Skip to content
GitLab
Commit 86f5484d authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Change query string interpretation in group member search (bug #799591) 



Change-Id: I1e5d9c4a6e2d62a2095af2afd48205c32aaa22f9
Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
parent 0397c4ae
Hide whitespace changes
Inline Side-by-side
htdocs/lib/searchlib.php
View file @ 86f5484d
......@@ -333,29 +333,51 @@ function build_admin_user_search_results($search, $offset, $limit, $sortby, $sor
*
*/
function get_group_user_search_results($group, $query, $offset, $limit, $membershiptype, $order=null) {
$queries = array();
$plugin = get_config('searchplugin');
safe_require('search', $plugin);
$constraints = array();
if (!empty($query)) {
list($words, $fullnames) = parse_name_query($query);
foreach ($words as $word) {
$queries[] = array('field' => 'firstname',
'type' => 'contains',
'string' => $word);
$queries[] = array('field' => 'lastname',
'type' => 'contains',
'string' => $word);
}
foreach ($fullnames as $n) {
$constraints[] = array('field' => 'firstname',
'type' => 'contains',
'string' => $n[0]);
$constraints[] = array('field' => 'lastname',
'type' => 'contains',
'string' => $n[1]);
if ($plugin == 'internal') {
// Pass the raw query string through to group_search_user; parsing of the
// query depends on the plugin configuration.
$queries = $query;
}
else {
$queries = array();
if (!empty($query)) {
list($words, $fullnames) = parse_name_query($query);
foreach ($words as $word) {
$queries[] = array(
'field' => 'firstname',
'type' => 'contains',
'string' => $word
);
$queries[] = array(
'field' => 'lastname',
'type' => 'contains',
'string' => $word
);
}
foreach ($fullnames as $n) {
$constraints[] = array(
'field' => 'firstname',
'type' => 'contains',
'string' => $n[0]
);
$constraints[] = array(
'field' => 'lastname',
'type' => 'contains',
'string' => $n[1]
);
}
}
}
$results = group_user_search($group, $queries, $constraints, $offset, $limit, $membershiptype, $order);
$results = call_static_method(
generate_class_name('search', $plugin), 'group_search_user',
$group, $queries, $constraints, $offset, $limit, $membershiptype, $order
);
if ($results['count']) {
$userids = array_map(create_function('$a', 'return $a["id"];'), $results['data']);
$introductions = get_records_sql_assoc("SELECT \"owner\", title
......@@ -375,13 +397,6 @@ function get_group_user_search_results($group, $query, $offset, $limit, $members
}
function group_user_search($group, $queries, $constraints, $offset, $limit, $membershiptype, $order=null) {
$plugin = get_config('searchplugin');
safe_require('search', $plugin);
return call_static_method(generate_class_name('search', $plugin), 'group_search_user',
$group, $queries, $constraints, $offset, $limit, $membershiptype, $order);
}
/**
* Given a query string and limits, return an array of matching groups using the
* search plugin defined in config.php
......
htdocs/search/internal/lib.php
View file @ 86f5484d
......@@ -467,29 +467,16 @@ class PluginSearchInternal extends PluginSearch {
}
public static function group_search_user($group, $queries, $constraints, $offset, $limit, $membershiptype, $order=null) {
// Only handle OR/AND expressions at the top level. Eventually we may need subexpressions.
$searchsql = '';
$values = array();
if (!empty($queries)) {
$ilike = db_ilike();
$searchsql .= ' AND ( ';
$str = array();
foreach ($queries as $f) {
if (!preg_match('/^[a-zA-Z_0-9"]+$/', $f['field'])) {
continue; // skip this field as it fails validation
}
$str[] = 'u.' . $f['field']
. PluginSearchInternal::match_expression($f['type'], $f['string'], $values, $ilike);
}
$searchsql .= join(' OR ', $str) . ') ';
}
public static function group_search_user($group, $query_string, $constraints, $offset, $limit, $membershiptype, $order=null) {
list($searchsql, $values) = self::name_search_sql($query_string);
if ($membershiptype == 'nonmember') {
$select = '
u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff';
$from = '
FROM {usr} u
LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)';
$values[] = $group;
......@@ -500,6 +487,7 @@ class PluginSearchInternal extends PluginSearch {
u.id, u.firstname, u.lastname, u.username, u.email, u.profileicon, u.staff';
$from = '
FROM {usr} u
LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
AND NOT u.id IN (SELECT member FROM {group_member} gm WHERE gm.group = ?)
AND NOT u.id IN (SELECT member FROM {group_member_invite} gmi WHERE gmi.group = ?)';
......@@ -514,6 +502,7 @@ class PluginSearchInternal extends PluginSearch {
$from = '
FROM {usr} u
INNER JOIN {group_member_request} gmr ON (gmr.member = u.id)
LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
AND gmr.group = ?';
$values[] = $group;
......@@ -526,6 +515,7 @@ class PluginSearchInternal extends PluginSearch {
$from = '
FROM {usr} u
INNER JOIN {group_member_invite} gmi ON (gmi.member = u.id)
LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
AND gmi.group = ?';
$values[] = $group;
......@@ -538,6 +528,7 @@ class PluginSearchInternal extends PluginSearch {
$from = '
FROM {usr} u
INNER JOIN {group_member} gm ON (gm.member = u.id)
LEFT OUTER JOIN {usr_account_preference} h ON (u.id = h.usr AND h.field = \'hiderealname\')
WHERE u.id > 0 AND u.deleted = 0 ' . $searchsql . '
AND gm.group = ?';
$values[] = $group;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment