protected function executeSelect(Select $select) { $selectState = $select->getRawState(); $result = parent::executeSelect($select); $result = $this->applyHook('table.select', [$result, $selectState]); return $result; }
/** * @param Select $select * @return ResultSet * @throws \RuntimeException */ protected function executeSelect(Select $select) { /** * ACL Enforcement */ $selectState = $select->getRawState(); $table = $this->getRawTableNameFromQueryStateTable($selectState['table']); // Enforce field read blacklist on Select's main table $this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST); // Enforce field read blacklist on Select's join tables foreach ($selectState['joins'] as $join) { $joinTable = $this->getRawTableNameFromQueryStateTable($join['name']); $this->acl->enforceBlacklist($joinTable, $join['columns'], Acl::FIELD_READ_BLACKLIST); } try { return parent::executeSelect($select); } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) { if ('production' !== DIRECTUS_ENV) { throw new \RuntimeException("This query failed: " . $this->dumpSql($select), 0, $e); } // @todo send developer warning throw $e; } }
/** * @param Select $select * @return ResultSet * @throws \RuntimeException */ protected function executeSelect(Select $select) { /** * ACL Enforcement */ $selectState = $select->getRawState(); $table = $this->getRawTableNameFromQueryStateTable($selectState['table']); // Enforce field read blacklist on Select's main table try { // @TODO: Enforce must return a list of columns without the blacklist // when asterisk (*) is used // and only throw and error when all the selected columns are blacklisted $this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST); } catch (\Exception $e) { if ($selectState['columns'][0] != '*') { throw $e; } $selectState['columns'] = TableSchema::getAllNonAliasTableColumns($table); $this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST); } // Enforce field read blacklist on Select's join tables foreach ($selectState['joins'] as $join) { $joinTable = $this->getRawTableNameFromQueryStateTable($join['name']); $this->acl->enforceBlacklist($joinTable, $join['columns'], Acl::FIELD_READ_BLACKLIST); } try { return $this->processSelect($selectState, parent::executeSelect($select)); } catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) { if ('production' !== DIRECTUS_ENV) { throw new \RuntimeException('This query failed: ' . $this->dumpSql($select), 0, $e); } // @todo send developer warning throw $e; } }