diff --git a/inc/api/class-opalestate-base-api.php b/inc/api/class-opalestate-base-api.php
index 58613bdd..c0198a5d 100644
--- a/inc/api/class-opalestate-base-api.php
+++ b/inc/api/class-opalestate-base-api.php
@@ -144,6 +144,17 @@ abstract class Opalestate_Base_API {
 		return apply_filters( 'opalestate_api_results_per_page', $per_page );
 	}
 
+	/**
+	 * Get object.
+	 *
+	 * @param  int $id Object ID.
+	 * @return object WC_Data object or WP_Error object.
+	 */
+	protected function get_object( $id ) {
+		// translators: %s: Class method name.
+		return new WP_Error( 'invalid-method', sprintf( __( "Method '%s' not implemented. Must be overridden in subclass.", 'opalestate-pro' ), __METHOD__ ), array( 'status' => 405 ) );
+	}
+
 	/**
 	 * Displays a missing authentication error if all the parameters aren't
 	 * provided
@@ -161,8 +172,6 @@ abstract class Opalestate_Base_API {
 	 * credentials
 	 *
 	 * @access private
-	 * @since  1.1
-	 * @uses   Opaljob_API::output()
 	 * @return WP_Error with message key rest_forbidden
 	 */
 	private function invalid_auth() {
@@ -195,6 +204,22 @@ abstract class Opalestate_Base_API {
 		return true;
 	}
 
+	/**
+	 * Check if a given request has access to read an item.
+	 *
+	 * @param  WP_REST_Request $request Full details about the request.
+	 * @return WP_Error|boolean
+	 */
+	public function get_item_permissions_check( $request ) {
+		$object = $this->get_object( (int) $request['id'] );
+
+		if ( $object && 0 !== $object->get_id() && ! opalestate_rest_check_post_permissions( $this->post_type, 'read', $object->get_id() ) ) {
+			return new WP_Error( 'opalestate_rest_cannot_view', __( 'Sorry, you cannot view this resource.', 'opalestate-pro' ), array( 'status' => rest_authorization_required_code() ) );
+		}
+
+		return true;
+	}
+
 	/**
 	 * Check if a given request has access to create an item.
 	 *
@@ -209,6 +234,22 @@ abstract class Opalestate_Base_API {
 		return true;
 	}
 
+	/**
+	 * Check if a given request has access to update an item.
+	 *
+	 * @param  WP_REST_Request $request Full details about the request.
+	 * @return WP_Error|boolean
+	 */
+	public function update_item_permissions_check( $request ) {
+		$object = $this->get_object( (int) $request['id'] );
+
+		if ( $object && 0 !== $object->get_id() && ! opalestate_rest_check_post_permissions( $this->post_type, 'edit', $object->get_id() ) ) {
+			return new WP_Error( 'opalestate_rest_cannot_edit', __( 'Sorry, you are not allowed to edit this resource.', 'opalestate-pro' ), array( 'status' => rest_authorization_required_code() ) );
+		}
+
+		return true;
+	}
+
 	/**
 	 * Get the query params for collections of attachments.
 	 *
diff --git a/inc/api/v1/agency.php b/inc/api/v1/agency.php
index 1a19c94e..695aaa1e 100755
--- a/inc/api/v1/agency.php
+++ b/inc/api/v1/agency.php
@@ -1,13 +1,4 @@
 <?php
-/**
- * Define
- * Note: only use for internal purpose.
- *
- * @package     OpalJob
- * @copyright   Copyright (c) 2019, WpOpal <https://www.wpopal.com>
- * @license     https://opensource.org/licenses/gpl-license GNU Public License
- * @since       1.0
- */
 // Exit if accessed directly.
 if ( ! defined( 'ABSPATH' ) ) {
 	exit;
@@ -16,7 +7,6 @@ if ( ! defined( 'ABSPATH' ) ) {
 /**
  * @class      Job_Api
  *
- * @since      1.0.0
  * @package    Opal_Job
  * @subpackage Opal_Job/controllers
  */
@@ -25,7 +15,6 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 	/**
 	 * The unique identifier of the route resource.
 	 *
-	 * @since    1.0.0
 	 * @access   public
 	 * @var      string $base .
 	 */
@@ -42,9 +31,6 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 	 * Register Routes
 	 *
 	 * Register all CURD actions with POST/GET/PUT and calling function for each
-	 *
-	 * @since 1.0
-	 *
 	 */
 	public function register_routes() {
 		/**
@@ -107,6 +93,16 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 		);
 	}
 
