Smart facet value escaping

2025-10-23 18:03:17 +00:00 · 2015-03-19 13:38:20 +01:00
parent a6d1a275a9
commit b1a03ae566
3 changed files with 23 additions and 11 deletions
--- a/lib/Alchemy/Phrasea/SearchEngine/Elastic/Search/FacetsResponse.php
+++ b/lib/Alchemy/Phrasea/SearchEngine/Elastic/Search/FacetsResponse.php
@@ -7,10 +7,13 @@ use JsonSerializable;

 class FacetsResponse implements JsonSerializable
 {
+    private $escaper;
    private $facets = array();

-    public function __construct(array $response)
+    public function __construct(Escaper $escaper, array $response)
    {
+        $this->escaper = $escaper;
+
        if (!isset($response['aggregations'])) {
            return;
        }
@@ -47,12 +50,10 @@ class FacetsResponse implements JsonSerializable

    private function buildQuery($name, $value)
    {
-        // Strip double quotes from values to prevent broken queries
-        $value = str_replace('/"/u', ' ', $value);
-        // TODO escape value when escaping is supported in query parser
+        $value = $this->escaper->escapeWord($value);
        return ($name === 'Collection') ?
-            sprintf('collection:"%s"', $value) :
-            sprintf('"%s" IN %s', $value, $name);
+            sprintf('collection:%s', $value) :
+            sprintf('%s IN %s', $value, $name);
    }

    private function throwAggregationResponseError()