Author: david
Date: Fri Oct 23 21:17:37 2009
New Revision: 3819
Log:
Move code for filtering lucence search by draft status and repository into
QubitAcl methods to re-use in search.
Modified:
trunk/apps/qubit/modules/informationobject/actions/listAction.class.php
trunk/plugins/qbAclPlugin/lib/QubitAcl.class.php
Modified:
trunk/apps/qubit/modules/informationobject/actions/listAction.class.php
==============================================================================
--- trunk/apps/qubit/modules/informationobject/actions/listAction.class.php
Fri Oct 23 18:05:14 2009 (r3818)
+++ trunk/apps/qubit/modules/informationobject/actions/listAction.class.php
Fri Oct 23 21:17:37 2009 (r3819)
@@ -81,98 +81,8 @@
$query = $request->query;
}
- $deniedRepositories = array();
- $repositoryAccess = QubitAcl::getRepositoryAccess(QubitAclAction::READ_ID);
- if (1 == count($repositoryAccess))
- {
- // If all repositories are denied 'read' access, re-route user to login
- if (QubitAcl::DENY == $repositoryAccess[0]['access'])
- {
- QubitAcl::forwardUnauthorized();
- }
- }
- else
- {
- $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
- while ($repo = array_shift($repositoryAccess))
- {
- if ('*' != $repo['id'])
- {
- $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'));
- if (QubitAcl::DENY == $repo['access'])
- {
- $deniedRepositories[] = $repo['id'];
- }
- }
- else
- {
- if (QubitAcl::DENY == $repo['access'])
- {
- // Require repos to be specifically allowed (all others prohibited)
- $query->addSubquery($subquery, true /* required */);
- }
- else
- {
- // Prohibit specified repos (all others allowed)
- $query->addSubquery($subquery, false /* prohibited */);
- }
- }
- }
- }
-
- // Filter out 'draft' items by repository
- $repositoryViewDrafts =
QubitAcl::getRepositoryAccess(QubitAclAction::VIEW_DRAFT_ID);
- if (1 == count($repositoryViewDrafts))
- {
- if (QubitAcl::DENY == $repositoryViewDrafts[0]['access'])
- {
- // Don't show *any* draft info objects
- $query->addSubquery(new Zend_Search_Lucene_Search_Query_Term(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_DRAFT_ID,
'publicationStatusId')), false);
- }
- }
- else
- {
- // Get last rule in list, it will be the global rule with the opposite
- // access of the preceeding rules (e.g. if last rule is "DENY ALL" then
- // preceeding rules will be "ALLOW" rules)
- $globalRule = array_pop($repositoryViewDrafts);
-
- // If global rule is GRANT, then listed repos are exceptions so remove
- // from results
- if (QubitAcl::GRANT == $globalRule['access'])
- {
- while ($repo = array_shift($repositoryViewDrafts))
- {
- // Don't bother excluding repos (again) that have no read access at
all
- if (in_array($repo['id'], $deniedRepositories))
- {
- continue;
- }
-
- $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
- $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'), true);
- $subquery->addTerm(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_DRAFT_ID,
'publicationStatusId'), true);
-
- // Filter rule should look like: "-(+id:356 +status:draft) -(+id:357
+status:draft)"
- $query->addSubquery($subquery, false /* prohibited */);
- }
- }
-
- // If global rule is DENY, then only show the listed repo drafts
- else
- {
- $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
-
- while ($repo = array_shift($repositoryViewDrafts))
- {
- $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'), null);
- }
- $subquery->addTerm(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_PUBLISHED_ID,
'publicationStatusId'), null);
-
- // Filter rule should look like "+(id:(356 357 358) status:published)"
- $query->addSubquery($subquery, true /* required */);
- }
- }
+ $query = QubitAcl::searchFilterByRepository($query,
QubitAclAction::READ_ID);
+ $query = QubitAcl::searchFilterDrafts($query);