+	/**
+	 * Get object.
+	 *
+	 * @param int $id Object ID.
+	 *
+	 * @return Opalestate_Agency
+	 */
+	protected function get_object( $id ) {
+		return opalesetate_agency( $id );
+	}
 
 	/**
 	 * Get List Of agencies.
@@ -114,8 +110,6 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 	 * Based on request to get collection
 	 *
 	 * @return WP_REST_Response is json data
-	 * @since 1.0
-	 *
 	 */
 	public function get_items( $request ) {
 		$agencies['agencies'] = [];
@@ -149,8 +143,6 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 	 * Based on request to get a agency.
 	 *
 	 * @return WP_REST_Response is json data
-	 * @since 1.0
-	 *
 	 */
 	public function get_item( $request ) {
 		$response = [];
@@ -177,9 +169,7 @@ class Opalestate_Agency_Api extends Opalestate_Base_API {
 	 *
 	 * @param object $agency_info The Download Post Object
 	 *
-	 * @return array                Array of post data to return back in the API
-	 * @since  1.0
-	 *
+	 * @return array Array of post data to return back in the API
 	 */
 	public function get_agency_data( $agency_info ) {
 		$agency                 = new OpalEstate_Agency( $agency_info->ID );
diff --git a/inc/api/v1/property.php b/inc/api/v1/property.php
index a44ca910..2db9093a 100644
--- a/inc/api/v1/property.php
+++ b/inc/api/v1/property.php
@@ -7,7 +7,6 @@ if ( ! defined( 'ABSPATH' ) ) {
 /**
  * Property_Api
  *
- * @since      1.0.0
  * @package    Property_Api
  */
 class Opalestate_Property_Api extends Opalestate_Base_API {
@@ -15,7 +14,6 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 	/**
 	 * The unique identifier of the route resource.
 	 *
-	 * @since    1.0.0
 	 * @access   public
 	 * @var      string $base .
 	 */
@@ -32,9 +30,6 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 	 * Register Routes
 	 *
 	 * Register all CURD actions with POST/GET/PUT and calling function for each
-	 *
-	 * @since 1.0
-	 *
 	 */
 	public function register_routes() {
 		/**
@@ -52,11 +47,11 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 					'permission_callback' => [ $this, 'get_items_permissions_check' ],
 					'args'                => $this->get_collection_params(),
 				],
-				// [
-				// 	'methods'  => WP_REST_Server::CREATABLE,
-				// 	'callback' => [ $this, 'create_item' ],
-				// 	// 'permission_callback' => [ $this, 'create_item_permissions_check' ],
-				// ],
+				[
+					'methods'  => WP_REST_Server::CREATABLE,
+					'callback' => [ $this, 'create_item' ],
+					'permission_callback' => [ $this, 'create_item_permissions_check' ],
+				],
 			]
 		);
 
@@ -109,6 +104,17 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 		);
 	}
 
+	/**
+	 * Get object.
+	 *
+	 * @param int $id Object ID.
+	 *
+	 * @return Opalestate_Property
+	 */
+	protected function get_object( $id ) {
+		return opalesetate_property( $id );
+	}
+
 	/**
 	 * Get List Of Properties
 	 *
@@ -152,8 +158,6 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 	 * Based on request to get a property.
 	 *
 	 * @return WP_REST_Response is json data
-	 * @since 1.0
-	 *
 	 */
 	public function get_item( $request ) {
 		$response = [];
@@ -214,9 +218,7 @@ class Opalestate_Property_Api extends Opalestate_Base_API {
 	 *
 	 * @param object $property_info The Download Post Object
 	 *
-	 * @return array                Array of post data to return back in the API
-	 * @since  1.0
-	 *
+	 * @return array Array of post data to return back in the API
 	 */
 	private function get_property_data( $property_info ) {
 		return opalestate_api_get_property_data( $property_info );