest_authorization_required_code() ) 289 ); 290 } elseif ( bp_current_user_can( 'bp_moderate' ) || ! bp_is_user_spammer( $user->ID ) ) { 296 291 $retval = true; 297 292 }
Note: See TracChangeset
for help on using the changeset viewer.