Filter tin-canny-learndash-reporting

tincanny_can_upload_content

Filters whether a user with 'manage_options' capability can upload content, allowing customization of upload permissions.

add_filter( 'tincanny_can_upload_content', $callback, 10, 1 );

Description

Fires before checking user capabilities for uploading content. Developers can use this filter to dynamically change the required capability, allowing for custom role-based access control for the Tin Canny zip uploader functionality. Defaults to 'manage_options'.

Usage

add_filter( 'tincanny_can_upload_content', 'your_function_name', 10, 1 );

Return Value

The filtered value.

Examples

/**
 * Filter example for 'tincanny_can_upload_content' hook.
 *
 * This example modifies the capability required to upload content.
 * It checks if the current user has the 'edit_posts' capability
 * instead of the default 'manage_options'.
 *
 * @param string $capability The current required capability.
 * @return string The modified capability.
 */
add_filter( 'tincanny_can_upload_content', 'my_custom_tincanny_upload_capability', 10, 1 );

function my_custom_tincanny_upload_capability( $capability ) {
	// Allow users with 'edit_posts' capability to upload content.
	// This is a more granular permission than 'manage_options'.
	if ( current_user_can( 'edit_posts' ) ) {
		return 'edit_posts';
	}

	// If the user doesn't have 'edit_posts', fall back to the original capability check.
	return $capability;
}

Placement

This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.

Source Code

src/tincanny-zip-uploader/tincanny-zip-uploader.php:351

public static function rest_permissions( $request ) {

		// Check capabilities.
		$capability = apply_filters( 'tincanny_can_upload_content', 'manage_options' );
		if ( ! current_user_can( $capability ) ) {
			return new WP_Error(
				'rest_forbidden',
				esc_html_x( 'You do not have permissions to access this endpoint.', 'Tin Canny Zip Uploader', 'uncanny-learndash-reporting' ),
				array( 'status' => 401 )
			);
		}

		// Check nonce.
		$params = $request->get_params();
		if ( ! isset( $params['security'] ) || ! wp_verify_nonce( $params['security'], 'tincanny-zip-uploader' ) ) {
			return new WP_Error(
				'rest_forbidden',
				esc_html_x( 'You do not have permissions to access this endpoint.', 'Tin Canny Zip Uploader', 'uncanny-learndash-reporting' ),
				array( 'status' => 401 )
			);
		}

		// Check action.
		$whitelisted_actions = array(
			'upload-tincanny-zip',
			'upload-tincanny-zip-entry',
			'finalize-tincanny-module-upload',
			'cancel-tincanny-module-upload',
		);

		if ( ! isset( $params['action'] ) || ! in_array( $params['action'], $whitelisted_actions, true ) ) {
			return new WP_Error(
				'rest_forbidden',
				esc_html_x( 'Invalid action.', 'Tin Canny Zip Uploader', 'uncanny-learndash-reporting' ),
				array( 'status' => 401 )
			);
		}

		return true;
	}
Scroll to Top