/** * {@inheritdoc} */ public function build(ViewExecutable $view) { $this->view = $view; if ($this->shouldAbort()) { return; } // Setup the nested filter structure for this query. if (!empty($this->filters)) { // If the different groups are combined with the OR operator, we have to // add a new OR filter to the query to which the filters for the groups // will be added. if ($this->group_operator === 'OR') { $base = $this->query->createFilter('OR'); $this->query->filter($base); } else { $base = $this->query; } // Add a nested filter for each filter group, with its set conjunction. foreach ($this->filters as $group_id => $group) { if (!empty($group['conditions']) || !empty($group['filters'])) { $group += array('type' => 'AND'); // For filters without a group, we want to always add them directly to // the query. $filter = $group_id === '' ? $this->query : $this->query->createFilter($group['type']); if (!empty($group['conditions'])) { foreach ($group['conditions'] as $condition) { list($field, $value, $operator) = $condition; $filter->condition($field, $value, $operator); } } if (!empty($group['filters'])) { foreach ($group['filters'] as $nested_filter) { $filter->filter($nested_filter); } } // If no group was given, the filters were already set on the query. if ($group_id !== '') { $base->filter($filter); } } } } // Initialize the pager and let it modify the query to add limits. $view->initPager(); $view->pager->query(); // Set the search ID, if it was not already set. if ($this->query->getOption('search id') == get_class($this->query)) { $this->query->setOption('search id', 'search_api_views:' . $view->storage->id() . ':' . $view->current_display); } // Add the "search_api_bypass_access" option to the query, if desired. if (!empty($this->options['search_api_bypass_access'])) { $this->query->setOption('search_api_bypass_access', TRUE); } // If the View and the Panel conspire to provide an overridden path then // pass that through as the base path. if (($path = $this->view->getPath()) && strpos(Url::fromRoute('<current>')->toString(), $this->view->override_path) !== 0) { $this->query->setOption('search_api_base_path', $path); } }
/** * Adds a node access filter to a search query, if applicable. * * @param \Drupal\search_api\Query\QueryInterface $query * The query to which a node access filter should be added, if applicable. * @param \Drupal\Core\Session\AccountInterface $account * The user for whom the search is executed. * * @throws \Drupal\search_api\SearchApiException * Thrown if not all necessary fields are indexed on the index. */ protected function addNodeAccess(QueryInterface $query, AccountInterface $account) { // Don't do anything if the user can access all content. if ($account->hasPermission('bypass node access')) { return; } // Gather the affected datasources, grouped by entity type, as well as the // unaffected ones. $affected_datasources = array(); $unaffected_datasources = array(); foreach ($this->index->getDatasources() as $datasource_id => $datasource) { $entity_type = $datasource->getEntityTypeId(); if (in_array($entity_type, array('node', 'comment'))) { $affected_datasources[$entity_type][] = $datasource_id; } else { $unaffected_datasources[] = $datasource_id; } } // The filter structure we want looks like this: // [belongs to other datasource] // OR // ( // [is enabled (or was created by the user, if applicable)] // AND // [grants view access to one of the user's gid/realm combinations] // ) // If there are no "other" datasources, we don't need the nested OR, // however, and can add the "ADD" // @todo Add a filter tag, once they are implemented. if ($unaffected_datasources) { $outer_filter = $query->createFilter('OR'); $query->filter($outer_filter); foreach ($unaffected_datasources as $datasource_id) { $outer_filter->condition('search_api_datasource', $datasource_id); } $access_filter = $query->createFilter('AND'); $outer_filter->filter($access_filter); } else { $access_filter = $query; } if (!$account->hasPermission('access content')) { unset($affected_datasources['node']); } if (!$account->hasPermission('access comments')) { unset($affected_datasources['comment']); } // If the user does not have the permission to see any content at all, deny // access to all items from affected datasources. if (!$affected_datasources) { // If there were "other" datasources, the existing filter will already // remove all results of node or comment datasources. Otherwise, we should // not return any results at all. if (!$unaffected_datasources) { // @todo More elegant way to return no results? $query->condition('search_api_language', ''); } return; } // Collect all the required fields that need to be part of the index. $unpublished_own = $account->hasPermission('view own unpublished content'); $enabled_filter = $query->createFilter('OR'); foreach ($affected_datasources as $entity_type => $datasources) { $published = $entity_type == 'node' ? NODE_PUBLISHED : Comment::PUBLISHED; foreach ($datasources as $datasource_id) { // If this is a comment datasource, or users cannot view their own // unpublished nodes, a simple filter on "status" is enough. Otherwise, // it's a bit more complicated. $status_field = Utility::createCombinedId($datasource_id, 'status'); $enabled_filter->condition($status_field, $published); if ($entity_type == 'node' && $unpublished_own) { $author_field = Utility::createCombinedId($datasource_id, 'uid'); $enabled_filter->condition($author_field, $account->id()); } } } $access_filter->filter($enabled_filter); // Filter by the user's node access grants. $grants_filter = $query->createFilter('OR'); $grants = node_access_grants('view', $account); foreach ($grants as $realm => $gids) { foreach ($gids as $gid) { $grants_filter->condition('search_api_node_grants', "node_access_{$realm}:{$gid}"); } } // Also add items that are accessible for everyone by checking the "access // all" pseudo grant. $grants_filter->condition('search_api_node_grants', 'node_access__all'); $access_filter->filter($grants_filter); }