protected function executeSelect(Select $select)
{
$selectState = $select->getRawState();
$result = parent::executeSelect($select);
$result = $this->applyHook('table.select', [$result, $selectState]);
return $result;
}
/**
* @param Select $select
* @return ResultSet
* @throws \RuntimeException
*/
protected function executeSelect(Select $select)
{
/**
* ACL Enforcement
*/
$selectState = $select->getRawState();
$table = $this->getRawTableNameFromQueryStateTable($selectState['table']);
// Enforce field read blacklist on Select's main table
$this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST);
// Enforce field read blacklist on Select's join tables
foreach ($selectState['joins'] as $join) {
$joinTable = $this->getRawTableNameFromQueryStateTable($join['name']);
$this->acl->enforceBlacklist($joinTable, $join['columns'], Acl::FIELD_READ_BLACKLIST);
}
try {
return parent::executeSelect($select);
} catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) {
if ('production' !== DIRECTUS_ENV) {
throw new \RuntimeException("This query failed: " . $this->dumpSql($select), 0, $e);
}
// @todo send developer warning
throw $e;
}
}
/**
* @param Select $select
* @return ResultSet
* @throws \RuntimeException
*/
protected function executeSelect(Select $select)
{
/**
* ACL Enforcement
*/
$selectState = $select->getRawState();
$table = $this->getRawTableNameFromQueryStateTable($selectState['table']);
// Enforce field read blacklist on Select's main table
try {
// @TODO: Enforce must return a list of columns without the blacklist
// when asterisk (*) is used
// and only throw and error when all the selected columns are blacklisted
$this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST);
} catch (\Exception $e) {
if ($selectState['columns'][0] != '*') {
throw $e;
}
$selectState['columns'] = TableSchema::getAllNonAliasTableColumns($table);
$this->acl->enforceBlacklist($table, $selectState['columns'], Acl::FIELD_READ_BLACKLIST);
}
// Enforce field read blacklist on Select's join tables
foreach ($selectState['joins'] as $join) {
$joinTable = $this->getRawTableNameFromQueryStateTable($join['name']);
$this->acl->enforceBlacklist($joinTable, $join['columns'], Acl::FIELD_READ_BLACKLIST);
}
try {
return $this->processSelect($selectState, parent::executeSelect($select));
} catch (\Zend\Db\Adapter\Exception\InvalidQueryException $e) {
if ('production' !== DIRECTUS_ENV) {
throw new \RuntimeException('This query failed: ' . $this->dumpSql($select), 0, $e);
}
// @todo send developer warning
throw $e;
}
}
