2016-10-19 03:11:36 +00:00
# Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
2013-08-19 06:29:49 +00:00
2015-04-27 20:55:17 +00:00
class User
2015-04-27 20:49:17 +00:00
module Search
2018-04-26 08:55:53 +00:00
extend ActiveSupport :: Concern
# methods defined here are going to extend the class, not the instance of it
class_methods do
2013-08-19 06:29:49 +00:00
= begin
2015-08-16 00:53:27 +00:00
search user preferences
result = User . search_preferences ( user_model )
returns if user has permissions to search
result = {
prio : 1000 ,
direct_search_index : true
}
returns if user has no permissions to search
result = false
= end
2018-04-26 08:55:53 +00:00
def search_preferences ( current_user )
return false if ! current_user . permissions? ( 'ticket.agent' ) && ! current_user . permissions? ( 'admin.user' )
2018-10-09 06:17:41 +00:00
2018-04-26 08:55:53 +00:00
{
2018-12-19 17:31:51 +00:00
prio : 2000 ,
2018-04-26 08:55:53 +00:00
direct_search_index : true ,
}
end
2015-08-16 00:53:27 +00:00
= begin
2013-08-19 06:29:49 +00:00
search user
result = User . search (
2016-08-12 16:39:09 +00:00
query : 'some search term' ,
2015-11-30 12:13:27 +00:00
limit : 15 ,
2018-04-13 07:22:55 +00:00
offset : 100 ,
2015-11-30 12:13:27 +00:00
current_user : user_model ,
2013-08-19 06:29:49 +00:00
)
2017-09-11 00:50:05 +00:00
or with certain role_ids | permissions
result = User . search (
query : 'some search term' ,
limit : 15 ,
2018-04-13 07:22:55 +00:00
offset : 100 ,
2017-09-11 00:50:05 +00:00
current_user : user_model ,
role_ids : [ 1 , 2 , 3 ] ,
2021-03-19 13:32:03 +00:00
group_ids : [ 1 , 2 , 3 ] ,
2017-09-11 00:50:05 +00:00
permissions : [ 'ticket.agent' ]
2018-07-18 14:00:06 +00:00
# sort single column
sort_by : 'created_at' ,
order_by : 'asc' ,
# sort multiple columns
sort_by : [ 'created_at' , 'updated_at' ] ,
order_by : [ 'asc' , 'desc' ] ,
2017-09-11 00:50:05 +00:00
)
2013-08-19 06:29:49 +00:00
returns
result = [ user_model1 , user_model2 , ... ]
= end
2018-04-26 08:55:53 +00:00
def search ( params )
2015-04-27 20:49:17 +00:00
2018-04-26 08:55:53 +00:00
# get params
query = params [ :query ]
limit = params [ :limit ] || 10
offset = params [ :offset ] || 0
current_user = params [ :current_user ]
2015-04-27 20:49:17 +00:00
2020-10-30 07:59:32 +00:00
sql_helper = :: SqlHelper . new ( object : self )
2019-06-20 10:45:27 +00:00
# check sort - positions related to order by
2020-10-30 07:59:32 +00:00
sort_by = sql_helper . get_sort_by ( params , %w[ active updated_at ] )
2018-07-18 14:00:06 +00:00
2019-06-20 10:45:27 +00:00
# check order - positions related to sort by
2020-10-30 07:59:32 +00:00
order_by = sql_helper . get_order_by ( params , %w[ desc desc ] )
2018-07-18 14:00:06 +00:00
2018-04-26 08:55:53 +00:00
# enable search only for agents and admins
return [ ] if ! search_preferences ( current_user )
2015-04-27 20:49:17 +00:00
2018-04-26 08:55:53 +00:00
# lookup for roles of permission
if params [ :permissions ] . present?
params [ :role_ids ] || = [ ]
role_ids = Role . with_permissions ( params [ :permissions ] ) . pluck ( :id )
params [ :role_ids ] . concat ( role_ids )
end
2017-09-11 00:50:05 +00:00
2018-04-26 08:55:53 +00:00
# try search index backend
if SearchIndexBackend . enabled?
2018-11-06 16:11:10 +00:00
query_extension = { }
2018-04-26 08:55:53 +00:00
if params [ :role_ids ] . present?
2021-03-19 13:32:03 +00:00
query_extension [ 'bool' ] || = { }
query_extension [ 'bool' ] [ 'must' ] || = [ ]
2018-04-26 08:55:53 +00:00
if ! params [ :role_ids ] . is_a? ( Array )
params [ :role_ids ] = [ params [ :role_ids ] ]
end
access_condition = {
'query_string' = > { 'default_field' = > 'role_ids' , 'query' = > " \" #{ params [ :role_ids ] . join ( '" OR "' ) } \" " }
}
2018-11-06 16:11:10 +00:00
query_extension [ 'bool' ] [ 'must' ] . push access_condition
2017-09-11 00:50:05 +00:00
end
2021-03-19 13:32:03 +00:00
if params [ :group_ids ] . present?
query_extension [ 'bool' ] || = { }
query_extension [ 'bool' ] [ 'must' ] || = [ ]
user_ids = [ ]
params [ :group_ids ] . each do | group_id , access |
user_ids |= User . group_access ( group_id . to_i , access ) . pluck ( :id )
end
return [ ] if user_ids . blank?
query_extension [ 'bool' ] [ 'must' ] . push ( { 'terms' = > { '_id' = > user_ids } } )
end
2018-11-06 16:11:10 +00:00
2018-12-19 17:31:51 +00:00
items = SearchIndexBackend . search ( query , 'User' , limit : limit ,
2018-11-06 16:11:10 +00:00
query_extension : query_extension ,
2018-12-19 17:31:51 +00:00
from : offset ,
sort_by : sort_by ,
order_by : order_by )
2018-04-26 08:55:53 +00:00
users = [ ]
items . each do | item |
user = User . lookup ( id : item [ :id ] )
next if ! user
2018-10-09 06:17:41 +00:00
2018-04-26 08:55:53 +00:00
users . push user
end
return users
2017-10-01 12:25:52 +00:00
end
2015-04-27 20:49:17 +00:00
2020-10-30 07:59:32 +00:00
order_sql = sql_helper . get_order ( sort_by , order_by , 'users.updated_at DESC' )
2018-07-18 14:00:06 +00:00
2018-04-26 08:55:53 +00:00
# fallback do sql query
# - stip out * we already search for *query* -
query . delete! '*'
2021-03-19 13:32:03 +00:00
statement = User
2020-07-07 06:30:20 +00:00
if params [ :role_ids ]
2021-03-19 13:32:03 +00:00
statement = statement . joins ( :roles ) . where ( 'roles.id' = > params [ :role_ids ] )
end
if params [ :group_ids ]
user_ids = [ ]
params [ :group_ids ] . each do | group_id , access |
user_ids |= User . group_access ( group_id . to_i , access ) . pluck ( :id )
end
statement = if user_ids . present?
statement . where ( id : user_ids )
else
statement . none
end
2020-07-07 06:30:20 +00:00
end
2021-03-19 13:32:03 +00:00
statement . where (
'(users.firstname LIKE ? OR users.lastname LIKE ? OR users.email LIKE ? OR users.login LIKE ?) AND users.id != 1' , " % #{ query } % " , " % #{ query } % " , " % #{ query } % " , " % #{ query } % "
)
. order ( Arel . sql ( order_sql ) )
. offset ( offset )
. limit ( limit )
2018-04-26 08:55:53 +00:00
end
2014-01-29 23:55:25 +00:00
end
2013-08-19 06:29:49 +00:00
end
2014-02-03 19:23:00 +00:00
end