You are here

public function EntityReference_SelectionHandler_Generic_comment::entityFieldQueryAlter in Entity reference 7

Implements EntityReferenceHandler::entityFieldQueryAlter().

Overrides EntityReference_SelectionHandler_Generic::entityFieldQueryAlter

File

plugins/selection/EntityReference_SelectionHandler_Generic.class.php, line 437

Class

EntityReference_SelectionHandler_Generic_comment
Override for the Comment type.

Code

public function entityFieldQueryAlter(SelectQueryInterface $query) {

  // Adding the 'comment_access' tag is sadly insufficient for comments: core
  // requires us to also know about the concept of 'published' and
  // 'unpublished'.
  if (!user_access('administer comments')) {
    $base_table = $this
      ->ensureBaseTable($query);
    $query
      ->condition("{$base_table}.status", COMMENT_PUBLISHED);
  }

  // The Comment module doesn't implement any proper comment access,
  // and as a consequence doesn't make sure that comments cannot be viewed
  // when the user doesn't have access to the node.
  $tables = $query
    ->getTables();
  $base_table = key($tables);
  $node_alias = $query
    ->innerJoin('node', 'n', '%alias.nid = ' . $base_table . '.nid');

  // Pass the query to the node access control.
  $this
    ->reAlterQuery($query, 'node_access', $node_alias);

  // Alas, the comment entity exposes a bundle, but doesn't have a bundle column
  // in the database. We have to alter the query ourself to go fetch the
  // bundle.
  $conditions =& $query
    ->conditions();
  foreach ($conditions as $key => &$condition) {
    if ($key !== '#conjunction' && is_string($condition['field']) && $condition['field'] === 'node_type') {
      $condition['field'] = $node_alias . '.type';
      foreach ($condition['value'] as &$value) {
        if (substr($value, 0, 13) == 'comment_node_') {
          $value = substr($value, 13);
        }
      }
      break;
    }
  }

  // Passing the query to node_query_node_access_alter() is sadly
  // insufficient for nodes.
  // @see EntityReferenceHandler_node::entityFieldQueryAlter()
  if (!user_access('bypass node access') && !count(module_implements('node_grants'))) {
    $query
      ->condition($node_alias . '.status', 1);
  }
}