From e1b18fea95d773c86479bb8f2e38f9f41172ff1c Mon Sep 17 00:00:00 2001
From: Demian Katz <demian.katz@villanova.edu>
Date: Fri, 29 Jan 2021 08:41:05 -0500
Subject: [PATCH] Add configuration for API settings. (#1838)

---
 config/vufind/Search2.ini                      |  5 +++++
 config/vufind/searches.ini                     |  9 +++++++++
 config/vufind/website.ini                      |  7 +++++++
 .../VuFind/src/VuFind/Search/Base/Options.php  | 18 ++++++++++++++++++
 .../Controller/SearchApiController.php         | 14 ++++++++++++++
 5 files changed, 53 insertions(+)

diff --git a/config/vufind/Search2.ini b/config/vufind/Search2.ini
index 5d18744c7a4..ffb9b5374ca 100644
--- a/config/vufind/Search2.ini
+++ b/config/vufind/Search2.ini
@@ -188,6 +188,11 @@ view=full
 ;content[] = IlsStatusMonitor
 content[] = FacetList:Search2
 
+[API]
+;recordAccessPermission = access.api.Record
+;searchAccessPermission = access.api.Search
+;maxLimit = 100
+
 ; ---------- facets.ini settings ----------
 
 [Results]
diff --git a/config/vufind/searches.ini b/config/vufind/searches.ini
index 4ee8c8899bd..0628b828e68 100644
--- a/config/vufind/searches.ini
+++ b/config/vufind/searches.ini
@@ -733,3 +733,12 @@ view=full
 ; and that version would be loaded when the user's language was set to German.
 content[] = IlsStatusMonitor
 content[] = FacetList
+
+; This section controls default behavior of the Search API.
+[API]
+; These permissions must be defined in permissions.ini to grant access to the API:
+recordAccessPermission = access.api.Record
+searchAccessPermission = access.api.Search
+
+; This is the maximum number of results that can be returned in a single response:
+maxLimit = 100
diff --git a/config/vufind/website.ini b/config/vufind/website.ini
index 292764405e6..c2972f29b3b 100644
--- a/config/vufind/website.ini
+++ b/config/vufind/website.ini
@@ -46,3 +46,10 @@ facet_limit = 30
 ;[Index]
 ;url             = http://localhost:8983/solr
 ;default_core    = website
+
+; This section controls default behavior of the Web Search API. Settings omitted
+; here will be inherited from searches.ini; see that file for more details.
+[API]
+;recordAccessPermission = access.api.Record
+;searchAccessPermission = access.api.Search
+;maxLimit = 100
diff --git a/module/VuFind/src/VuFind/Search/Base/Options.php b/module/VuFind/src/VuFind/Search/Base/Options.php
index 1a65680c03d..63deb18fc90 100644
--- a/module/VuFind/src/VuFind/Search/Base/Options.php
+++ b/module/VuFind/src/VuFind/Search/Base/Options.php
@@ -885,6 +885,24 @@ abstract class Options implements TranslatorAwareInterface
         return intval($this->resultLimit);
     }
 
+    /**
+     * Load all API-related settings from the relevant ini file(s).
+     *
+     * @return array
+     */
+    public function getAPISettings()
+    {
+        // Inherit defaults from searches.ini (if that is not already the
+        // configured search settings file):
+        $defaultConfig = $this->configLoader->get('searches')->API;
+        $defaultSettings = $defaultConfig ? $defaultConfig->toArray() : [];
+        $localIni = $this->getSearchIni();
+        $localConfig = ($localIni !== 'searches')
+            ? $this->configLoader->get($localIni)->API : null;
+        $localSettings = $localConfig ? $localConfig->toArray() : [];
+        return array_merge($defaultSettings, $localSettings);
+    }
+
     /**
      * Load all recommendation settings from the relevant ini file.  Returns an
      * associative array where the key is the location of the recommendations (top
diff --git a/module/VuFindApi/src/VuFindApi/Controller/SearchApiController.php b/module/VuFindApi/src/VuFindApi/Controller/SearchApiController.php
index 335d97371be..2a9e2e4ad79 100644
--- a/module/VuFindApi/src/VuFindApi/Controller/SearchApiController.php
+++ b/module/VuFindApi/src/VuFindApi/Controller/SearchApiController.php
@@ -135,6 +135,20 @@ class SearchApiController extends \VuFind\Controller\AbstractSearch
                 $this->defaultRecordFields[] = $fieldName;
             }
         }
+
+        // Load configurations from the search options class:
+        $settings = $sm->get(\VuFind\Search\Options\PluginManager::class)
+            ->get($this->searchClassId)->getAPISettings();
+
+        // Apply all supported configurations:
+        $configKeys = [
+            'recordAccessPermission', 'searchAccessPermission', 'maxLimit'
+        ];
+        foreach ($configKeys as $key) {
+            if (isset($settings[$key])) {
+                $this->$key = $settings[$key];
+            }
+        }
     }
 
     /**
-- 
GitLab