Improve drilldown handlers and implement index permissions

This commit is contained in:
Mark Veidemanis 2022-08-26 07:20:30 +01:00
parent 6dd0674aae
commit 0e7fb8d261
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 44 additions and 54 deletions

View File

@ -392,19 +392,27 @@ def query_results(
if index == "main":
index = settings.OPENSEARCH_INDEX_MAIN
else:
if request.user.is_superuser:
if index == "meta":
index = settings.OPENSEARCH_INDEX_META
elif index == "int":
index = settings.OPENSEARCH_INDEX_INT
else:
message = "Index is not valid."
message_class = "danger"
return {"message": message, "class": message_class}
else:
if not request.user.has_perm(f"index_{index}"):
message = "Not permitted to search by this index"
message_class = "danger"
return {"message": message, "class": message_class}
return {
"message": message,
"class": message_class,
"params": query_params,
}
if index == "meta":
index = settings.OPENSEARCH_INDEX_META
elif index == "int":
index = settings.OPENSEARCH_INDEX_INT
else:
message = "Index is not valid."
message_class = "danger"
return {
"message": message,
"class": message_class,
"params": query_params,
}
else:
index = settings.OPENSEARCH_INDEX_MAIN

View File

@ -113,4 +113,6 @@ class Perms(models.Model):
("post_irc", "Can post to IRC"),
("post_discord", "Can post to Discord"),
("query_search", "Can search with query strings"),
("index_int", "Can use the internal index"),
("index_meta", "Can use the meta index"),
)

View File

@ -60,16 +60,12 @@
`${field}:${value}`,
`${field}:"${value}"`];
var toAppend = ` AND ${field}: "${value}"`;
// var toRemove = `${field}: "${value}"`;
// var tagText = `${field}: ${value}`;
} else {
var combinations = [`NOT ${field}: "${value}"`,
`NOT ${field}: "${value}"`,
`NOT ${field}: ${value}`,
`NOT ${field}:${value}`,
`NOT ${field}:"${value}"`];
// var toAppend = ` AND NOT ${field}: "${value}"`;
// var toRemove = `NOT ${field}: "${value}"`;
}
var contains = combinations.some(elem => queryElement.value.includes(elem));
if (!contains) {
@ -80,17 +76,8 @@
queryElement.value = queryElement.value.replaceAll("AND "+combination, "");
queryElement.value = queryElement.value.replaceAll(combination, "");
}
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
}
// if (!queryElement.value.includes(toAppend) && !queryElement.value.includes(toRemove)) {
// queryElement.value+=toAppend;
// } else {
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
// }
if (field == "src") {
document.getElementById("source").selectedIndex = 2;
}
@ -104,6 +91,7 @@
}
</script>
<div>
{% include 'partials/notify.html' %}
<form method="POST" hx-post="{% url 'search' %}"
hx-trigger="change"
hx-target="#results"

View File

@ -105,13 +105,6 @@ def drilldown_search(request, return_context=False, template=None):
query_params.update(tmp_post)
query_params.update(tmp_get)
if "index" in query_params:
if not request.user.is_superuser and not query_params["index"] == "main":
message = "You can't use the index parameter"
message_class = "danger"
context = {"message": message, "class": message_class}
return render(request, template_name, context)
# Parse the dates
if "dates" in query_params:
dates = parse_dates(query_params["dates"])
@ -126,20 +119,23 @@ def drilldown_search(request, return_context=False, template=None):
if "query" in query_params:
context = query_results(request, query_params)
# Turn the query into tags for populating the taglist
tags = create_tags(query_params["query"])
context["tags"] = tags
else:
context = {"object_list": []}
# Valid sizes
context["sizes"] = sizes
# URI we're passing to the template for linking
if "csrfmiddlewaretoken" in query_params:
del query_params["csrfmiddlewaretoken"]
url_params = urllib.parse.urlencode(query_params)
context["client_uri"] = url_params
# Turn the query into tags for populating the taglist
if "query" in query_params:
tags = create_tags(query_params["query"])
context["tags"] = tags
context["params"] = query_params
if "message" in context:
response = render(request, template_name, context)
@ -154,27 +150,23 @@ def drilldown_search(request, return_context=False, template=None):
graph = make_graph(context["object_list"])
context["data"] = graph
if context:
context["sizes"] = sizes
context = make_table(context)
context = make_table(context)
# URI we're passing to the template for linking, table fields removed
table_fields = ["page", "sort"]
clean_params = {k: v for k, v in query_params.items() if k not in table_fields}
clean_url_params = urllib.parse.urlencode(clean_params)
context["uri"] = clean_url_params
# URI we're passing to the template for linking, table fields removed
table_fields = ["page", "sort"]
clean_params = {k: v for k, v in query_params.items() if k not in table_fields}
clean_url_params = urllib.parse.urlencode(clean_params)
context["uri"] = clean_url_params
response = render(request, template_name, context)
if request.GET:
if request.htmx:
response["HX-Push"] = reverse("home") + "?" + url_params
elif request.POST:
response = render(request, template_name, context)
if request.GET:
if request.htmx:
response["HX-Push"] = reverse("home") + "?" + url_params
if return_context:
return context
return response
else:
return HttpResponse("No results")
elif request.POST:
response["HX-Push"] = reverse("home") + "?" + url_params
if return_context:
return context
return response
class DrilldownTableView(SingleTableView):