You are here

Home » API reference » Open Social 8.6 » social_profile_privacy.module

function social_profile_privacy_search_api_query_alter in Open Social 8.6

Same name and namespace in other branches
  1. 8.5 modules/social_features/social_profile/modules/social_profile_privacy/social_profile_privacy.module \social_profile_privacy_search_api_query_alter()

Implements hook_search_api_query_alter().

Ensures that when the setting is enabled to be strict with first/last name display and the current user does not have the permission to bypass this setting that the search queries are altered to ignore the first name/last name when the target user has filled in a nickname.

Users will not be able to find themselves by first/last name if they have filled in a nickname and do not have the correct permissions. This is intentional because it means that they can test how other users can find them.

File

modules/social_features/social_profile/modules/social_profile_privacy/social_profile_privacy.module, line 471
The Social profile privacy module file.

Code

function social_profile_privacy_search_api_query_alter(QueryInterface &$query) {

  // If the social profile fields module isn't enabled then we don't have
  // anything to hide behind.
  if (!\Drupal::moduleHandler()
    ->moduleExists('social_profile_fields')) {
    return;
  }
  $ids = [
    'social_all',
    'social_users',
  ];

  // If the current query isn't for an index with users then we're done too.
  if (!in_array($query
    ->getIndex()
    ->id(), $ids)) {
    return;
  }
  $config = \Drupal::config('social_profile_privacy.settings');
  $account = \Drupal::currentUser();

  // If the use of real names is not limited or the user can bypass this
  // restriction then we're done too.
  if (!$config
    ->get('limit_search_and_mention') || $account
    ->hasPermission('social profile privacy always show full name')) {
    return;
  }
  $search_term = $query
    ->getOriginalKeys();

  // Conditions must match lowercase because that's how they're indexed.
  if (is_array($search_term)) {
    $search_term = array_map("strtolower", $search_term);
  }
  else {
    $search_term = strtolower($search_term);
  }

  // If no search string was filled out, don't add the subquery.
  if (empty($search_term)) {
    return;
  }

  // When a user has no nickname, there can be a match for a (part of the) name.
  $matched_name = (new ConditionGroup("AND", [
    'social_profile_privacy_full_name_protection',
  ]))
    ->addCondition('field_profile_nick_name', NULL, '=')
    ->addConditionGroup((new ConditionGroup("OR", [
    'social_profile_privacy_full_name_protection',
  ]))
    ->addCondition('field_profile_first_name', $search_term, '=')
    ->addCondition('field_profile_last_name', $search_term, '='));

  // Given that a user has a nickname there can be no match for the first and
  // last name.
  $no_name_match = (new ConditionGroup('AND', [
    'social_profile_privacy_full_name_protection',
  ]))
    ->addCondition('field_profile_nick_name', NULL, '<>')
    ->addCondition('field_profile_first_name', $search_term, '<>')
    ->addCondition('field_profile_last_name', $search_term, '<>');

  // Results are matched only when they do not match the first name and last
  // name, or they also match the username.
  $full_name_restricted = (new ConditionGroup('OR', [
    'social_profile_privacy_full_name_protection',
  ]))
    ->addCondition('name', $search_term)
    ->addCondition('field_profile_nick_name', $search_term)
    ->addConditionGroup($matched_name)
    ->addConditionGroup($no_name_match);
  $query
    ->addConditionGroup($full_name_restricted);
}