/**
* {@inheritdoc}
*/
public function build(ViewExecutable $view)
{
$this->view = $view;
if ($this->shouldAbort()) {
return;
}
// Setup the nested filter structure for this query.
if (!empty($this->filters)) {
// If the different groups are combined with the OR operator, we have to
// add a new OR filter to the query to which the filters for the groups
// will be added.
if ($this->group_operator === 'OR') {
$base = $this->query->createFilter('OR');
$this->query->filter($base);
} else {
$base = $this->query;
}
// Add a nested filter for each filter group, with its set conjunction.
foreach ($this->filters as $group_id => $group) {
if (!empty($group['conditions']) || !empty($group['filters'])) {
$group += array('type' => 'AND');
// For filters without a group, we want to always add them directly to
// the query.
$filter = $group_id === '' ? $this->query : $this->query->createFilter($group['type']);
if (!empty($group['conditions'])) {
foreach ($group['conditions'] as $condition) {
list($field, $value, $operator) = $condition;
$filter->condition($field, $value, $operator);
}
}
if (!empty($group['filters'])) {
foreach ($group['filters'] as $nested_filter) {
$filter->filter($nested_filter);
}
}
// If no group was given, the filters were already set on the query.
if ($group_id !== '') {
$base->filter($filter);
}
}
}
}
// Initialize the pager and let it modify the query to add limits.
$view->initPager();
$view->pager->query();
// Set the search ID, if it was not already set.
if ($this->query->getOption('search id') == get_class($this->query)) {
$this->query->setOption('search id', 'search_api_views:' . $view->storage->id() . ':' . $view->current_display);
}
// Add the "search_api_bypass_access" option to the query, if desired.
if (!empty($this->options['search_api_bypass_access'])) {
$this->query->setOption('search_api_bypass_access', TRUE);
}
// If the View and the Panel conspire to provide an overridden path then
// pass that through as the base path.
if (($path = $this->view->getPath()) && strpos(Url::fromRoute('<current>')->toString(), $this->view->override_path) !== 0) {
$this->query->setOption('search_api_base_path', $path);
}
}
/**
* Adds a node access filter to a search query, if applicable.
*
* @param \Drupal\search_api\Query\QueryInterface $query
* The query to which a node access filter should be added, if applicable.
* @param \Drupal\Core\Session\AccountInterface $account
* The user for whom the search is executed.
*
* @throws \Drupal\search_api\SearchApiException
* Thrown if not all necessary fields are indexed on the index.
*/
protected function addNodeAccess(QueryInterface $query, AccountInterface $account)
{
// Don't do anything if the user can access all content.
if ($account->hasPermission('bypass node access')) {
return;
}
// Gather the affected datasources, grouped by entity type, as well as the
// unaffected ones.
$affected_datasources = array();
$unaffected_datasources = array();
foreach ($this->index->getDatasources() as $datasource_id => $datasource) {
$entity_type = $datasource->getEntityTypeId();
if (in_array($entity_type, array('node', 'comment'))) {
$affected_datasources[$entity_type][] = $datasource_id;
} else {
$unaffected_datasources[] = $datasource_id;
}
}
// The filter structure we want looks like this:
// [belongs to other datasource]
// OR
// (
// [is enabled (or was created by the user, if applicable)]
// AND
// [grants view access to one of the user's gid/realm combinations]
// )
// If there are no "other" datasources, we don't need the nested OR,
// however, and can add the "ADD"
// @todo Add a filter tag, once they are implemented.
if ($unaffected_datasources) {
$outer_filter = $query->createFilter('OR');
$query->filter($outer_filter);
foreach ($unaffected_datasources as $datasource_id) {
$outer_filter->condition('search_api_datasource', $datasource_id);
}
$access_filter = $query->createFilter('AND');
$outer_filter->filter($access_filter);
} else {
$access_filter = $query;
}
if (!$account->hasPermission('access content')) {
unset($affected_datasources['node']);
}
if (!$account->hasPermission('access comments')) {
unset($affected_datasources['comment']);
}
// If the user does not have the permission to see any content at all, deny
// access to all items from affected datasources.
if (!$affected_datasources) {
// If there were "other" datasources, the existing filter will already
// remove all results of node or comment datasources. Otherwise, we should
// not return any results at all.
if (!$unaffected_datasources) {
// @todo More elegant way to return no results?
$query->condition('search_api_language', '');
}
return;
}
// Collect all the required fields that need to be part of the index.
$unpublished_own = $account->hasPermission('view own unpublished content');
$enabled_filter = $query->createFilter('OR');
foreach ($affected_datasources as $entity_type => $datasources) {
$published = $entity_type == 'node' ? NODE_PUBLISHED : Comment::PUBLISHED;
foreach ($datasources as $datasource_id) {
// If this is a comment datasource, or users cannot view their own
// unpublished nodes, a simple filter on "status" is enough. Otherwise,
// it's a bit more complicated.
$status_field = Utility::createCombinedId($datasource_id, 'status');
$enabled_filter->condition($status_field, $published);
if ($entity_type == 'node' && $unpublished_own) {
$author_field = Utility::createCombinedId($datasource_id, 'uid');
$enabled_filter->condition($author_field, $account->id());
}
}
}
$access_filter->filter($enabled_filter);
// Filter by the user's node access grants.
$grants_filter = $query->createFilter('OR');
$grants = node_access_grants('view', $account);
foreach ($grants as $realm => $gids) {
foreach ($gids as $gid) {
$grants_filter->condition('search_api_node_grants', "node_access_{$realm}:{$gid}");
}
}
// Also add items that are accessible for everyone by checking the "access
// all" pseudo grant.
$grants_filter->condition('search_api_node_grants', 'node_access__all');
$access_filter->filter($grants_filter);
}
