enmi-conf.org: comparison wp/wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php

equal deleted inserted replaced

-:48c4eec2b7e6
+:8c2e4d02f4ef
 		if ( rest_is_field_included( 'title.raw', $fields ) ) {
 			$data['title']['raw'] = $post->post_title;
 		}
 		if ( rest_is_field_included( 'title.rendered', $fields ) ) {
 			add_filter( 'protected_title_format', array( $this, 'protected_title_format' ) );
+			add_filter( 'private_title_format', array( $this, 'protected_title_format' ) );
 			$data['title']['rendered'] = get_the_title( $post->ID );
 			remove_filter( 'protected_title_format', array( $this, 'protected_title_format' ) );
+			remove_filter( 'private_title_format', array( $this, 'protected_title_format' ) );
 		}
 		if ( rest_is_field_included( 'settings', $fields ) ) {
 			$data['settings'] = ! empty( $config['settings'] ) && $is_global_styles_user_theme_json ? $config['settings'] : new stdClass();
 		}
 	/**
 	 * Checks if a given request has access to read a single theme global styles config.
 	 *
 	 * @since 5.9.0
+	 * @since 6.7.0 Allow users with edit post capabilities to view theme global styles.
 	 *
 	 * @param WP_REST_Request $request Full details about the request.
 	 * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise.
 	 */
 	public function get_theme_item_permissions_check( $request ) {
 		/*
+		 * Verify if the current user has edit_posts capability.
+		 * This capability is required to view global styles.
+		 */
+		if ( current_user_can( 'edit_posts' ) ) {
+			return true;
+		}
+		foreach ( get_post_types( array( 'show_in_rest' => true ), 'objects' ) as $post_type ) {
+			if ( current_user_can( $post_type->cap->edit_posts ) ) {
+				return true;
+			}
+		}
+		/*
 		 * Verify if the current user has edit_theme_options capability.
-		 * This capability is required to edit/view/delete templates.
 		 */
-		if ( ! current_user_can( 'edit_theme_options' ) ) {
+		if ( current_user_can( 'edit_theme_options' ) ) {
-			return new WP_Error(
+			return true;
-				'rest_cannot_manage_global_styles',
+		}
-				__( 'Sorry, you are not allowed to access the global styles on this site.' ),
-				array(
+		return new WP_Error(
-					'status' => rest_authorization_required_code(),
+			'rest_cannot_read_global_styles',
-				)
+			__( 'Sorry, you are not allowed to access the global styles on this site.' ),
-			);
+			array(
-		}
+				'status' => rest_authorization_required_code(),
+			)
-		return true;
+		);
 	}
 	/**
 	 * Returns the given theme global styles config.
 	 *
 	/**
 	 * Checks if a given request has access to read a single theme global styles config.
 	 *
 	 * @since 6.0.0
+	 * @since 6.7.0 Allow users with edit post capabilities to view theme global styles.
 	 *
 	 * @param WP_REST_Request $request Full details about the request.
 	 * @return true|WP_Error True if the request has read access for the item, WP_Error object otherwise.
 	 */
 	public function get_theme_items_permissions_check( $request ) {
-		/*
+		return $this->get_theme_item_permissions_check( $request );
-		 * Verify if the current user has edit_theme_options capability.
-		 * This capability is required to edit/view/delete templates.
-		 */
-		if ( ! current_user_can( 'edit_theme_options' ) ) {
-			return new WP_Error(
-				'rest_cannot_manage_global_styles',
-				__( 'Sorry, you are not allowed to access the global styles on this site.' ),
-				array(
-					'status' => rest_authorization_required_code(),
-				)
-			);
-		}
-		return true;
 	}
 	/**
 	 * Returns the given theme global styles variations.
 	 *
 				__( 'Theme not found.' ),
 				array( 'status' => 404 )
 			);
 		}
-		$response   = array();
+		$response = array();
 		// Register theme-defined variations e.g. from block style variation partials under `/styles`.
 		$partials = WP_Theme_JSON_Resolver::get_style_variations( 'block' );
 		wp_register_block_style_variations_from_theme_json_partials( $partials );

changeset 22	8c2e4d02f4ef
parent 21	48c4eec2b7e6