class EntityReference_SelectionHandler_Generic_comment in Entity reference 7
Override for the Comment type.
This only exists to workaround core bugs.
Hierarchy
- class \EntityReference_SelectionHandler_Generic implements EntityReference_SelectionHandler
Expanded class hierarchy of EntityReference_SelectionHandler_Generic_comment
File
- plugins/
selection/ EntityReference_SelectionHandler_Generic.class.php, line 436
View source
class EntityReference_SelectionHandler_Generic_comment extends EntityReference_SelectionHandler_Generic {
public function entityFieldQueryAlter(SelectQueryInterface $query) {
// Adding the 'comment_access' tag is sadly insufficient for comments: core
// requires us to also know about the concept of 'published' and
// 'unpublished'.
if (!user_access('administer comments')) {
$base_table = $this
->ensureBaseTable($query);
$query
->condition("{$base_table}.status", COMMENT_PUBLISHED);
}
// The Comment module doesn't implement any proper comment access,
// and as a consequence doesn't make sure that comments cannot be viewed
// when the user doesn't have access to the node.
$tables = $query
->getTables();
$base_table = key($tables);
$node_alias = $query
->innerJoin('node', 'n', '%alias.nid = ' . $base_table . '.nid');
// Pass the query to the node access control.
$this
->reAlterQuery($query, 'node_access', $node_alias);
// Alas, the comment entity exposes a bundle, but doesn't have a bundle column
// in the database. We have to alter the query ourself to go fetch the
// bundle.
$conditions =& $query
->conditions();
foreach ($conditions as $key => &$condition) {
if ($key !== '#conjunction' && is_string($condition['field']) && $condition['field'] === 'node_type') {
$condition['field'] = $node_alias . '.type';
foreach ($condition['value'] as &$value) {
if (substr($value, 0, 13) == 'comment_node_') {
$value = substr($value, 13);
}
}
break;
}
}
// Passing the query to node_query_node_access_alter() is sadly
// insufficient for nodes.
// @see EntityReferenceHandler_node::entityFieldQueryAlter()
if (!user_access('bypass node access') && !count(module_implements('node_grants'))) {
$query
->condition($node_alias . '.status', 1);
}
}
}