The gform_rest_api_capability_get_entries filter allows you to modify the capability required to get entries via the Gravity Forms REST API v2.
Usage
add_filter('gform_rest_api_capability_get_entries', 'your_function_name', 10, 2);
Parameters
- $capability (string) – The capability required. Defaults to ‘gravityforms_view_entries’.
- $request (WP_REST_Request) – Full data about the request.
More information
See Gravity Forms Docs: gform_rest_api_capability_get_entries
Examples
Change required capability
Change the required capability to get entries via the REST API v2.
add_filter('gform_rest_api_capability_get_entries', 'change_get_entries_capability', 10, 2);
function change_get_entries_capability($capability, $request) {
return 'my_custom_capability';
}
Restrict access to a specific user role
Restrict access to get entries via the REST API v2 for users with the ‘editor’ role.
add_filter('gform_rest_api_capability_get_entries', 'restrict_access_for_editors', 10, 2);
function restrict_access_for_editors($capability, $request) {
$user = wp_get_current_user();
if (in_array('editor', $user->roles)) {
return 'do_not_allow';
}
return $capability;
}
Allow access for specific form ID
Allow access to get entries only for a specific form with ID 5.
add_filter('gform_rest_api_capability_get_entries', 'allow_specific_form_access', 10, 2);
function allow_specific_form_access($capability, $request) {
$form_id = $request->get_param('form_id');
if ($form_id == 5) {
return 'gravityforms_view_entries';
}
return 'do_not_allow';
}
Restrict access based on custom user meta
Restrict access to get entries via the REST API v2 based on a custom user meta value.
add_filter('gform_rest_api_capability_get_entries', 'restrict_based_on_user_meta', 10, 2);
function restrict_based_on_user_meta($capability, $request) {
$user = wp_get_current_user();
$can_access = get_user_meta($user->ID, 'can_access_gf_entries', true);
if ($can_access === 'yes') {
return $capability;
}
return 'do_not_allow';
}
Allow access for entries created by the current user
Allow access to get entries via the REST API v2 only for entries created by the current user.
add_filter('gform_rest_api_capability_get_entries', 'allow_access_own_entries', 10, 2);
function allow_access_own_entries($capability, $request) {
$user = wp_get_current_user();
$entry_creator = rgar($entry, 'created_by');
if ($entry_creator == $user->ID) {
return $capability;
}
return 'do_not_allow';
}