WP_REST_Plugins_Controller::check_read_permission() - Checks if the given plugin can be viewed by the current user.

WP_REST_Plugins_Controller::check_read_permission() – Checks if the given plugin can be viewed by the current user.

You appear to be a bot. Output may be restricted

Description

Checks if the given plugin can be viewed by the current user.

On multisite, this hides non-active network only plugins if the user does not have permission to manage network plugins.

Usage

$true|WP_Error = WP_REST_Plugins_Controller::check_read_permission( $plugin );

Parameters

$plugin: ( string ) required – The plugin file to check.

Returns

true|WP_Error True if can read, a WP_Error instance otherwise.

Source

File name: wordpress/wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php
Lines:

1 to 21 of 21

  protected function check_read_permission( $plugin ) {
    require_once ABSPATH . 'wp-admin/includes/plugin.php';

    if ( ! $this->is_plugin_installed( $plugin ) ) {
      return new WP_Error( 'rest_plugin_not_found', __( 'Plugin not found.' ), array( 'status' => 404 ) );
    }

    if ( ! is_multisite() ) {
      return true;
    }

    if ( ! is_network_only_plugin( $plugin ) || is_plugin_active( $plugin ) || current_user_can( 'manage_network_plugins' ) ) {
      return true;
    }

    return new WP_Error(
      'rest_cannot_view_plugin',
      __( 'Sorry, you are not allowed to manage this plugin.' ),
      array( 'status' => rest_authorization_required_code() )
    );
  }

View on GitHub View on Trac