From 8202a43d6cd66ae5cec9151ca349d99f21822e73 Mon Sep 17 00:00:00 2001
From: Christian Wach <needle@haystack.co.uk>
Date: Tue, 30 Sep 2025 14:02:51 +0100
Subject: [PATCH] Allow API v4 to be accessed via WP REST

---
 wp-rest/Controller/Rest.php | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/wp-rest/Controller/Rest.php b/wp-rest/Controller/Rest.php
index bc231a5..9ab60ae 100644
--- a/wp-rest/Controller/Rest.php
+++ b/wp-rest/Controller/Rest.php
@@ -122,7 +122,16 @@ public function get_items($request) {
     $params = apply_filters('civi_wp_rest/controller/rest/api_params', $this->get_formatted_api_params($request), $request);
 
     try {
-      $items = civicrm_api3(...$params);
+
+      if (!empty($params[2]) && $params[2]['version'] === 3) {
+        unset($params[2]['version']);
+        $items = civicrm_api3(...$params);
+      }
+      else {
+        unset($params[2]['version']);
+        $items = civicrm_api4(...$params);
+      }
+
     }
     catch (\CRM_Core_Exception $e) {
       $items = $this->civi_rest_error($e);
@@ -211,19 +220,27 @@ public function get_formatted_api_params($request) {
     unset($args['entity'], $args['action'], $args['key'], $args['api_key']);
 
     if (!isset($args['json']) || is_numeric($args['json'])) {
-
       $params = $args;
-
     }
-
     else {
-
       $params = is_string($args['json']) ? json_decode($args['json'], TRUE) : [];
+    }
 
+    // Set API version.
+    if (empty($params['version'])) {
+      $params['version'] = 3;
+    }
+    else {
+      $params['version'] = (int) $params['version'];
     }
 
     // Ensure check permissions is enabled.
-    $params['check_permissions'] = TRUE;
+    if ($params['version'] === 3) {
+      $params['check_permissions'] = TRUE;
+    }
+    elseif ($params['version'] === 4) {
+      $params['checkPermissions'] = TRUE;
+    }
 
     return [$entity, $action, $params];