Improve drilldown handlers and implement index permissions

This commit is contained in:
Mark Veidemanis 2022-08-26 07:20:30 +01:00
parent 6dd0674aae
commit 0e7fb8d261
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 44 additions and 54 deletions

View File

@ -392,19 +392,27 @@ def query_results(
if index == "main": if index == "main":
index = settings.OPENSEARCH_INDEX_MAIN index = settings.OPENSEARCH_INDEX_MAIN
else: else:
if request.user.is_superuser: if not request.user.has_perm(f"index_{index}"):
if index == "meta":
index = settings.OPENSEARCH_INDEX_META
elif index == "int":
index = settings.OPENSEARCH_INDEX_INT
else:
message = "Index is not valid."
message_class = "danger"
return {"message": message, "class": message_class}
else:
message = "Not permitted to search by this index" message = "Not permitted to search by this index"
message_class = "danger" message_class = "danger"
return {"message": message, "class": message_class} return {
"message": message,
"class": message_class,
"params": query_params,
}
if index == "meta":
index = settings.OPENSEARCH_INDEX_META
elif index == "int":
index = settings.OPENSEARCH_INDEX_INT
else:
message = "Index is not valid."
message_class = "danger"
return {
"message": message,
"class": message_class,
"params": query_params,
}
else: else:
index = settings.OPENSEARCH_INDEX_MAIN index = settings.OPENSEARCH_INDEX_MAIN

View File

@ -113,4 +113,6 @@ class Perms(models.Model):
("post_irc", "Can post to IRC"), ("post_irc", "Can post to IRC"),
("post_discord", "Can post to Discord"), ("post_discord", "Can post to Discord"),
("query_search", "Can search with query strings"), ("query_search", "Can search with query strings"),
("index_int", "Can use the internal index"),
("index_meta", "Can use the meta index"),
) )

View File

@ -60,16 +60,12 @@
`${field}:${value}`, `${field}:${value}`,
`${field}:"${value}"`]; `${field}:"${value}"`];
var toAppend = ` AND ${field}: "${value}"`; var toAppend = ` AND ${field}: "${value}"`;
// var toRemove = `${field}: "${value}"`;
// var tagText = `${field}: ${value}`;
} else { } else {
var combinations = [`NOT ${field}: "${value}"`, var combinations = [`NOT ${field}: "${value}"`,
`NOT ${field}: "${value}"`, `NOT ${field}: "${value}"`,
`NOT ${field}: ${value}`, `NOT ${field}: ${value}`,
`NOT ${field}:${value}`, `NOT ${field}:${value}`,
`NOT ${field}:"${value}"`]; `NOT ${field}:"${value}"`];
// var toAppend = ` AND NOT ${field}: "${value}"`;
// var toRemove = `NOT ${field}: "${value}"`;
} }
var contains = combinations.some(elem => queryElement.value.includes(elem)); var contains = combinations.some(elem => queryElement.value.includes(elem));
if (!contains) { if (!contains) {
@ -80,17 +76,8 @@
queryElement.value = queryElement.value.replaceAll("AND "+combination, ""); queryElement.value = queryElement.value.replaceAll("AND "+combination, "");
queryElement.value = queryElement.value.replaceAll(combination, ""); queryElement.value = queryElement.value.replaceAll(combination, "");
} }
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
} }
// if (!queryElement.value.includes(toAppend) && !queryElement.value.includes(toRemove)) {
// queryElement.value+=toAppend;
// } else {
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
// }
if (field == "src") { if (field == "src") {
document.getElementById("source").selectedIndex = 2; document.getElementById("source").selectedIndex = 2;
} }
@ -104,6 +91,7 @@
} }
</script> </script>
<div> <div>
{% include 'partials/notify.html' %}
<form method="POST" hx-post="{% url 'search' %}" <form method="POST" hx-post="{% url 'search' %}"
hx-trigger="change" hx-trigger="change"
hx-target="#results" hx-target="#results"

View File

@ -105,13 +105,6 @@ def drilldown_search(request, return_context=False, template=None):
query_params.update(tmp_post) query_params.update(tmp_post)
query_params.update(tmp_get) query_params.update(tmp_get)
if "index" in query_params:
if not request.user.is_superuser and not query_params["index"] == "main":
message = "You can't use the index parameter"
message_class = "danger"
context = {"message": message, "class": message_class}
return render(request, template_name, context)
# Parse the dates # Parse the dates
if "dates" in query_params: if "dates" in query_params:
dates = parse_dates(query_params["dates"]) dates = parse_dates(query_params["dates"])
@ -126,20 +119,23 @@ def drilldown_search(request, return_context=False, template=None):
if "query" in query_params: if "query" in query_params:
context = query_results(request, query_params) context = query_results(request, query_params)
# Turn the query into tags for populating the taglist
tags = create_tags(query_params["query"])
context["tags"] = tags
else: else:
context = {"object_list": []} context = {"object_list": []}
# Valid sizes
context["sizes"] = sizes
# URI we're passing to the template for linking # URI we're passing to the template for linking
if "csrfmiddlewaretoken" in query_params: if "csrfmiddlewaretoken" in query_params:
del query_params["csrfmiddlewaretoken"] del query_params["csrfmiddlewaretoken"]
url_params = urllib.parse.urlencode(query_params) url_params = urllib.parse.urlencode(query_params)
context["client_uri"] = url_params context["client_uri"] = url_params
# Turn the query into tags for populating the taglist
if "query" in query_params:
tags = create_tags(query_params["query"])
context["tags"] = tags
context["params"] = query_params context["params"] = query_params
if "message" in context: if "message" in context:
response = render(request, template_name, context) response = render(request, template_name, context)
@ -154,27 +150,23 @@ def drilldown_search(request, return_context=False, template=None):
graph = make_graph(context["object_list"]) graph = make_graph(context["object_list"])
context["data"] = graph context["data"] = graph
if context: context = make_table(context)
context["sizes"] = sizes
context = make_table(context)
# URI we're passing to the template for linking, table fields removed # URI we're passing to the template for linking, table fields removed
table_fields = ["page", "sort"] table_fields = ["page", "sort"]
clean_params = {k: v for k, v in query_params.items() if k not in table_fields} clean_params = {k: v for k, v in query_params.items() if k not in table_fields}
clean_url_params = urllib.parse.urlencode(clean_params) clean_url_params = urllib.parse.urlencode(clean_params)
context["uri"] = clean_url_params context["uri"] = clean_url_params
response = render(request, template_name, context) response = render(request, template_name, context)
if request.GET: if request.GET:
if request.htmx: if request.htmx:
response["HX-Push"] = reverse("home") + "?" + url_params
elif request.POST:
response["HX-Push"] = reverse("home") + "?" + url_params response["HX-Push"] = reverse("home") + "?" + url_params
if return_context: elif request.POST:
return context response["HX-Push"] = reverse("home") + "?" + url_params
return response if return_context:
else: return context
return HttpResponse("No results") return response
class DrilldownTableView(SingleTableView): class DrilldownTableView(SingleTableView):