By default conversations could be shared with others with a simple url, with this the conversation’s customer id is validated first.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php // don't include this in your functions.php, since the start of the file should already have it | |
| function hsd_get_conversation_filter( $conversation ) { | |
| $conversation_customer_id = $conversation['item']['customer']['id']; | |
| $current_user_customer_ids = HelpScout_API::get_user_customer_ids(); | |
| if ( ! in_array( $conversation_customer_id, $current_user_customer_ids ) ) { | |
| return _e( 'Unauthorized Access.', 'sprout-invoices' ); | |
| } | |
| return $conversation; | |
| } | |
| add_filter( 'hsd_get_conversation', 'hsd_get_conversation_filter' ); |
by