Skip to content

Commit

Permalink
Ensure ML sub-assigned template location fields still work when logge…
Browse files Browse the repository at this point in the history
…d out.
  • Loading branch information
kodinkat committed Oct 29, 2024
1 parent 3612b9b commit 1d72e2f
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 3 deletions.
4 changes: 3 additions & 1 deletion dt-mapping/mapping.php
Original file line number Diff line number Diff line change
Expand Up @@ -470,7 +470,9 @@ public function delete_sublocation( WP_REST_Request $request ) {
}

public function search_location_grid_by_name( WP_REST_Request $request ){
if ( ! current_user_can( 'read_location' ) && ! $this->permissions ) {

// Support ML HTTP Bypass.
if ( !isset( $_SERVER['HTTP_DT_MAGIC_LINK'] ) && ( !current_user_can( 'read_location' ) && !$this->permissions ) ) {
return new WP_Error( __FUNCTION__, 'No permissions to read locations', [ 'status' => 403 ] );
}
$params = $request->get_params();
Expand Down
12 changes: 10 additions & 2 deletions dt-reports/magic-url-base.php
Original file line number Diff line number Diff line change
Expand Up @@ -308,8 +308,16 @@ public function theme_redirect() {
* @return bool
*/
public function authorize_url( $authorized ){
if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ), $this->root . '/v1/'.$this->type ) !== false ) {
$authorized = true;
if ( isset( $_SERVER['REQUEST_URI'] ) ) {
$request_uri = sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) );

if ( strpos( $request_uri, $this->root . '/v1/' . $this->type ) !== false ) {
$authorized = true;

// Ensure location fields remain accessible for sub-assigned templates.
} else if ( ( $this->root === 'templates' ) && ( strpos( $request_uri, 'search_location_grid_by_name' ) !== false ) ) {
$authorized = true;
}
}
return $authorized;
}
Expand Down

0 comments on commit 1d72e2f

Please sign in to comment.