Oihana PHP Arango

FederatedSearchController extends Controller uses AuthorizationContextTrait, DocumentsControllerCapabilitiesTrait, OutputDocumentsTrait, PermissionAuthorizerTrait, PrepareParamTrait

The read-only HTTP entry point of the federated multi-collection search.

Where DocumentsController exposes one model over a single collection, this controller exposes a whole FederatedSearch engine — one search bar over several collections at once (customers, products, sellers, places, …), returning a single list ranked by relevance. It is the plug that turns an HTTP request into the engine $init, runs the engine, and renders the JSON; the engine itself does the work (find + rebuild + per-collection permission gate, lots C1–C4).

It mirrors DocumentsController exactly, only it holds a FederatedSearch (resolved as a DI service) instead of a Documents model, and exposes the single read action search():

GET /search?search=dupont&limit=25&offset=0&skin=compact
→ { data: [ { collection, score, document }, … ], count, options: { total }, url }

Security is already wired by the engine (lot C4). As DocumentsController does, this controller resolves the request enforcer + subject resolver from the container, builds a request-scoped Closure(string $subject): bool (PermissionAuthorizerTrait::buildPermissionAuthorizer()) and poses it under Arango::AUTHORIZER in the engine $init; the engine consults it on its own to gate the searchable collections per request. With no enforcer / resolver (tests, CLI, auth disabled) the authorizer is null and the gate falls open — behaviour unchanged. The query-param capability gating (search / skin) is reused verbatim from DocumentsControllerCapabilitiesTrait.

Tags
author

Marc Alcaraz (ekameleon)

since
1.3.0

Table of Contents

Constants

ENGINE  : string = 'engine'
Initialization key carrying the {@see FederatedSearch} engine — a service id resolved from the container, or an instance passed verbatim.
SEARCH  : string = 'search'
The controller method bound to the federated search route.

Properties

$engine  : FederatedSearch|null
The federated search engine this controller exposes, or null when none was configured (the action then returns an empty result set).

Methods

__construct()  : mixed
Creates a new FederatedSearchController instance.
search()  : mixed
Runs a federated search across every authorized collection and renders the ranked result page.
initializeAuthorizationContext()  : static
Resolves the capability enforcer and the permission-subject resolver from the container (each guarded by an `instanceof`, null when absent) and wires them through `initializeCapabilities()` and `initializePermissionSubjectResolver()`.
initializeEngine()  : static
Resolves the {@see FederatedSearch} engine: an instance passed verbatim, or a container service id resolved through the container. Any other value leaves the controller without an engine.

Constants

ENGINE

Initialization key carrying the {@see FederatedSearch} engine — a service id resolved from the container, or an instance passed verbatim.

public string ENGINE = 'engine'

Properties

$engine

The federated search engine this controller exposes, or null when none was configured (the action then returns an empty result set).

protected FederatedSearch|null $engine = null

Methods

__construct()

Creates a new FederatedSearchController instance.

public __construct(Container $container[, array<string, mixed> $init = [] ]) : mixed
Parameters
$container : Container

The DI Container reference.

$init : array<string, mixed> = []

The optional properties to initialize the object, including self::ENGINE (the FederatedSearch service id or instance).

Tags
throws
ContainerExceptionInterface
NotFoundExceptionInterface
DependencyException
NotFoundException
ReflectionException

search()

Runs a federated search across every authorized collection and renders the ranked result page.

public search([ServerRequestInterface|null $request = null ][, ResponseInterface|null $response = null ][, array<string, mixed> $args = [] ][, array<string, mixed> $init = [] ]) : mixed

The query term, pagination and skin are read from the request (the capability-aware overrides clear a forbidden search / downgrade a forbidden skin); the request authorizer is posed under Arango::AUTHORIZER so the engine gates the searchable collections; the engine then returns the page ({ collection, score, document } rows) and the total count for pagination.

Ex: ../search?search=dupont&limit=25&offset=0&skin=compact

Parameters
$request : ServerRequestInterface|null = null

The PSR-7 request.

$response : ResponseInterface|null = null

The PSR-7 response.

$args : array<string, mixed> = []

The route arguments.

$init : array<string, mixed> = []

The optional call overrides.

Tags
throws
ContainerExceptionInterface
NotFoundExceptionInterface

initializeAuthorizationContext()

Resolves the capability enforcer and the permission-subject resolver from the container (each guarded by an `instanceof`, null when absent) and wires them through `initializeCapabilities()` and `initializePermissionSubjectResolver()`.

protected initializeAuthorizationContext([array<string, mixed> $init = [] ]) : static
Parameters
$init : array<string, mixed> = []

Same array passed to the controller constructor.

Tags
throws
DependencyException
NotFoundException
Return values
static

initializeEngine()

Resolves the {@see FederatedSearch} engine: an instance passed verbatim, or a container service id resolved through the container. Any other value leaves the controller without an engine.

protected initializeEngine([array<string, mixed> $init = [] ]) : static
Parameters
$init : array<string, mixed> = []
Tags
throws
DependencyException
NotFoundException
ContainerExceptionInterface
NotFoundExceptionInterface
Return values
static
On this page

Search results