@@ -282,41 +282,66 @@ public Object getEntity(EntityReference ref) {
282282 public List <?> getEntities (EntityReference ref , Search search ) {
283283 Collection <User > users = new ArrayList <User >();
284284
285- // fix up the search limits
286- if (search .getLimit () > 50 || search .getLimit () == 0 ) {
287- search .setLimit (50 );
285+ // Default and cap the limit
286+ long limit = search .getLimit ();
287+ // Allow configuration of the maximum results per page, default 50
288+ int maxLimit = developerHelperService .getConfigurationSetting ("entity.users.maxlimit" , 50 );
289+ if (limit <= 0 || limit > maxLimit ) {
290+ limit = maxLimit ;
288291 }
289- if (search .getStart () == 0 || search .getStart () > 49 ) {
290- search .setStart (1 );
292+
293+ // Ensure start is at least 1 (assuming Search uses 1-based indexing)
294+ long start = search .getStart ();
295+ if (start <= 0 ) {
296+ start = 1 ;
291297 }
292298
299+ // Calculate 'first' and 'last' for UDS methods (which seem to be 1-based index range)
300+ // NOTE: UDS methods expect int, potential overflow if start/limit are huge, though unlikely with maxLimit
301+ int first = (int ) start ;
302+ // Calculate the index of the last item needed
303+ int last = (int ) (start + limit - 1 );
304+
293305 // get the search restrictions out
294306 Restriction restrict = search .getRestrictionByProperty ("email" );
295307 if (restrict != null ) {
296- // search users by email
308+ // search users by email - This method doesn't support pagination directly.
309+ // Maintain original behavior: fetch all matching, pagination parameters are ignored.
310+ log .warn ("Pagination (_start, _limit) is ignored when searching users by email via UserEntityProvider.getEntities" );
297311 users = userDirectoryService .findUsersByEmail (restrict .value .toString ());
298- }
299- if (restrict == null ) {
312+ } else { // No email restriction, handle other searches or listing
300313 restrict = search .getRestrictionByProperty ("eid" );
301314 if (restrict == null ) {
302315 restrict = search .getRestrictionByProperty ("search" );
303316 }
304317 if (restrict == null ) {
305318 restrict = search .getRestrictionByProperty ("criteria" );
306319 }
320+
307321 if (restrict != null ) {
308- // search users but match
309- users = userDirectoryService .searchUsers (restrict .value + "" , (int ) search .getStart (), (int ) search .getLimit ());
322+ // search users using the calculated first/last
323+ log .debug ("Searching users with criteria '{}', first={}, last={}" , restrict .value , first , last );
324+ users = userDirectoryService .searchUsers (restrict .value + "" , first , last );
325+ } else {
326+ // No restriction, list users using the calculated first/last
327+ log .debug ("Listing users with first={}, last={}" , first , last );
328+ users = userDirectoryService .getUsers (first , last );
310329 }
311330 }
312- if (restrict == null ) {
313- users = userDirectoryService .getUsers ((int ) search .getStart (), (int ) search .getLimit ());
314- }
331+
315332 // convert these into EntityUser objects
316333 List <EntityUser > entityUsers = new ArrayList <>();
317334 boolean hasProfile = hasProfile ();
335+ String currentRequestingUserId = developerHelperService .getCurrentUserId (); // Get once for logging efficiency
318336 for (User user : users ) {
319- entityUsers .add ( convertUser (ref , user , hasProfile ) );
337+ // Apply permission checks during conversion
338+ try {
339+ entityUsers .add (convertUser (ref , user , hasProfile ));
340+ } catch (SecurityException e ) {
341+ // Log users the current user cannot see, but continue processing others
342+ log .debug ("User {} cannot view user {} due to SecurityException, skipping. Message: {}" ,
343+ currentRequestingUserId , user .getId (), e .getMessage ());
344+ }
320345 }
321346 return entityUsers ;
322347 }
@@ -685,3 +710,4 @@ private boolean userIdExplicitOnly() {
685710 }
686711
687712}
713+
0 commit comments