Change permission callback for coauthors/v1/authors and coauthors/v1/search endpoint

Automattic / Co-Authors-Plus

Multiple bylines and Guest Authors for WordPress

https://wordpress.org/plugins/co-authors-plus/

GNU General Public License v2.0

290 stars 205 forks source link

Change permission callback for coauthors/v1/authors and coauthors/v1/search endpoint #883

Closed rebeccahum closed 1 year ago

rebeccahum commented 1 year ago

This PR does two things:

Simplifies current_user_can_set_authors() to user caps only. It shouldn't matter what the post_type is...especially when the endpoint at the end of the day falls back to user caps anyways, so we can save on processing for that
Changes the permission callback for coauthors/v1/authors and coauthors/v1/search endpoint

mjangda commented 1 year ago

If you wanted to simplify this even further

@leogermani we had to revert this because of some interesting hacks we have to allow lower-privileged users (e.g. author) that are added as coauthors to edit those posts. Some of this legacy code could probably be removed since the original core issues forcing those hacks have been addressed.

leogermani commented 1 year ago

@mjangda ok! Sorry for adding this extra step to the process.. I should have guessed there was a reason for that