Documentation & API reference
public function CommentSelection::entityQueryAlter
Overrides SelectionBase::entityQueryAlter().
Overrides SelectionBase::entityQueryAlter
File
- drupal/
core/ modules/ comment/ lib/ Drupal/ comment/ Plugin/ entity_reference/ selection/ CommentSelection.php, line 47 - Contains \Drupal\comment\Plugin\entity_reference\selection\CommentSelection.
Class
- CommentSelection
- Provides specific access control for the comment entity type.
Namespace
Drupal\comment\Plugin\entity_reference\selectionCode
public function entityQueryAlter(SelectInterface $query) {
$tables = $query
->getTables();
$base_table = $tables['base_table']['alias'];
// The Comment module doesn't implement any proper comment access,
// and as a consequence doesn't make sure that comments cannot be viewed
// when the user doesn't have access to the node.
$node_alias = $query
->innerJoin('node_field_data', 'n', '%alias.nid = ' . $base_table . '.nid');
// Pass the query to the node access control.
$this
->reAlterQuery($query, 'node_access', $node_alias);
// Alas, the comment entity exposes a bundle, but doesn't have a bundle
// column in the database. We have to alter the query ourselves to go fetch
// the bundle.
$conditions =& $query
->conditions();
foreach ($conditions as $key => &$condition) {
if ($key !== '#conjunction' && is_string($condition['field']) && $condition['field'] === 'node_type') {
$condition['field'] = $node_alias . '.type';
foreach ($condition['value'] as &$value) {
if (substr($value, 0, 13) == 'comment_node_') {
$value = substr($value, 13);
}
}
break;
}
}
// Passing the query to node_query_node_access_alter() is sadly
// insufficient for nodes.
// @see SelectionEntityTypeNode::entityQueryAlter()
if (!user_access('bypass node access') && !count(module_implements('node_grants'))) {
$query
->condition($node_alias . '.status', 1);
}
}