Checks if a given request has access to create a post.
public create_item_permissions_check ( WP_REST_Request $request ) : true | WP_Error | ||
$request | WP_REST_Request | Full details about the request. |
return | true | WP_Error | True if the request has access to create items, WP_Error object otherwise. |
/** * Checks if a given request has access to create an attachment. * * @since 4.7.0 * @access public * * @param WP_REST_Request $request Full details about the request. * @return WP_Error|true Boolean true if the attachment may be created, or a WP_Error if not. */ public function create_item_permissions_check($request) { $ret = parent::create_item_permissions_check($request); if (!$ret || is_wp_error($ret)) { return $ret; } if (!current_user_can('upload_files')) { return new WP_Error('rest_cannot_create', __('Sorry, you are not allowed to upload media on this site.'), array('status' => 400)); } // Attaching media to a post requires ability to edit said post. if (!empty($request['post'])) { $parent = get_post((int) $request['post']); $post_parent_type = get_post_type_object($parent->post_type); if (!current_user_can($post_parent_type->cap->edit_post, $request['post'])) { return new WP_Error('rest_cannot_edit', __('Sorry, you are not allowed to upload media to this post.'), array('status' => rest_authorization_required_code())); } } return true; }