search.rb 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. # Copyright (C) 2012-2016 Zammad Foundation, http://zammad-foundation.org/
  2. class User
  3. module Search
  4. extend ActiveSupport::Concern
  5. # methods defined here are going to extend the class, not the instance of it
  6. class_methods do
  7. =begin
  8. search user preferences
  9. result = User.search_preferences(user_model)
  10. returns if user has permissions to search
  11. result = {
  12. prio: 1000,
  13. direct_search_index: true
  14. }
  15. returns if user has no permissions to search
  16. result = false
  17. =end
  18. def search_preferences(current_user)
  19. return false if !current_user.permissions?('ticket.agent') && !current_user.permissions?('admin.user')
  20. {
  21. prio: 2000,
  22. direct_search_index: true,
  23. }
  24. end
  25. =begin
  26. search user
  27. result = User.search(
  28. query: 'some search term',
  29. limit: 15,
  30. offset: 100,
  31. current_user: user_model,
  32. )
  33. or with certain role_ids | permissions
  34. result = User.search(
  35. query: 'some search term',
  36. limit: 15,
  37. offset: 100,
  38. current_user: user_model,
  39. role_ids: [1,2,3],
  40. permissions: ['ticket.agent']
  41. )
  42. returns
  43. result = [user_model1, user_model2, ...]
  44. =end
  45. def search(params)
  46. # get params
  47. query = params[:query]
  48. limit = params[:limit] || 10
  49. offset = params[:offset] || 0
  50. current_user = params[:current_user]
  51. # enable search only for agents and admins
  52. return [] if !search_preferences(current_user)
  53. # lookup for roles of permission
  54. if params[:permissions].present?
  55. params[:role_ids] ||= []
  56. role_ids = Role.with_permissions(params[:permissions]).pluck(:id)
  57. params[:role_ids].concat(role_ids)
  58. end
  59. # try search index backend
  60. if SearchIndexBackend.enabled?
  61. query_extention = {}
  62. if params[:role_ids].present?
  63. query_extention['bool'] = {}
  64. query_extention['bool']['must'] = []
  65. if !params[:role_ids].is_a?(Array)
  66. params[:role_ids] = [params[:role_ids]]
  67. end
  68. access_condition = {
  69. 'query_string' => { 'default_field' => 'role_ids', 'query' => "\"#{params[:role_ids].join('" OR "')}\"" }
  70. }
  71. query_extention['bool']['must'].push access_condition
  72. end
  73. items = SearchIndexBackend.search(query, limit, 'User', query_extention, offset)
  74. users = []
  75. items.each do |item|
  76. user = User.lookup(id: item[:id])
  77. next if !user
  78. users.push user
  79. end
  80. return users
  81. end
  82. # fallback do sql query
  83. # - stip out * we already search for *query* -
  84. query.delete! '*'
  85. users = if params[:role_ids]
  86. User.joins(:roles).where('roles.id' => params[:role_ids]).where(
  87. '(users.firstname LIKE ? OR users.lastname LIKE ? OR users.email LIKE ? OR users.login LIKE ?) AND users.id != 1', "%#{query}%", "%#{query}%", "%#{query}%", "%#{query}%"
  88. ).order('updated_at DESC').offset(offset).limit(limit)
  89. else
  90. User.where(
  91. '(firstname LIKE ? OR lastname LIKE ? OR email LIKE ? OR login LIKE ?) AND id != 1', "%#{query}%", "%#{query}%", "%#{query}%", "%#{query}%"
  92. ).order('updated_at DESC').offset(offset).limit(limit)
  93. end
  94. users
  95. end
  96. end
  97. end
  98. end