PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 4.15.3
GiveWP – Donation Plugin and Fundraising Platform v4.15.3
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / src / API / REST / V3 / Routes / Subscriptions / Permissions / SubscriptionPermissions.php
give / src / API / REST / V3 / Routes / Subscriptions / Permissions Last commit date
SubscriptionPermissions.php 5 months ago
SubscriptionPermissions.php
130 lines
1 <?php
2
3 namespace Give\API\REST\V3\Routes\Subscriptions\Permissions;
4
5 use Give\API\REST\V3\Routes\Donors\ValueObjects\DonorAnonymousMode;
6 use Give\Framework\Permissions\Facades\UserPermissions;
7 use WP_Error;
8 use WP_REST_Request;
9
10 /**
11 * @since 4.8.0
12 */
13 class SubscriptionPermissions
14 {
15 /**
16 * Check if current user can edit subscriptions.
17 *
18 * @since 4.8.0
19 */
20 public static function canEdit(): bool
21 {
22 return UserPermissions::subscriptions()->canEdit();
23 }
24
25 /**
26 * Check if current user can view subscriptions.
27 *
28 * @since 4.14.0
29 */
30 public static function canView(): bool
31 {
32 return UserPermissions::subscriptions()->canView();
33 }
34
35 /**
36 * Check if current user can delete subscriptions.
37 *
38 * @since 4.14.0 update permission capability to use facade
39 *
40 * @since 4.8.0
41 */
42 public static function canDelete(): bool
43 {
44 return UserPermissions::subscriptions()->canDelete();
45 }
46
47 /**
48 * @since 4.8.0
49 */
50 public static function authorizationStatusCode(): int
51 {
52 return is_user_logged_in() ? 403 : 401;
53 }
54
55 /**
56 * @since 4.14.0 updated to use canView method
57 * @since 4.8.0
58 *
59 * @param WP_REST_Request $request
60 *
61 * @return true|WP_Error
62 */
63 public static function validationForGetMethods(WP_REST_Request $request)
64 {
65 $isAdmin = self::canView();
66
67 $includeSensitiveData = $request->get_param('includeSensitiveData');
68 if ( ! $isAdmin && $includeSensitiveData) {
69 return new WP_Error(
70 'rest_forbidden',
71 __('You do not have permission to include sensitive data.', 'give'),
72 ['status' => self::authorizationStatusCode()]
73 );
74 }
75
76 if ($request->get_param('anonymousDonors') !== null) {
77 $donorAnonymousMode = new DonorAnonymousMode($request->get_param('anonymousDonors'));
78 if ( ! $isAdmin && $donorAnonymousMode->isIncluded()) {
79 return new WP_Error(
80 'rest_forbidden',
81 __('You do not have permission to include anonymous donors.', 'give'),
82 ['status' => self::authorizationStatusCode()]
83 );
84 }
85 }
86
87 return true;
88 }
89
90 /**
91 * @since 4.8.0
92 *
93 * @param WP_REST_Request $request
94 *
95 * @return true|WP_Error
96 */
97 public static function validationForUpdateMethod(WP_REST_Request $request)
98 {
99 if (! self::canEdit()) {
100 return new WP_Error(
101 'rest_forbidden',
102 __('You do not have permission to update subscriptions.', 'give'),
103 ['status' => self::authorizationStatusCode()]
104 );
105 }
106
107 return true;
108 }
109
110 /**
111 * @since 4.8.0
112 *
113 * @param WP_REST_Request $request
114 *
115 * @return true|WP_Error
116 */
117 public static function validationForDeleteMethods(WP_REST_Request $request)
118 {
119 if ( ! self::canDelete()) {
120 return new WP_Error(
121 'rest_forbidden',
122 __('You do not have permission to delete subscriptions.', 'give'),
123 ['status' => self::authorizationStatusCode()]
124 );
125 }
126
127 return true;
128 }
129 }
130