From e4c0c989a0c4c1369a3a352f58024318494d6433 Mon Sep 17 00:00:00 2001
From: Md Mehedi Hasan <bdmehedi92@gmail.com>
Date: Mon, 16 Feb 2026 16:06:31 +0600
Subject: [PATCH] Refactor form permission checking to streamline capability
 verification

---
 includes/Rest/Forms.php | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/includes/Rest/Forms.php b/includes/Rest/Forms.php
index 78fb050..397b4ac 100644
--- a/includes/Rest/Forms.php
+++ b/includes/Rest/Forms.php
@@ -135,16 +135,11 @@ public function permission( $request ) {
             return false;
         }
 
-        // 2. Check user has appropriate weMail role-based capabilities
-        if ( ! function_exists( 'wemail' ) || ! method_exists( wemail(), 'user' ) ) {
-            return false;
-        }
-
         if ( ! wemail()->user->can( 'manage_form' ) ) {
             return false;
         }
 
-        // 3. Require nonce verification for CSRF protection
+        // 2. Require nonce verification for CSRF protection
         $nonce = $request->get_header( 'X-WP-Nonce' );
         if ( ! $nonce || ! wp_verify_nonce( $nonce, 'wp_rest' ) ) {
             return false;