rest_authorization_required_code()
概述
rest_authorization_required_code() 函数用于在 REST API 权限检查失败时返回上下文相关的 HTTP 错误代码。它根据用户登录状态动态返回 401 或 403 状态码,以区分未认证和未授权的情况。
关键要点
- 函数返回整数型 HTTP 状态码:用户未登录时返回 401(未认证),用户已登录但权限不足时返回 403(禁止访问)。
- 内部实现基于 is_user_logged_in() 函数判断用户登录状态,代码简洁高效。
- 该函数在 WordPress 4.7.0 版本引入,广泛应用于 REST API 权限检查中,如 WP_REST_Posts_Controller、WP_REST_Users_Controller 等多个控制器。
代码示例
function rest_authorization_required_code() {
return is_user_logged_in() ? 403 : 401;
}Returns a contextual HTTP error code for authorization failure.
Return
int 401 if the user is not logged in, 403 if the user is logged in.
Source
function rest_authorization_required_code() {
return is_user_logged_in() ? 403 : 401;
}
Related
| Uses | Description |
|---|---|
is_user_logged_in()wp-includes/pluggable.php |
Determines whether the current visitor is a logged in user. |
| Used by | Description |
|---|---|
WP_REST_Abilities_V1_Run_Controller::check_ability_permissions()wp-includes/rest-api/endpoints/class-wp-rest-abilities-v1-run-controller.php |
Checks if a given request has permission to execute a specific ability. |
WP_REST_Menu_Locations_Controller::check_has_read_only_access()wp-includes/rest-api/endpoints/class-wp-rest-menu-locations-controller.php |
Checks whether the current user has read permission for the endpoint. |
WP_REST_Font_Faces_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-font-faces-controller.php |
Checks if a given request has access to a font face. |
WP_REST_Font_Faces_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-font-faces-controller.php |
Checks if a given request has access to font faces. |
WP_REST_Font_Families_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-font-families-controller.php |
Checks if a given request has access to a font family. |
WP_REST_Font_Families_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-font-families-controller.php |
Checks if a given request has access to font families. |
WP_REST_Font_Collections_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-font-collections-controller.php |
Checks whether the user has permissions to use the Fonts Collections. |
WP_REST_Template_Revisions_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-template-revisions-controller.php |
Checks if a given request has access to delete a revision. |
WP_REST_Navigation_Fallback_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-navigation-fallback-controller.php |
Checks if a given request has access to read fallbacks. |
WP_REST_Block_Patterns_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-block-patterns-controller.php |
Checks whether a given request has permission to read block patterns. |
WP_REST_Block_Pattern_Categories_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-block-pattern-categories-controller.php |
Checks whether a given request has permission to read block patterns. |
WP_REST_Global_Styles_Controller::get_theme_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php |
Checks if a given request has access to read a single theme global styles config. |
WP_REST_Menu_Items_Controller::check_has_read_only_access()wp-includes/rest-api/endpoints/class-wp-rest-menu-items-controller.php |
Checks whether the current user has read permission for the endpoint. |
WP_REST_Global_Styles_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php |
Checks if a given request has access to read a single global style. |
WP_REST_Global_Styles_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-global-styles-controller.php |
Checks if a given request has access to write a single global styles config. |
WP_REST_URL_Details_Controller::permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-url-details-controller.php |
Checks whether a given request has permission to read remote URLs. |
WP_REST_Menus_Controller::check_has_read_only_access()wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php |
Checks whether the current user has read permission for the endpoint. |
WP_REST_Edit_Site_Export_Controller::permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-edit-site-export-controller.php |
Checks whether a given request has permission to export. |
WP_REST_Widgets_Controller::permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-widgets-controller.php |
Performs a permissions check for managing widgets. |
WP_REST_Sidebars_Controller::do_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-sidebars-controller.php |
Checks if the user has permissions to make the request. |
WP_REST_Templates_Controller::permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php |
Checks if the user has permissions to make the request. |
WP_REST_Templates_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php |
Checks if a given request has access to read templates. |
WP_REST_Templates_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-templates-controller.php |
Checks if a given request has access to read a single template. |
WP_REST_Pattern_Directory_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-pattern-directory-controller.php |
Checks whether a given request has permission to view the local block pattern directory. |
WP_REST_Widget_Types_Controller::check_read_permission()wp-includes/rest-api/endpoints/class-wp-rest-widget-types-controller.php |
Checks whether the user can read widget types. |
WP_REST_Application_Passwords_Controller::get_current_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to get the currently used application password for a user. |
WP_REST_Themes_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php |
Checks if a given request has access to read the theme. |
WP_REST_Themes_Controller::check_read_active_theme_permission()wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php |
Checks if a theme can be read. |
WP_REST_Server::respond_to_request()wp-includes/rest-api/class-wp-rest-server.php |
Dispatches the request to the callback handler. |
WP_REST_Application_Passwords_Controller::do_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Performs a permissions check for the request. |
WP_REST_Application_Passwords_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to get application passwords. |
WP_REST_Application_Passwords_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to get a specific application password. |
WP_REST_Application_Passwords_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to create application passwords. |
WP_REST_Application_Passwords_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to update application passwords. |
WP_REST_Application_Passwords_Controller::delete_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to delete all application passwords for a user. |
WP_REST_Application_Passwords_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-application-passwords-controller.php |
Checks if a given request has access to delete a specific application password for a user. |
WP_REST_Block_Directory_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-block-directory-controller.php |
Checks whether a given request has permission to install and activate plugins. |
