content.menu.inc 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178
  1. <?php
  2. /**
  3. * @file
  4. * Contains menu item registration for the content tool.
  5. *
  6. * The menu items registered are AJAX callbacks for the things like
  7. * autocomplete and other tools needed by the content types.
  8. */
  9. function ctools_content_menu(&$items) {
  10. $base = array(
  11. 'access arguments' => array('access content'),
  12. 'type' => MENU_CALLBACK,
  13. 'file' => 'includes/content.menu.inc',
  14. );
  15. $items['ctools/autocomplete/%'] = array(
  16. 'page callback' => 'ctools_content_autocomplete_entity',
  17. 'page arguments' => array(2),
  18. ) + $base;
  19. }
  20. /**
  21. * Helper function for autocompletion of entity titles.
  22. */
  23. function ctools_content_autocomplete_entity($entity_type, $string = '') {
  24. if ($string != '') {
  25. $entity_info = entity_get_info($entity_type);
  26. if (!module_exists('entity')) {
  27. module_load_include('inc', 'ctools', 'includes/entity-access');
  28. _ctools_entity_access($entity_info, $entity_type);
  29. }
  30. // We must query all ids, because if every one of the 10 don't have access
  31. // the user may never be able to autocomplete a node title.
  32. $preg_matches = array();
  33. $matches = array();
  34. $match = preg_match('/\[id: (\d+)\]/', $string, $preg_matches);
  35. if (!$match) {
  36. $match = preg_match('/^id: (\d+)/', $string, $preg_matches);
  37. }
  38. // If an ID match was found, use that ID rather than the whole string.
  39. if ($match) {
  40. $entity_id = $preg_matches[1];
  41. $results = _ctools_getReferencableEntities($entity_type, $entity_info, $entity_id, '=', 1);
  42. }
  43. else {
  44. // We cannot find results if the entity doesn't have a label to search.
  45. if (!isset($entity_info['entity keys']['label'])) {
  46. drupal_json_output(array("[id: NULL]" => '<span class="autocomplete_title">' . t('Entity Type !entity_type does not support autocomplete search.', array('!entity_type' => $entity_type)) . '</span>'));
  47. return;
  48. }
  49. $results = _ctools_getReferencableEntities($entity_type, $entity_info, $string, 'LIKE', 10);
  50. }
  51. foreach ($results as $entity_id => $result) {
  52. $matches[$result['label'] . " [id: $entity_id]"] = '<span class="autocomplete_title">' . check_plain($result['label']) . '</span>';
  53. $matches[$result['label'] . " [id: $entity_id]"] .= isset($result['bundle']) ? ' <span class="autocomplete_bundle">(' . check_plain($result['bundle']) . ')</span>' : '';
  54. }
  55. drupal_json_output($matches);
  56. }
  57. }
  58. /**
  59. * Use EntityReference_SelectionHandler_Generic class to build our search query.
  60. */
  61. function _ctools_buildQuery($entity_type, $entity_info, $match = NULL, $match_operator = 'CONTAINS') {
  62. $base_table = $entity_info['base table'];
  63. $label_key = $entity_info['entity keys']['label'];
  64. $query = db_select($base_table)
  65. ->fields($base_table, array($entity_info['entity keys']['id']));
  66. if (isset($match)) {
  67. if (isset($label_key)) {
  68. $query->condition($base_table . '.' . $label_key, '%' . $match . '%', $match_operator);
  69. }
  70. // This should never happen, but double check just in case.
  71. else {
  72. return array();
  73. }
  74. }
  75. // Add a generic entity access tag to the query.
  76. $query->addTag('ctools');
  77. // We have to perform two checks. First check is a query alter (with tags)
  78. // in an attempt to only return results that have access. However, this is
  79. // not full-proof since entities many not implement hook_access query tag.
  80. // This is why we have a second check after entity load, before we display
  81. // the label of an entity.
  82. if ($entity_type == 'comment') {
  83. // Adding the 'comment_access' tag is sadly insufficient for comments: core

  84. // requires us to also know about the concept of 'published' and

  85. // 'unpublished'.
  86. if (!user_access('administer comments')) {
  87. $query->condition('comment.status', COMMENT_PUBLISHED);
  88. }
  89. // Join to a node if the user does not have node access bypass permissions

  90. // to obey node published permissions.
  91. if (!user_access('bypass node access')) {
  92. $node_alias = $query->innerJoin('node', 'n', '%alias.nid = comment.nid');
  93. $query->condition($node_alias . '.status', NODE_PUBLISHED);
  94. }
  95. $query->addTag('node_access');
  96. }
  97. else {
  98. $query->addTag($entity_type . '_access');
  99. }
  100. // Add the sort option.
  101. if (isset($label_key)) {
  102. $query->orderBy($base_table . '.' . $label_key, 'ASC');
  103. }
  104. return $query;
  105. }
  106. /**
  107. * Private function to get referencable entities. Based on code from the
  108. * Entity Reference module.
  109. */
  110. function _ctools_getReferencableEntities($entity_type, $entity_info, $match = NULL, $match_operator = 'LIKE', $limit = 0) {
  111. global $user;
  112. $account = $user;
  113. $options = array();
  114. // We're an entity ID, return the id.
  115. if (is_numeric($match) && $match_operator == '=') {
  116. if ($entity = array_shift(entity_load($entity_type, array($match)))) {
  117. if (isset($entity_info['access callback']) && function_exists($entity_info['access callback'])) {
  118. if ($entity_info['access callback']('view', $entity, $account, $entity_type)) {
  119. $label = entity_label($entity_type, $entity);
  120. return array(
  121. $match => array(
  122. 'label' => !empty($label) ? $label : $entity->{$entity_info['entity keys']['id']},
  123. 'bundle' => !empty($entity_info['entity keys']['bundle']) ? check_plain($entity->{$entity_info['entity keys']['bundle']}) : NULL,
  124. ),
  125. );
  126. }
  127. }
  128. }
  129. // If you don't have access, or an access callback or a valid entity, just
  130. // Return back the Entity ID.
  131. return array(
  132. $match => array(
  133. 'label' => $match,
  134. 'bundle' => NULL,
  135. ),
  136. );
  137. }
  138. // We have matches, build a query to fetch the result.
  139. if ($query = _ctools_buildQuery($entity_type, $entity_info, $match, $match_operator)) {
  140. if ($limit > 0) {
  141. $query->range(0, $limit);
  142. }
  143. $results = $query->execute();
  144. if (!empty($results)) {
  145. foreach ($results as $record) {
  146. $entities = entity_load($entity_type, array($record->{$entity_info['entity keys']['id']}));
  147. $entity = array_shift($entities);
  148. if (isset($entity_info['access callback']) && function_exists($entity_info['access callback'])) {
  149. if ($entity_info['access callback']('view', $entity, $account, $entity_type)) {
  150. $label = entity_label($entity_type, $entity);
  151. $options[$record->{$entity_info['entity keys']['id']}] = array(
  152. 'label' => !empty($label) ? $label : $entity->{$entity_info['entity keys']['id']},
  153. 'bundle' => !empty($entity_info['entity keys']['bundle']) ? check_plain($entity->{$entity_info['entity keys']['bundle']}) : NULL,
  154. );
  155. }
  156. }
  157. }
  158. }
  159. return $options;
  160. }
  161. return array();
  162. }