parent
7d5b8e7a82
commit
9acd0732d4
6 changed files with 46 additions and 5 deletions
|
@ -38,6 +38,11 @@ class Activitypub {
|
||||||
return $template;
|
return $template;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// check if user can publish posts
|
||||||
|
if ( \is_author() && ! user_can( \get_the_author_meta( 'ID' ), 'publish_posts' ) ) {
|
||||||
|
return $template;
|
||||||
|
}
|
||||||
|
|
||||||
if ( \is_author() ) {
|
if ( \is_author() ) {
|
||||||
$json_template = \dirname( __FILE__ ) . '/../templates/author-json.php';
|
$json_template = \dirname( __FILE__ ) . '/../templates/author-json.php';
|
||||||
} elseif ( \is_singular() ) {
|
} elseif ( \is_singular() ) {
|
||||||
|
|
|
@ -101,6 +101,9 @@ class Followers {
|
||||||
$params['user_id'] = array(
|
$params['user_id'] = array(
|
||||||
'required' => true,
|
'required' => true,
|
||||||
'type' => 'integer',
|
'type' => 'integer',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
return user_can( $param, 'publish_posts' );
|
||||||
|
},
|
||||||
);
|
);
|
||||||
|
|
||||||
return $params;
|
return $params;
|
||||||
|
|
|
@ -99,6 +99,9 @@ class Following {
|
||||||
$params['user_id'] = array(
|
$params['user_id'] = array(
|
||||||
'required' => true,
|
'required' => true,
|
||||||
'type' => 'integer',
|
'type' => 'integer',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
return user_can( $param, 'publish_posts' );
|
||||||
|
},
|
||||||
);
|
);
|
||||||
|
|
||||||
return $params;
|
return $params;
|
||||||
|
|
|
@ -33,7 +33,7 @@ class Inbox {
|
||||||
array(
|
array(
|
||||||
'methods' => \WP_REST_Server::EDITABLE,
|
'methods' => \WP_REST_Server::EDITABLE,
|
||||||
'callback' => array( '\Activitypub\Rest\Inbox', 'shared_inbox_post' ),
|
'callback' => array( '\Activitypub\Rest\Inbox', 'shared_inbox_post' ),
|
||||||
'args' => self::shared_inbox_request_parameters(),
|
'args' => self::shared_inbox_post_parameters(),
|
||||||
'permission_callback' => '__return_true',
|
'permission_callback' => '__return_true',
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
@ -46,12 +46,13 @@ class Inbox {
|
||||||
array(
|
array(
|
||||||
'methods' => \WP_REST_Server::EDITABLE,
|
'methods' => \WP_REST_Server::EDITABLE,
|
||||||
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox_post' ),
|
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox_post' ),
|
||||||
'args' => self::user_inbox_request_parameters(),
|
'args' => self::user_inbox_post_parameters(),
|
||||||
'permission_callback' => '__return_true',
|
'permission_callback' => '__return_true',
|
||||||
),
|
),
|
||||||
array(
|
array(
|
||||||
'methods' => \WP_REST_Server::READABLE,
|
'methods' => \WP_REST_Server::READABLE,
|
||||||
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox_get' ),
|
'callback' => array( '\Activitypub\Rest\Inbox', 'user_inbox_get' ),
|
||||||
|
'args' => self::user_inbox_get_parameters(),
|
||||||
'permission_callback' => '__return_true',
|
'permission_callback' => '__return_true',
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
@ -195,7 +196,7 @@ class Inbox {
|
||||||
*
|
*
|
||||||
* @return array list of parameters
|
* @return array list of parameters
|
||||||
*/
|
*/
|
||||||
public static function user_inbox_request_parameters() {
|
public static function user_inbox_get_parameters() {
|
||||||
$params = array();
|
$params = array();
|
||||||
|
|
||||||
$params['page'] = array(
|
$params['page'] = array(
|
||||||
|
@ -205,6 +206,32 @@ class Inbox {
|
||||||
$params['user_id'] = array(
|
$params['user_id'] = array(
|
||||||
'required' => true,
|
'required' => true,
|
||||||
'type' => 'integer',
|
'type' => 'integer',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
return user_can( $param, 'publish_posts' );
|
||||||
|
},
|
||||||
|
);
|
||||||
|
|
||||||
|
return $params;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The supported parameters
|
||||||
|
*
|
||||||
|
* @return array list of parameters
|
||||||
|
*/
|
||||||
|
public static function user_inbox_post_parameters() {
|
||||||
|
$params = array();
|
||||||
|
|
||||||
|
$params['page'] = array(
|
||||||
|
'type' => 'integer',
|
||||||
|
);
|
||||||
|
|
||||||
|
$params['user_id'] = array(
|
||||||
|
'required' => true,
|
||||||
|
'type' => 'integer',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
return user_can( $param, 'publish_posts' );
|
||||||
|
},
|
||||||
);
|
);
|
||||||
|
|
||||||
$params['id'] = array(
|
$params['id'] = array(
|
||||||
|
@ -243,7 +270,7 @@ class Inbox {
|
||||||
*
|
*
|
||||||
* @return array list of parameters
|
* @return array list of parameters
|
||||||
*/
|
*/
|
||||||
public static function shared_inbox_request_parameters() {
|
public static function shared_inbox_post_parameters() {
|
||||||
$params = array();
|
$params = array();
|
||||||
|
|
||||||
$params['page'] = array(
|
$params['page'] = array(
|
||||||
|
|
|
@ -138,6 +138,9 @@ class Outbox {
|
||||||
$params['user_id'] = array(
|
$params['user_id'] = array(
|
||||||
'required' => true,
|
'required' => true,
|
||||||
'type' => 'integer',
|
'type' => 'integer',
|
||||||
|
'validate_callback' => function( $param, $request, $key ) {
|
||||||
|
return user_can( $param, 'publish_posts' );
|
||||||
|
},
|
||||||
);
|
);
|
||||||
|
|
||||||
return $params;
|
return $params;
|
||||||
|
|
|
@ -59,7 +59,7 @@ class Webfinger {
|
||||||
|
|
||||||
$user = \get_user_by( 'login', \esc_sql( $resource_identifier ) );
|
$user = \get_user_by( 'login', \esc_sql( $resource_identifier ) );
|
||||||
|
|
||||||
if ( ! $user ) {
|
if ( ! $user || ! user_can( $user, 'publish_posts' ) ) {
|
||||||
return new \WP_Error( 'activitypub_user_not_found', \__( 'User not found', 'activitypub' ), array( 'status' => 404 ) );
|
return new \WP_Error( 'activitypub_user_not_found', \__( 'User not found', 'activitypub' ), array( 'status' => 404 ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue