content.menu.inc 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179
  1. <?php
  2. /**
  3. * @file
  4. * Contains menu item registration for the content tool.
  5. *
  6. * The menu items registered are AJAX callbacks for the things like
  7. * autocomplete and other tools needed by the content types.
  8. */
  9. function ctools_content_menu(&$items) {
  10. $base = array(
  11. 'access arguments' => array('access content'),
  12. 'type' => MENU_CALLBACK,
  13. 'file' => 'includes/content.menu.inc',
  14. );
  15. $items['ctools/autocomplete/%'] = array(
  16. 'page callback' => 'ctools_content_autocomplete_entity',
  17. 'page arguments' => array(2),
  18. ) + $base;
  19. }
  20. /**
  21. * Helper function for autocompletion of entity titles.
  22. */
  23. function ctools_content_autocomplete_entity($entity_type, $string = '') {
  24. if ($string != '') {
  25. $entity_info = entity_get_info($entity_type);
  26. if (!module_exists('entity')) {
  27. module_load_include('inc', 'ctools', 'includes/entity-access');
  28. _ctools_entity_access($entity_info, $entity_type);
  29. }
  30. // We must query all ids, because if every one of the 10 don't have access
  31. // the user may never be able to autocomplete a node title.
  32. $preg_matches = array();
  33. $matches = array();
  34. $match = preg_match('/\[id: (\d+)\]/', $string, $preg_matches);
  35. if (!$match) {
  36. $match = preg_match('/^id: (\d+)/', $string, $preg_matches);
  37. }
  38. // If an ID match was found, use that ID rather than the whole string.
  39. if ($match) {
  40. $entity_id = $preg_matches[1];
  41. $results = _ctools_getReferencableEntities($entity_type, $entity_info, $entity_id, '=', 1);
  42. }
  43. else {
  44. // We cannot find results if the entity doesn't have a label to search.
  45. if (!isset($entity_info['entity keys']['label'])) {
  46. drupal_json_output(array("[id: NULL]" => '<span class="autocomplete_title">' . t('Entity Type !entity_type does not support autocomplete search.', array('!entity_type' => $entity_type)) . '</span>'));
  47. return;
  48. }
  49. $results = _ctools_getReferencableEntities($entity_type, $entity_info, $string, 'LIKE', 10);
  50. }
  51. foreach ($results as $entity_id => $result) {
  52. $matches[$result['label'] . " [id: $entity_id]"] = '<span class="autocomplete_title">' . check_plain($result['label']) . '</span>';
  53. $matches[$result['label'] . " [id: $entity_id]"] .= isset($result['bundle']) ? ' <span class="autocomplete_bundle">(' . check_plain($result['bundle']) . ')</span>' : '';
  54. }
  55. drupal_json_output($matches);
  56. }
  57. }
  58. /*
  59. * Use well known/tested entity reference code to build our search query
  60. * From EntityReference_SelectionHandler_Generic class
  61. */
  62. function _ctools_buildQuery($entity_type, $entity_info, $match = NULL, $match_operator = 'CONTAINS') {
  63. $base_table = $entity_info['base table'];
  64. $label_key = $entity_info['entity keys']['label'];
  65. $query = db_select($base_table)
  66. ->fields($base_table, array($entity_info['entity keys']['id']));
  67. if (isset($match)) {
  68. if (isset($label_key)) {
  69. $query->condition($base_table . '.' . $label_key, '%' . $match . '%', $match_operator);
  70. }
  71. // This should never happen, but double check just in case.
  72. else {
  73. return array();
  74. }
  75. }
  76. // Add a generic entity access tag to the query.
  77. $query->addTag('ctools');
  78. // We have to perform two checks. First check is a query alter (with tags)
  79. // in an attempt to only return results that have access. However, this is
  80. // not full-proof since entities many not implement hook_access query tag.
  81. // This is why we have a second check after entity load, before we display
  82. // the label of an entity.
  83. if ($entity_type == 'comment') {
  84. // Adding the 'comment_access' tag is sadly insufficient for comments: core

  85. // requires us to also know about the concept of 'published' and

  86. // 'unpublished'.

  87. if (!user_access('administer comments')) {
  88. $query->condition('comment.status', COMMENT_PUBLISHED);
  89. }
  90. // Join to a node if the user does not have node access bypass permissions

  91. // to obey node published permissions

  92. if (!user_access('bypass node access')) {
  93. $node_alias = $query->innerJoin('node', 'n', '%alias.nid = comment.nid');
  94. $query->condition($node_alias . '.status', NODE_PUBLISHED);
  95. }
  96. $query->addTag('node_access');
  97. }
  98. else {
  99. $query->addTag($entity_type . '_access');
  100. }
  101. // Add the sort option.
  102. if (isset($label_key)) {
  103. $query->orderBy($base_table . '.' . $label_key, 'ASC');
  104. }
  105. return $query;
  106. }
  107. /**
  108. * Private function to get referencable entities. Based on code from the
  109. * Entity Reference module.
  110. */
  111. function _ctools_getReferencableEntities($entity_type, $entity_info, $match = NULL, $match_operator = 'LIKE', $limit = 0) {
  112. global $user;
  113. $account = $user;
  114. $options = array();
  115. // We're an entity ID, return the id
  116. if (is_numeric($match) && $match_operator == '=') {
  117. if ($entity = array_shift(entity_load($entity_type, array($match)))) {
  118. if (isset($entity_info['access callback']) && function_exists($entity_info['access callback'])) {
  119. if ($entity_info['access callback']('view', $entity, $account, $entity_type)) {
  120. $label = entity_label($entity_type, $entity);
  121. return array(
  122. $match => array(
  123. 'label' => !empty($label) ? $label : $entity->{$entity_info['entity keys']['id']},
  124. 'bundle' => !empty($entity_info['entity keys']['bundle']) ? check_plain($entity->{$entity_info['entity keys']['bundle']}) : NULL,
  125. ),
  126. );
  127. }
  128. }
  129. }
  130. // If you don't have access, or an access callback or a valid entity, just
  131. // Return back the Entity ID.
  132. return array(
  133. $match => array(
  134. 'label' => $match,
  135. 'bundle' => NULL,
  136. ),
  137. );
  138. }
  139. // We have matches, build a query to fetch the result.
  140. if ($query = _ctools_buildQuery($entity_type, $entity_info, $match, $match_operator)) {
  141. if ($limit > 0) {
  142. $query->range(0, $limit);
  143. }
  144. $results = $query->execute();
  145. if (!empty($results)) {
  146. foreach ($results as $record) {
  147. $entities = entity_load($entity_type, array($record->{$entity_info['entity keys']['id']}));
  148. $entity = array_shift($entities);
  149. if (isset($entity_info['access callback']) && function_exists($entity_info['access callback'])) {
  150. if ($entity_info['access callback']('view', $entity, $account, $entity_type)) {
  151. $label = entity_label($entity_type, $entity);
  152. $options[$record->{$entity_info['entity keys']['id']}] = array(
  153. 'label' => !empty($label) ? $label : $entity->{$entity_info['entity keys']['id']},
  154. 'bundle' => !empty($entity_info['entity keys']['bundle']) ? check_plain($entity->{$entity_info['entity keys']['bundle']}) : NULL,
  155. );
  156. }
  157. }
  158. }
  159. }
  160. return $options;
  161. }
  162. return array();
  163. }