Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added check for ACL in Header of pages when searching #102

Merged
merged 1 commit into from
Apr 11, 2017
Merged

Added check for ACL in Header of pages when searching #102

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 52 additions & 0 deletions simplesearch.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,9 @@ public function onPagesInitialized()
//Drop unpublished and unroutable pages
$this->collection->published()->routable();

//Check if user has permission to view page
$this->collection = $this->checkForPermissions($this->collection);

$extras = [];

if ($query) {
Expand Down Expand Up @@ -219,6 +222,55 @@ public function onPagesInitialized()
}
}

/**
* Filter the pages, and return only the pages the user has access to.
* Implementation based on Login Plugin authorizePage() function.
*/
public function checkForPermissions($collection)
{
$user = $this->grav['user'];
$returnCollection = new Collection();
foreach ($collection as $page) {

$header = $page->header();
$rules = isset($header->access) ? (array)$header->access : [];

if ($this->config->get('plugins.login.parent_acl')) {
// If page has no ACL rules, use its parent's rules
if (!$rules) {
$parent = $page->parent();
while (!$rules and $parent) {
$header = $parent->header();
$rules = isset($header->access) ? (array)$header->access : [];
$parent = $parent->parent();
}
}
}

// Continue to the page if it has no ACL rules.
if (!$rules) {
$returnCollection[$page->path()] = ['slug' => $page->slug()];
} else {
// Continue to the page if user is authorized to access the page.
foreach ($rules as $rule => $value) {
if (is_array($value)) {
foreach ($value as $nested_rule => $nested_value) {
if ($user->authorize($rule . '.' . $nested_rule) == $nested_value) {
$returnCollection[$page->path()] = ['slug' => $page->slug()];
break;
}
}
} else {
if ($user->authorize($rule) == $value) {
$returnCollection[$page->path()] = ['slug' => $page->slug()];
break;
}
}
}
}
}
return $returnCollection;
}

/**
* Set needed variables to display the search results.
Expand Down