tec3/five-for-the-future
tec3/five-for-the-future
1
0
Fork 0
mirror of https://github.com/WordPress/five-for-the-future.git synced 2025-07-05 10:25:45 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add can_manage_pledge to check user or token against a given pledge

Browse source 
Pulled out of e9763f6678
This commit is contained in:
Kelly Dwan 2019-11-15 16:13:56 -05:00
parent ea465432a6
commit 4ffc0764f2
No known key found for this signature in database
GPG key ID: 8BA5575F3D11575D
2 changed files with 85 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

35
plugins/wporg-5ftf/includes/authentication.php
View file

@ -149,3 +149,38 @@ function is_valid_authentication_token( $pledge_id, $action, $unverified_token )
return $verified;
}
/**
* Checks user capabilties or auth token to see if this user can edit the given pledge.
*
* @param int $requested_pledge_id The pledge to edit.
* @param string $auth_token The supplied auth token to check.
*
* @return true|WP_Error
*/
function can_manage_pledge( $requested_pledge_id, $auth_token = '' ) {
// A valid token superceeds other auth methods.
if ( true === is_valid_authentication_token( $requested_pledge_id, 'manage_pledge', $auth_token ) ) {
return true;
} else if ( is_user_logged_in() ) {
if ( current_user_can( 'manage_options' ) ) {
return true;
}
return new \WP_Error(
'invalid_token',
sprintf(
__( 'You don\'t have permissions to edit this page. <a href="%s">Request an edit link.</a>', 'wporg-5ftf' ),
get_permalink( $requested_pledge_id )
)
);
}
return new \WP_Error(
'invalid_token',
sprintf(
__( 'Your link has expired, please <a href="%s">obtain a new one.</a>', 'wporg-5ftf' ),
get_permalink( $requested_pledge_id )
)
);
}