$this->pager = new QubitSearchPager;
$this->pager->hits = $search->getEngine()->getIndex()->find($query);
Modified: trunk/plugins/qbAclPlugin/lib/QubitAcl.class.php
==============================================================================
--- trunk/plugins/qbAclPlugin/lib/QubitAcl.class.php Fri Oct 23 18:05:14
2009 (r3818)
+++ trunk/plugins/qbAclPlugin/lib/QubitAcl.class.php Fri Oct 23 21:17:37
2009 (r3819)
@@ -464,4 +464,107 @@
throw new sfStopException();
}
+
+ public static function searchFilterByRepository($query, $action)
+ {
+ $deniedRepositories = array();
+ $repositoryAccess = QubitAcl::getRepositoryAccess($action);
+ if (1 == count($repositoryAccess))
+ {
+ // If all repositories are denied access, re-route user to login
+ if (QubitAcl::DENY == $repositoryAccess[0]['access'])
+ {
+ QubitAcl::forwardUnauthorized();
+ }
+ }
+ else
+ {
+ $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
+ while ($repo = array_shift($repositoryAccess))
+ {
+ if ('*' != $repo['id'])
+ {
+ $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'));
+ if (QubitAcl::DENY == $repo['access'])
+ {
+ $deniedRepositories[] = $repo['id'];
+ }
+ }
+ else
+ {
+ if (QubitAcl::DENY == $repo['access'])
+ {
+ // Require repos to be specifically allowed (all others prohibited)
+ $query->addSubquery($subquery, true /* required */);
+ }
+ else
+ {
+ // Prohibit specified repos (all others allowed)
+ $query->addSubquery($subquery, false /* prohibited */);
+ }
+ }
+ }
+ }
+
+ return $query;
+ }
+
+ public static function searchFilterDrafts($query)
+ {
+ // Filter out 'draft' items by repository
+ $repositoryViewDrafts =
QubitAcl::getRepositoryAccess(QubitAclAction::VIEW_DRAFT_ID);
+ if (1 == count($repositoryViewDrafts))
+ {
+ if (QubitAcl::DENY == $repositoryViewDrafts[0]['access'])
+ {
+ // Don't show *any* draft info objects
+ $query->addSubquery(new Zend_Search_Lucene_Search_Query_Term(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_DRAFT_ID,
'publicationStatusId')), false);
+ }
+ }
+ else
+ {
+ // Get last rule in list, it will be the global rule with the opposite
+ // access of the preceeding rules (e.g. if last rule is "DENY ALL" then
+ // preceeding rules will be "ALLOW" rules)
+ $globalRule = array_pop($repositoryViewDrafts);
+
+ // If global rule is GRANT, then listed repos are exceptions so remove
+ // from results
+ if (QubitAcl::GRANT == $globalRule['access'])
+ {
+ while ($repo = array_shift($repositoryViewDrafts))
+ {
+ // Don't bother excluding repos (again) that have no read access at
all
+ if (in_array($repo['id'], $deniedRepositories))
+ {
+ continue;
+ }
+
+ $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
+ $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'), true);
+ $subquery->addTerm(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_DRAFT_ID,
'publicationStatusId'), true);
+
+ // Filter rule should look like: "-(+id:356 +status:draft) -(+id:357
+status:draft)"
+ $query->addSubquery($subquery, false /* prohibited */);
+ }
+ }
+
+ // If global rule is DENY, then only show the listed repo drafts
+ else
+ {
+ $subquery = new Zend_Search_Lucene_Search_Query_MultiTerm();
+
+ while ($repo = array_shift($repositoryViewDrafts))
+ {
+ $subquery->addTerm(new Zend_Search_Lucene_Index_Term($repo['id'],
'repositoryid'), null);
+ }
+ $subquery->addTerm(new
Zend_Search_Lucene_Index_Term(QubitTerm::PUBLICATION_STATUS_PUBLISHED_ID,
'publicationStatusId'), null);
+
+ // Filter rule should look like "+(id:(356 357 358) status:published)"
+ $query->addSubquery($subquery, true /* required */);
+ }
+ }
+
+ return $query;
+ }
}
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Qubit Toolkit Commits" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.ca/group/qubit-commits?hl=en
-~----------~----~----~----~------~----~------~--~---
