diff --git a/file_entity.module b/file_entity.module index 735602e..4634e7c 100644 --- a/file_entity.module +++ b/file_entity.module @@ -1818,7 +1818,7 @@ function file_entity_query_file_access_alter(QueryAlterableInterface $query) { * access conditions are added for field values belonging to files only. */ function file_entity_query_entity_field_access_alter(QueryAlterableInterface $query) { - _file_entity_query_file_entity_access_alter($query, 'entity'); + //_file_entity_query_file_entity_access_alter($query, 'entity'); } /** @@ -1846,12 +1846,6 @@ function _file_entity_query_file_entity_access_alter($query, $type) { $tables = $query->getTables(); $base_table = $query->getMetaData('base_table'); - // Do not use the base table for general entity queries unless this is - // querying the file_managed table directly. - if ($base_table && $type == 'entity' && $base_table != 'file_managed') { - $base_table = ''; - } - // If no base table is specified explicitly, search for one. if (!$base_table) { $fallback = ''; @@ -1883,10 +1877,6 @@ function _file_entity_query_file_entity_access_alter($query, $type) { $fallback = $table; } } - elseif (isset($schema['fields']['entity_id']) && isset($schema['fields']['entity_type']) && isset($schema['fields']['deleted']) && isset($schema['fields']['delta'])) { - // The table is a field data table, use it as fallback. - $base_table = $table; - } } } } @@ -1897,11 +1887,6 @@ function _file_entity_query_file_entity_access_alter($query, $type) { $base_table = $fallback; } else { - // Ignore this query as it was a general field query and no - // relationships were found to the file_managed table. - if ($type == 'entity') { - return; - } throw new Exception(t('Query tagged for file access but there is no fid. Add foreign keys to file_managed.fid in schema to fix.')); } } @@ -1964,36 +1949,33 @@ function _file_entity_query_file_entity_access_alter($query, $type) { } } - // If there is no subquery conditions, the query is likely for file usage. - // Or user can only access public files. - // If there are subquery conditions then add them to the subquery. - if ($subquery_conditions->count() >= 1) { + if ($subquery_conditions->count()) { $subquery->condition($subquery_conditions); - } - $field = 'fid'; - // Now handle entities. - if ($type == 'entity') { - // Set a common alias for entities. - $base_alias = $falias; - $field = ($falias == 'file_managed' ? 'fid' : 'entity_id'); - } - $subquery->where("$falias.$field = fm_access.fid"); + $field = 'fid'; + // Now handle entities. + if ($type == 'entity') { + // Set a common alias for entities. + $base_alias = $falias; + $field = 'entity_id'; + } + $subquery->where("$falias.$field = fm_access.fid"); - // For an entity query, attach the subquery to entity conditions. - if ($type == 'entity') { - $file_conditions->exists($subquery); - } - // Otherwise attach it to the node query itself. - elseif ($table == 'file_managed') { - // Fix for https://drupal.org/node/2073085 - $db_or = db_or(); - $db_or->exists($subquery); - $db_or->isNull($falias . '.' . $field); - $query->condition($db_or); - } - else { - $query->exists($subquery); + // For an entity query, attach the subquery to entity conditions. + if ($type == 'entity') { + $file_conditions->exists($subquery); + } + // Otherwise attach it to the node query itself. + elseif ($table == 'file_managed') { + // Fix for https://drupal.org/node/2073085 + $db_or = db_or(); + $db_or->exists($subquery); + $db_or->isNull($falias . '.' . $field); + $query->condition($db_or); + } + else { + $query->exists($subquery); + } } } } @@ -2001,19 +1983,14 @@ function _file_entity_query_file_entity_access_alter($query, $type) { if ($type == 'entity' && $file_conditions->count()) { // All the file access conditions are only for field values belonging to // files. - if ($base_alias !== 'file_managed') { - $file_conditions->condition("$base_alias.entity_type", 'file'); - $or = db_or(); - $or->condition($file_conditions); - // If the field value belongs to a non-file entity type then this function - // does not do anything with it. - $or->condition("$base_alias.entity_type", 'file', '<>'); - // Add the compiled set of rules to the query. - $query->condition($or); - } - else { - $query->condition($file_conditions); - } + $file_conditions->condition("$base_alias.entity_type", 'file'); + $or = db_or(); + $or->condition($file_conditions); + // If the field value belongs to a non-file entity type then this function + // does not do anything with it. + $or->condition("$base_alias.entity_type", 'file', '<>'); + // Add the compiled set of rules to the query. + $query->condition($or); } } diff --git a/file_entity.test b/file_entity.test index 96a4510..085ced5 100644 --- a/file_entity.test +++ b/file_entity.test @@ -1671,132 +1671,4 @@ class FileEntityAttributeOverrideTestCase extends FileEntityTestHelper { $this->assertEqual($build['#file']->$attribute, $expected_value, format_string('The %attribute was overridden correctly.', array('%attribute' => $attribute))); } } - - /** - * @param EntityFieldQuery $query - * @param $expected - * An associative array of expected result. Keys are file ids, values are - * booleans to indicate if the result should include the file. - */ - function assertEntityFieldQueryAccess(EntityFieldQuery $query, $expected, $account = NULL, $query_name = 'unnamed') { - if ($account) { - $query->addMetaData('account', $account); - } - $query->addTag('entity_field_access'); - $results = $query->execute(); - $fids = isset($results['file']) ? array_keys($results['file']) : array(); - foreach ($expected as $fid => $in_result) { - if ($in_result) { - $this->assertTrue(in_array($fid, $fids), format_string("For the %name query, the result should contain %fid", array('%name' => $query_name, '%fid' => $fid))); - } - else { - $this->assertFalse(in_array($fid, $fids), format_string("For the %name query, the result should not contain %fid", array('%name' => $query_name, '%fid' => $fid))); - } - } - } - - /** - * Test file entity access for entity field queries. - */ - function testEntityFieldQueryAccess() { - // Attach a text field to the default image file type. - $field = array( - 'field_name' => drupal_strtolower($this->randomName()), - 'type' => 'text', - 'settings' => array( - 'max_length' => 255, - ) - ); - field_create_field($field); - $instance = array( - 'field_name' => $field['field_name'], - 'entity_type' => 'file', - 'bundle' => 'document', - 'widget' => array( - 'type' => 'text_textfield', - ), - 'display' => array( - 'default' => array( - 'type' => 'text_default', - ), - ), - ); - field_create_instance($instance); - // Create test files. - $file_owner = $this->drupalCreateUser(array('view own files', 'view own private files')); - $public_file = $this->createFileEntity(array( - 'status' => 0, - )); - $private_file = $this->createFileEntity(array('scheme' => 'private')); - $owned_public_file = $this->createFileEntity(array( - 'uid' => $file_owner->uid, - 'scheme' => 'public', - )); - $owned_private_file = $this->createFileEntity(array( - 'uid' => $file_owner->uid, - 'scheme' => 'private', - )); - $fids = array( - $public_file->fid, - $private_file->fid, - $owned_public_file->fid, - $owned_private_file->fid, - ); - foreach (file_load_multiple($fids) as $file) { - $file->{$field['field_name']}[LANGUAGE_NONE][0] = array('value' => 'find me'); - file_save($file); - } - - $efq_fids = new EntityFieldQuery(); - $queries['entity type and id conditions'] = $efq_fids - ->entityCondition('entity_type', 'file') - ->entityCondition('entity_id', $fids); - $efq_field_name = new EntityFieldQuery(); - $queries['single field condition'] = $efq_field_name - ->fieldCondition($field['field_name'], 'value', 'find me'); - - foreach($queries as $name => $query) { - $message = format_string(''); - // User should not see private files, only his own public files. - $this->assertEntityFieldQueryAccess(clone $query, array( - $public_file->fid => TRUE, - $private_file->fid => FALSE, - $owned_public_file->fid => TRUE, - $owned_private_file->fid => FALSE, - ), $this->drupalCreateUser(array('create files')), $name); - - // A user with the 'view own files' and 'view own private files' permissions should only see owned files and public files. - $this->drupalLogin($file_owner); - $this->assertEntityFieldQueryAccess(clone $query, array( - $public_file->fid => TRUE, - $private_file->fid => FALSE, - $owned_public_file->fid => TRUE, - $owned_private_file->fid => TRUE, - ), $file_owner, $name); - - // User with the 'view files' permission should only see public files but cannot create files. - $this->assertEntityFieldQueryAccess(clone $query, array( - $public_file->fid => TRUE, - $private_file->fid => FALSE, - $owned_public_file->fid => TRUE, - $owned_private_file->fid => FALSE, - ), $this->drupalCreateUser(array('view files')), $name); - - // User with the 'view files' and 'view private files' permissions should only see all files. - $this->assertEntityFieldQueryAccess(clone $query, array( - $public_file->fid => TRUE, - $private_file->fid => TRUE, - $owned_public_file->fid => TRUE, - $owned_private_file->fid => TRUE, - ), $this->drupalCreateUser(array('view files', 'view private files')), $name); - - // User with the 'bypass file access' permissions should only see all files. - $this->assertEntityFieldQueryAccess(clone $query, array( - $public_file->fid => TRUE, - $private_file->fid => TRUE, - $owned_public_file->fid => TRUE, - $owned_private_file->fid => TRUE, - ), $this->drupalCreateUser(array('bypass file access')), $name); - } - } }