Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
/**
* Alters a multi search query to add node access checks.
*
* @param SearchApiMultiQueryInterface $query
* The executed search query.
*/
function hook_search_api_multi_query_alter(SearchApiMultiQueryInterface $query) {
global $user;
$indexes = $query->getIndexes();
if (isset($indexes['default_node_index'])) {
$index = $indexes['default_node_index'];
$type = $index->getEntityType();
if (!empty($index->options['data_alter_callbacks']["search_api_alter_{$type}_access"]['status']) && !$query->getOption('search_api_bypass_access')) {
$account = $query->getOption('search_api_access_account', $user);
if (is_numeric($account)) {
$account = user_load($account);
}
if (is_object($account)) {
try {
//sm_search_api_access_node
// Filter by node access grants.
$filter = $query->createFilter('OR');
$filter->condition('search_api_multi_index', 'default_node_index', '<>');
$grants = node_access_grants('view', $account);
foreach ($grants as $realm => $gids) {
foreach ($gids as $gid) {
$filter->condition('default_node_index:search_api_access_node', "node_access_$realm:$gid", '=');
}
}
$filter->condition('default_node_index:search_api_access_node', 'node_access__all', '=');
$query->filter($filter);
}
catch (SearchApiException $e) {
watchdog_exception('search_api', $e);
}
}
else {
watchdog('search_api', 'An illegal user UID was given for node access: @uid.', array('@uid' => $query->getOption('search_api_access_account', $user)), WATCHDOG_WARNING);
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.