--- C:\wamp\www\drupal3\sites\all\modules\apachesolr\apachesolr_search.module 2008-07-20 02:22:44.000000000 +1200 +++ C:\wamp\www\drupal3\sites\all\modules\apachesolr\apachesolr_search.module.new 2008-09-04 14:27:04.495027400 +1200 @@ -75,9 +75,36 @@ } } $params['start'] = $_GET['page'] * $params['rows']; + + /* Access Control Stuff */ + $params_access = $params; + $params_access['fl']= 'nid,type'; //we only need these fields to call node_access + $params_access['facet']= 'false'; + $response = $solr->search($query->get_query(), 0, 1000000, $params_access);//I can't see a way of returning everything, so I just use a high limit for the max rows + $total = $response->numFound; + foreach ($response->documents as $doc) { + $node->nid = $doc->nid; + $node->type = $doc->type; + $node->status = 1; + if (node_access('view', $node)) { + if (count($nid_granted) < $params['rows'] && $result_rows >= $params['start']) { + $nid_granted[] = $node->nid; + } + } + else { + $total--; + if(count($nid_granted) < $params['rows'] && $result_rows >= $params['start']) { + $extra_rows++; + } + } + $result_rows++; + } + $params['rows'] += $extra_rows; + /* End Access Control Stuff */ + $response = $solr->search($query->get_query(), $params['start'], $params['rows'], $params); apachesolr_has_searched(TRUE); - $total = $response->numFound; + //$total = $response->numFound; // The response is cached so that it is accessible to the blocks and anything // else that needs it beyond the initial search. apachesolr_static_response_cache($response); @@ -85,6 +112,14 @@ if ($total > 0) { static $users = array(); foreach ($response->documents as $doc) { + /*access control stuff*/ + if ($doc->nid == $nid_granted[0]) { + array_shift($nid_granted); + } + else { + continue; //skip this result then carry on + } + /*end access control stuff */ $extra = node_invoke_nodeapi(&$doc, 'search result'); $extra['score'] = $doc->score; $snippet = search_excerpt($keys, $doc->body);