Permalink
Browse files

Remove hooks/field for component security check (the implementation o…

…f which was removed ten years ago..)
  • Loading branch information...
flack committed Jul 16, 2017
1 parent 230368c commit c7237554d1f07b1c5839089cc5ed0880c44a72d7
@@ -319,21 +319,6 @@ public function reindex($topic)
return $this->_on_reindex($topic, $this->get_config_for_topic($topic), midcom::get()->indexer);
}
/**
* Verify an indexer document's permissions.
*
* It will call the corresponding event handler reading the topic configuration beforehand.
*
* @param midcom_services_indexer_document &$document The document to check. This object is passed by
* reference and may therefore be modified to match the current security policy.
* @param midcom_db_topic $topic The topic this document is assigned to.
* @return boolean True if the object may be shown, false otherwise.
*/
public function check_document_permissions(&$document, $topic)
{
return $this->_on_check_document_permissions($document, $this->get_config_for_topic($topic), $topic);
}
/**
* Get the full configuration set active for a given topic.
* If no topic is passed, the system wide default configuration is returned.
@@ -495,29 +480,6 @@ public function _on_reindex($topic, $config, &$indexer)
return true;
}
/**
* Verify an indexer document's permissions. This is used for custom, advanced access control
* within a component's domain.
*
* The topic and configuration objects are passed for ease of use and performance, as they have already
* been prepared by the framework.
*
* Usually, you want to limit the visibility of a document in the search result. You can do this
* by returning false in this function, the indexer will then skip this object before returning
* the resultset to the callee. You may modify the document that has been passed, to limit the
* information available to the client, though this <i>should</i> be avoided if possible.
*
* @param midcom_services_indexer_document &$document The document to check. This object is passed by
* reference and may therefore be modified to match the current security policy.
* @param midcom_helper_configuration $config The configuration associated with the topic.
* @param MidgardTopic $topic The topic this document is assigned to.
* @return boolean True if the object may be shown, false otherwise.
*/
public function _on_check_document_permissions(&$document, $config, $topic)
{
return true;
}
/**
* This interface function is used to check whether a component can handle a given GUID
* or not. A topic is provided which limits the "scope" of the search
@@ -247,25 +247,6 @@ class midcom_services_indexer_document
*/
public $type = '';
/**
* Security mechanism used to determine the availability of a search result.
* Can be one of:
*
* - 'default': Use only built-in processing (topic and metadata visibility checks), this is, as you might have guessed, the default.
* - 'component': Invoke the _on_check_document_visible component interface method of the component after doing default checks.
* This security class absolutely requires the document to contain a valid topic GUID, otherwise access control will fail anyway.
* - 'function:$function_name': Invoke the globally available function $function_name, its signature is <i>boolean $function_name ($document, $topic)</i>,
* if you don't change the document during the check, you don't need to pass by-reference, so this is up to you. The topic passed is the
* Return true if the document is visible, false otherwise.
* - 'class:$class_name': Like above, but using a class instead. The class must provide a statically callable <i>get_instance()</i> method, which
* returns a usable instance of the class (mostly, this should be a singleton, for performance reasons). The instance returned is assigned
* by-reference. On that object, the method check_document_permissions, whose signature must be identical to the function callback.
*
* @var string
* @see midcom_baseclasses_components_interface::_on_check_document_permissions()
*/
public $security = 'default';
/**
* This is have support for #651 without rewriting all components' index methods
*
@@ -487,7 +468,6 @@ public function members_to_fields()
$this->add_text('author', $this->author);
$this->add_text('abstract', $this->abstract);
$this->add_text('__TYPE', $this->type);
$this->add_unindexed('__SECURITY', $this->security);
}
/**
@@ -519,7 +499,6 @@ public function fields_to_members()
$this->author = $this->get_field('author');
$this->abstract = $this->get_field('abstract');
$this->type = $this->get_field('__TYPE');
$this->security = $this->get_field('__SECURITY');
}
/**
View
@@ -238,7 +238,6 @@
<field name="author" type="text" indexed="true" stored="true" />
<field name="abstract" type="text" indexed="true" stored="true" />
<field name="__TYPE" type="string" indexed="false" stored="true" />
<field name="__SECURITY" type="text" indexed="false" stored="true" />
<field name="mimetype" type="textTight" indexed="true" stored="true" />
<field name="filename" type="textTight" indexed="true" stored="true" />

0 comments on commit c723755

Please sign in to comment.