Using Gravity Forms ‘gform_rest_api_capability_get_entries’ PHP filter

The gform_rest_api_capability_get_entries filter allows you to modify the capability required to get entries via the Gravity Forms REST API v2.

Usage

add_filter('gform_rest_api_capability_get_entries', 'your_function_name', 10, 2);

Parameters

  • $capability (string) – The capability required. Defaults to ‘gravityforms_view_entries’.
  • $request (WP_REST_Request) – Full data about the request.

More information

See Gravity Forms Docs: gform_rest_api_capability_get_entries

Examples

Change required capability

Change the required capability to get entries via the REST API v2.

add_filter('gform_rest_api_capability_get_entries', 'change_get_entries_capability', 10, 2);

function change_get_entries_capability($capability, $request) {
    return 'my_custom_capability';
}

Restrict access to a specific user role

Restrict access to get entries via the REST API v2 for users with the ‘editor’ role.

add_filter('gform_rest_api_capability_get_entries', 'restrict_access_for_editors', 10, 2);

function restrict_access_for_editors($capability, $request) {
    $user = wp_get_current_user();
    if (in_array('editor', $user->roles)) {
        return 'do_not_allow';
    }
    return $capability;
}

Allow access for specific form ID

Allow access to get entries only for a specific form with ID 5.

add_filter('gform_rest_api_capability_get_entries', 'allow_specific_form_access', 10, 2);

function allow_specific_form_access($capability, $request) {
    $form_id = $request->get_param('form_id');
    if ($form_id == 5) {
        return 'gravityforms_view_entries';
    }
    return 'do_not_allow';
}

Restrict access based on custom user meta

Restrict access to get entries via the REST API v2 based on a custom user meta value.

add_filter('gform_rest_api_capability_get_entries', 'restrict_based_on_user_meta', 10, 2);

function restrict_based_on_user_meta($capability, $request) {
    $user = wp_get_current_user();
    $can_access = get_user_meta($user->ID, 'can_access_gf_entries', true);
    if ($can_access === 'yes') {
        return $capability;
    }
    return 'do_not_allow';
}

Allow access for entries created by the current user

Allow access to get entries via the REST API v2 only for entries created by the current user.

add_filter('gform_rest_api_capability_get_entries', 'allow_access_own_entries', 10, 2);

function allow_access_own_entries($capability, $request) {
    $user = wp_get_current_user();
    $entry_creator = rgar($entry, 'created_by');
    if ($entry_creator == $user->ID) {
        return $capability;
    }
    return 'do_not_allow';
}