WP_REST_Plugins_Controller::plugin_status_permission_check() WordPress Method

	protected function plugin_status_permission_check( $plugin, $new_status, $current_status ) {
		if ( is_multisite() && ( 'network-active' === $current_status || 'network-active' === $new_status ) && ! current_user_can( 'manage_network_plugins' ) ) {
			return new WP_Error(
				'rest_cannot_manage_network_plugins',
				__( 'Sorry, you are not allowed to manage network plugins.' ),
				array( 'status' => rest_authorization_required_code() )
			);
		}

		if ( ( 'active' === $new_status || 'network-active' === $new_status ) && ! current_user_can( 'activate_plugin', $plugin ) ) {
			return new WP_Error(
				'rest_cannot_activate_plugin',
				__( 'Sorry, you are not allowed to activate this plugin.' ),
				array( 'status' => rest_authorization_required_code() )
			);
		}

		if ( 'inactive' === $new_status && ! current_user_can( 'deactivate_plugin', $plugin ) ) {
			return new WP_Error(
				'rest_cannot_deactivate_plugin',
				__( 'Sorry, you are not allowed to deactivate this plugin.' ),
				array( 'status' => rest_authorization_required_code() )
			);
		}

		return true;
	}
Uses	Description
wp-includes/rest-api.php:rest_authorization_required_code()	Returns a contextual HTTP error code for authorization failure.
wp-includes/capabilities.php:current_user_can()	Returns whether the current user has the specified capability.
wp-includes/l10n.php:__()	Retrieve the translation of $text.
wp-includes/load.php:is_multisite()	If Multisite is enabled.
wp-includes/class-wp-error.php:WP_Error::__construct()	Initializes the error.
Used By	Description
wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::create_item()	Uploads a plugin and optionally activates it.
wp-includes/rest-api/endpoints/class-wp-rest-plugins-controller.php:WP_REST_Plugins_Controller::update_item_permissions_check()	Checks if a given request has access to update a specific plugin.