Ticket #48764: class-wp-rest-posts-controller.php.patch
| File class-wp-rest-posts-controller.php.patch, 2.2 KB (added by , 4 years ago) |
|---|
-
class-wp-rest-posts-controller.php
old new 1009 1009 1010 1010 // Post status. 1011 1011 if ( ! empty( $schema['properties']['status'] ) && isset( $request['status'] ) ) { 1012 $status = $this->handle_status_param( $request['status'], $post_type );1012 $status = $this->handle_status_param( $request['status'], $post_type, $request['id'] ); 1013 1013 1014 1014 if ( is_wp_error( $status ) ) { 1015 1015 return $status; … … 1145 1145 * @param object $post_type Post type. 1146 1146 * @return string|WP_Error Post status or WP_Error if lacking the proper permission. 1147 1147 */ 1148 protected function handle_status_param( $post_status, $post_type ) {1148 protected function handle_status_param( $post_status, $post_type, $ID ) { 1149 1149 1150 1150 switch ( $post_status ) { 1151 1151 case 'draft': 1152 1152 case 'pending': 1153 1153 break; 1154 1154 case 'private': 1155 if ( ! current_user_can( $post_type->cap->publish_posts ) ) {1155 if ( ! current_user_can( $post_type->cap->publish_posts, $ID ) ) { 1156 1156 return new WP_Error( 'rest_cannot_publish', __( 'Sorry, you are not allowed to create private posts in this post type.' ), array( 'status' => rest_authorization_required_code() ) ); 1157 1157 } 1158 1158 break; 1159 1159 case 'publish': 1160 1160 case 'future': 1161 if ( ! current_user_can( $post_type->cap->publish_posts ) ) {1161 if ( ! current_user_can( $post_type->cap->publish_posts, $ID ) ) { 1162 1162 return new WP_Error( 'rest_cannot_publish', __( 'Sorry, you are not allowed to publish posts in this post type.' ), array( 'status' => rest_authorization_required_code() ) ); 1163 1163 } 1164 1164 break;