[jboss-user] [JBoss Seam] - Error in Hibernate Filter With Multiple Entities

[pourmo]

Hi
We have followed the wiki hibernate search and filter examples, everyting works fine when querying a single entity, however the filter returns all records when multiple entities are passed to createFullTextQuery method.


  | public org.hibernate.search.jpa.FullTextQuery exeuteSearch(EntityManager entityManager,
  | String[] fields,String searchString,Class... entityTypes) {       
  |         org.hibernate.search.jpa.FullTextQuery query=null;
  |         if(stringBridge==null){
  |             stringBridge = new PaddedIntegerBridge();
  |         }       
  |        try{         
  |             
  |             BooleanQuery mainQuery = new BooleanQuery();
  |             
  |             BooleanQuery entityQuery = new BooleanQuery();            
  |             QueryParser parser = new MultiFieldQueryParser(fields,analyser, null);
  |             parser.setAllowLeadingWildcard(true);
  |             org.apache.lucene.search.Query contentSearch = parser.parse(searchString);
  |             entityQuery.add(contentSearch, BooleanClause.Occur.MUST);   
  |             
  |             Integer currentAccessLevel = (Integer)Component.getInstance("currentAccessLevel");
  |             System.out.println("currentAccessLevel Filter " + currentAccessLevel);
  |             org.apache.lucene.search.Query accessLimitQuery =
  |                 new ConstantScoreRangeQuery(SearchUtility.READ_ACCESS_LEVEL, null, stringBridge.objectToString(currentAccessLevel), true, true);
  |             
  |             org.apache.lucene.search.Filter accessFilter = new QueryFilter(accessLimitQuery);            
  |             org.apache.lucene.search.FilteredQuery accessFilterQuery = new org.apache.lucene.search.FilteredQuery(entityQuery, accessFilter);                                 
  |             mainQuery.add(accessFilterQuery, BooleanClause.Occur.SHOULD);                  
  | query=( (FullTextEntityManager)entityManager ).createFullTextQuery(mainQuery, entityTypes);
  |             
  |         }catch(Exception ex){
  |             
  |         }        
  |         return query;
  |    }
  | 
We are using 
JBoss 4.2.1 GA
Seam 2.0 CR1

This is very dangerous as the record are visible to all users regardless of their read access level.

Cheers
Mo

[img][/img]

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4097251#4097251

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4097251