[jboss-user] [JBoss Seam] - Error in Hibernate Filter With Multiple Entities

Sun, 21 Oct 2007 07:12:31 -0700 

Hi
We have followed the wiki hibernate search and filter examples, everyting works 
fine when querying a single entity, however the filter returns all records when 
multiple entities are passed to createFullTextQuery method.


  | public org.hibernate.search.jpa.FullTextQuery exeuteSearch(EntityManager 
entityManager,
  | String[] fields,String searchString,Class... entityTypes) {       
  |         org.hibernate.search.jpa.FullTextQuery query=null;
  |         if(stringBridge==null){
  |             stringBridge = new PaddedIntegerBridge();
  |         }       
  |        try{         
  |             
  |             BooleanQuery mainQuery = new BooleanQuery();
  |             
  |             BooleanQuery entityQuery = new BooleanQuery();            
  |             QueryParser parser = new MultiFieldQueryParser(fields,analyser, 
null);
  |             parser.setAllowLeadingWildcard(true);
  |             org.apache.lucene.search.Query contentSearch = 
parser.parse(searchString);
  |             entityQuery.add(contentSearch, BooleanClause.Occur.MUST);   
  |             
  |             Integer currentAccessLevel = 
(Integer)Component.getInstance("currentAccessLevel");
  |             System.out.println("currentAccessLevel Filter " + 
currentAccessLevel);
  |             org.apache.lucene.search.Query accessLimitQuery =
  |                 new 
ConstantScoreRangeQuery(SearchUtility.READ_ACCESS_LEVEL, null, 
stringBridge.objectToString(currentAccessLevel), true, true);
  |             
  |             org.apache.lucene.search.Filter accessFilter = new 
QueryFilter(accessLimitQuery);            
  |             org.apache.lucene.search.FilteredQuery accessFilterQuery = new 
org.apache.lucene.search.FilteredQuery(entityQuery, accessFilter);              
                   
  |             mainQuery.add(accessFilterQuery, BooleanClause.Occur.SHOULD);   
               
  | query=( (FullTextEntityManager)entityManager 
).createFullTextQuery(mainQuery, entityTypes);
  |             
  |         }catch(Exception ex){
  |             
  |         }        
  |         return query;
  |    }
  | 
We are using 
JBoss 4.2.1 GA
Seam 2.0 CR1

This is very dangerous as the record are visible to all users regardless of 
their read access level.

Cheers
Mo

[img][/img]

View the original post : 
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097251#4097251

Reply to the post : 
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4097251
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user

Reply via email to