REST API: If Super Admin does not exist in subsite, retrieving users is rejected

[wildworks]

I submitted this ticket based on this issue in Gutenberg: ​https://github.com/WordPress/gutenberg/issues/62574

The block editor retrieves the list of users via the REST API and generates the author dropdown. The author of the post (postAuthor) is also respected and included in the list. Here is the code.

​https://github.com/WordPress/gutenberg/blob/2917269cf70405990ab4b1cd3f961a714dc5f5f6/packages/editor/src/components/post-author/hook.js#L28-L30

However, if the super admin does not exist as a user in the subsite, the REST API request will return undefined, and so any posts created by the super admin in the subsite will have an empty author field.

When I investigated why the REST API was not returning the user data, I found that the request was being rejected at this point.

​https://github.com/WordPress/wordpress-develop/blob/8f273362c85678da666ce9f19e958d87f1c3eeea/src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php#L425-L427

I'm thinking of adding an exception for super admins only, like this:

if ( is_multisite() && ! is_user_member_of_blog( $user->ID ) && ! is_super_admin( $user->ID ) ) {
	return $error;
}

I would be grateful if you could advise whether this approach would cause any unintended problems and whether it even makes sense.

[wildworks]

The posts sidebar when a super admin creates a post in a subsite where they don't exist as a user. The author field is empty.