WP_REST_Plugins_Controller::plugin_status_permission_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Handle updating a plugin’s status. |
WP_REST_Plugins_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if a given request has access to get a specific plugin. |
WP_REST_Plugins_Controller::check_read_permission()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if the given plugin can be viewed by the current user. |
WP_REST_Plugins_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if a given request has access to upload plugins. |
WP_REST_Plugins_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if a given request has access to update a specific plugin. |
WP_REST_Plugins_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if a given request has access to delete a specific plugin. |
WP_REST_Plugins_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php |
Checks if a given request has access to get plugins. |
WP_REST_Block_Types_Controller::check_read_permission()wp-includes/rest-api/endpoints/class-wp-rest-block-types-controller.php |
Checks whether a given block type should be visible. |
WP_REST_Attachments_Controller::edit_media_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php |
Checks if a given request has access to editing media. |
WP_REST_Themes_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php |
Checks if a given request has access to read the theme. |
WP_REST_Autosaves_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php |
Checks if a given request has access to get autosaves. |
WP_REST_Block_Renderer_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-block-renderer-controller.php |
Checks if a given request has access to read blocks. |
WP_oEmbed_Controller::get_proxy_item_permissions_check()wp-includes/class-wp-oembed-controller.php |
Checks if current user can make a proxy oEmbed request. |
WP_REST_Meta_Fields::delete_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php |
Deletes a meta value for an object. |
WP_REST_Meta_Fields::update_multi_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php |
Updates multiple meta values for an object. |
WP_REST_Meta_Fields::update_meta_value()wp-includes/rest-api/fields/class-wp-rest-meta-fields.php |
Updates a meta value for an object. |
WP_REST_Users_Controller::check_role_update()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Determines if the current user is allowed to make the desired roles change. |
WP_REST_Users_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Checks if a given request has access delete a user. |
WP_REST_Users_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Checks if a given request has access create users. |
WP_REST_Users_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Checks if a given request has access to update a user. |
WP_REST_Users_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Permissions check for getting all users. |
WP_REST_Users_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php |
Checks if a given request has access to read a user. |
WP_REST_Revisions_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php |
Checks if a given request has access to delete a revision. |
WP_REST_Revisions_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php |
Checks if a given request has access to get revisions. |
WP_REST_Attachments_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php |
Checks if a given request has access to create an attachment. |
WP_REST_Post_Statuses_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php |
Checks if a given request has access to read a post status. |
WP_REST_Post_Statuses_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-post-statuses-controller.php |
Checks whether a given request has permission to read post statuses. |
WP_REST_Terms_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php |
Checks if a request has access to create a term. |
WP_REST_Terms_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php |
Checks if a request has access to update the specified term. |
WP_REST_Terms_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php |
Checks if a request has access to delete the specified term. |
WP_REST_Terms_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php |
Checks if a request has access to read terms in the specified taxonomy. |
WP_REST_Terms_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-terms-controller.php |
Checks if a request has access to read or edit the specified term. |
WP_REST_Posts_Controller::sanitize_post_statuses()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Sanitizes and validates the list of post statuses, including whether the user can query private statuses. |
WP_REST_Posts_Controller::handle_status_param()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Determines validity and normalizes the given status parameter. |
WP_REST_Posts_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Checks if a given request has access to update a post. |
WP_REST_Posts_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Checks if a given request has access to delete a post. |
WP_REST_Posts_Controller::delete_item()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Deletes a single post. |
WP_REST_Posts_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Checks if a given request has access to read a post. |
WP_REST_Posts_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Checks if a given request has access to create a post. |
WP_REST_Posts_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php |
Checks if a given request has access to read posts. |
WP_REST_Taxonomies_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php |
Checks if a given request has access to a taxonomy. |
WP_REST_Taxonomies_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php |
Checks whether a given request has permission to read taxonomies. |
WP_REST_Post_Types_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php |
Checks whether a given request has permission to read types. |
WP_REST_Post_Types_Controller::get_item()wp-includes/rest-api/endpoints/class-wp-rest-post-types-controller.php |
Retrieves a specific post type. |
WP_REST_Comments_Controller::update_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php |
Checks if a given REST request has access to update a comment. |
WP_REST_Comments_Controller::delete_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php |
Checks if a given request has access to delete a comment. |
WP_REST_Comments_Controller::get_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php |
Checks if a given request has access to read the comment. |
WP_REST_Comments_Controller::create_item_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php |
Checks if a given request has access to create a comment. |
WP_REST_Comments_Controller::get_items_permissions_check()wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php |
Checks if a given request has access to read comments. |
Changelog
| Version | Description |
|---|---|
| 4.7.0 | Introduced. |