<?php
// $Id: apachesolr_nodeaccess.module,v 1.4.2.2 2009-09-28 15:03:47 damienvancouver Exp $

/**
 * Implementation of apachesolr_update_index
 */
function apachesolr_nodeaccess_apachesolr_update_index(&$document, $node) {
  if (count(module_implements('node_grants'))) {
    // Get node access grants
    $result = db_query('SELECT * from {node_access} WHERE nid = %d AND grant_view = 1', $node->nid);
    while ($grant = db_fetch_object($result)) {
      $key = 'nodeaccess_'. $grant->realm;
      $document->setMultiValue($key, $grant->gid);
    }
  }
}

  /**
   * Implementation of apachesolr_attachments_update_index
   */
  function apachesolr_nodeaccess_apachesolr_attachments_update_index(&$document, $node, &$file) {
    // Just call the regular update_index function
    return apachesolr_nodeaccess_apachesolr_update_index($document,$node);
  }

/**
 * Creates a Solr query for a given user
 *
 * @param $account an account to get grants for and build a solr query
 */
function _apachesolr_nodeaccess_build_subquery($account) {
  if (!user_access('administer nodes', $account) && count(module_implements('node_grants'))) {
    // Get node access perms
    $node_access_query = "";
    $node_access_query = new Solr_Base_Query('', 'OR');
    $grants = node_access_grants('view', $account->uid);
    if (empty($grants)) {
      // If they can't see any content, we might as well not bother searching.
      // Catch the exception to null out the query.
      throw new Exception("This user cannot access any content!");
    }

    foreach ($grants as $realm => $gids) {
      foreach ($gids as $gid) {
        $node_access_query->add_field('nodeaccess_' . $realm, $gid);
      }
    }
    return $node_access_query;
  }
  return NULL;
}

/**
 * Implementation of hook_apachesolr_modify_query().
 */
function apachesolr_nodeaccess_apachesolr_modify_query(&$query, &$params) {
   global $user;
   
   try {
    $subquery = _apachesolr_nodeaccess_build_subquery($user);
  } catch (Exception $e) {
    $query = NULL;
    watchdog("apachesolr_nodeaccess", 'User %name (UID:!uid) is not allowed to access any content', array('%name' => $user->name, '!uid' => $user->uid));
    return;
  }
  if (!empty($subquery)) {
    $query->add_subquery($subquery, 'AND');
  }
}

/**
 * Implementation of hook_nodeapi().
 *
 * Listen to this hook to find out when a node is being saved.
 */
function apachesolr_nodeaccess_nodeapi(&$node, $op) {
  switch ($op) {
    case 'insert':
    case 'update':
      // hook_nodeapi() is called before hook_node_access_records() in node_save().
      $node->apachesolr_nodeaccess_ignore = 1;
      break;
  }
}

/**
 * Implementation of hook_node_access_records().
 *
 * Listen to this hook to find out when a node needs to be re-indexed
 * for its node access grants.
 */
function apachesolr_nodeaccess_node_access_records($node) {
  // node_access_needs_rebuild() will usually be TRUE during a
  // full rebuild.
  // In Drupal 5 there is no checking for this, so removing it for now.
  if (empty($node->apachesolr_nodeaccess_ignore)) { // Removed, From Drupal 6 version && !node_access_needs_rebuild()) {
    db_query('UPDATE {node} SET changed = %d WHERE nid = %d', time(), $node->nid);
  }
}

/**
 * Implementation of hook_form_alter().
 */
function apachesolr_nodeaccess_form_alter($form_id, &$form) {
  if ($form_id == 'node_configure_rebuild_confirm') {
    $form['#submit'][] = 'apachesolr_nodeaccess_rebuild_nodeaccess';
  }
}

/**
 * Forces Solr to do a total re-index.
 * This is unfortunate because not every node is going to be affected, but there is little we can do.
 */
function apachesolr_nodeaccess_rebuild_nodeaccess(&$form, $form_state) {
  drupal_set_message(t('Solr search index will be rebuilt.'));
  node_access_rebuild();  
  // TODO This affects EVERY node in the solr, not just ones for this site!
  ApacheSolrUpdate::reset('apachesolr');   
}