/** * Gets the one model object with the specified id for the specified model * @param \EEM_Base $model * @param \WP_REST_Request $request * @return array */ public function get_entity_from_model($model, $request) { $query_params = array(array($model->primary_key_name() => $request->get_param('id')), 'limit' => 1); if ($model instanceof \EEM_Soft_Delete_Base) { $query_params = $model->alter_query_params_so_deleted_and_undeleted_items_included($query_params); } $restricted_query_params = $query_params; $restricted_query_params['caps'] = $this->validate_context($request->get_param('caps')); $this->_set_debug_info('model query params', $restricted_query_params); $model_rows = $model->get_all_wpdb_results($restricted_query_params); if (!empty($model_rows)) { return $this->create_entity_from_wpdb_result($model, array_shift($model_rows), $request->get_param('include'), $this->validate_context($request->get_param('caps'))); } else { //ok let's test to see if we WOULD have found it, had we not had restrictions from missing capabilities $lowercase_model_name = strtolower($model->get_this_model_name()); $model_rows_found_sans_restrictions = $model->get_all_wpdb_results($query_params); if (!empty($model_rows_found_sans_restrictions)) { //you got shafted- it existed but we didn't want to tell you! return new \WP_Error('rest_user_cannot_read', sprintf(__('Sorry, you cannot read this %1$s. Missing permissions are: %2$s', 'event_espresso'), strtolower($model->get_this_model_name()), Capabilities::get_missing_permissions_string($model, $this->validate_context($request->get_param('caps')))), array('status' => 403)); } else { //it's not you. It just doesn't exist return new \WP_Error(sprintf('rest_%s_invalid_id', $lowercase_model_name), sprintf(__('Invalid %s ID.', 'event_espresso'), $lowercase_model_name), array('status' => 404)); } } }