You are here

Home » API reference » Drupal 9 » CommentSelection.php » CommentSelection

public function CommentSelection::entityQueryAlter in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/comment/src/Plugin/EntityReferenceSelection/CommentSelection.php \Drupal\comment\Plugin\EntityReferenceSelection\CommentSelection::entityQueryAlter()
  2. 10 core/modules/comment/src/Plugin/EntityReferenceSelection/CommentSelection.php \Drupal\comment\Plugin\EntityReferenceSelection\CommentSelection::entityQueryAlter()

Allows the selection to alter the SelectQuery generated by EntityFieldQuery.

Parameters

\Drupal\Core\Database\Query\SelectInterface $query: A Select Query object.

Overrides SelectionPluginBase::entityQueryAlter

File

core/modules/comment/src/Plugin/EntityReferenceSelection/CommentSelection.php, line 68

Class

CommentSelection
Provides specific access control for the comment entity type.

Namespace

Drupal\comment\Plugin\EntityReferenceSelection

Code

public function entityQueryAlter(SelectInterface $query) {
  parent::entityQueryAlter($query);
  $tables = $query
    ->getTables();
  $data_table = 'comment_field_data';
  if (!isset($tables['comment_field_data']['alias'])) {

    // If no conditions join against the comment data table, it should be
    // joined manually to allow node access processing.
    $query
      ->innerJoin($data_table, NULL, "[base_table].[cid] = [{$data_table}].[cid] AND [{$data_table}].[default_langcode] = 1");
  }

  // The Comment module doesn't implement any proper comment access,
  // and as a consequence doesn't make sure that comments cannot be viewed
  // when the user doesn't have access to the node.
  $node_alias = $query
    ->innerJoin('node_field_data', 'n', "[%alias].[nid] = [{$data_table}].[entity_id] AND [{$data_table}].[entity_type] = 'node'");

  // Pass the query to the node access control.
  $this
    ->reAlterQuery($query, 'node_access', $node_alias);

  // Passing the query to node_query_node_access_alter() is sadly
  // insufficient for nodes.
  // @see \Drupal\node\Plugin\EntityReferenceSelection\NodeSelection::buildEntityQuery()
  if (!$this->currentUser
    ->hasPermission('bypass node access') && !count($this->moduleHandler
    ->getImplementations('node_grants'))) {
    $query
      ->condition($node_alias . '.status', 1);
  }
}