Improve drilldown handlers and implement index permissions
This commit is contained in:
parent
6dd0674aae
commit
0e7fb8d261
|
@ -392,7 +392,14 @@ def query_results(
|
|||
if index == "main":
|
||||
index = settings.OPENSEARCH_INDEX_MAIN
|
||||
else:
|
||||
if request.user.is_superuser:
|
||||
if not request.user.has_perm(f"index_{index}"):
|
||||
message = "Not permitted to search by this index"
|
||||
message_class = "danger"
|
||||
return {
|
||||
"message": message,
|
||||
"class": message_class,
|
||||
"params": query_params,
|
||||
}
|
||||
if index == "meta":
|
||||
index = settings.OPENSEARCH_INDEX_META
|
||||
elif index == "int":
|
||||
|
@ -400,11 +407,12 @@ def query_results(
|
|||
else:
|
||||
message = "Index is not valid."
|
||||
message_class = "danger"
|
||||
return {"message": message, "class": message_class}
|
||||
else:
|
||||
message = "Not permitted to search by this index"
|
||||
message_class = "danger"
|
||||
return {"message": message, "class": message_class}
|
||||
return {
|
||||
"message": message,
|
||||
"class": message_class,
|
||||
"params": query_params,
|
||||
}
|
||||
|
||||
else:
|
||||
index = settings.OPENSEARCH_INDEX_MAIN
|
||||
|
||||
|
|
|
@ -113,4 +113,6 @@ class Perms(models.Model):
|
|||
("post_irc", "Can post to IRC"),
|
||||
("post_discord", "Can post to Discord"),
|
||||
("query_search", "Can search with query strings"),
|
||||
("index_int", "Can use the internal index"),
|
||||
("index_meta", "Can use the meta index"),
|
||||
)
|
||||
|
|
|
@ -60,16 +60,12 @@
|
|||
`${field}:${value}`,
|
||||
`${field}:"${value}"`];
|
||||
var toAppend = ` AND ${field}: "${value}"`;
|
||||
// var toRemove = `${field}: "${value}"`;
|
||||
// var tagText = `${field}: ${value}`;
|
||||
} else {
|
||||
var combinations = [`NOT ${field}: "${value}"`,
|
||||
`NOT ${field}: "${value}"`,
|
||||
`NOT ${field}: ${value}`,
|
||||
`NOT ${field}:${value}`,
|
||||
`NOT ${field}:"${value}"`];
|
||||
// var toAppend = ` AND NOT ${field}: "${value}"`;
|
||||
// var toRemove = `NOT ${field}: "${value}"`;
|
||||
}
|
||||
var contains = combinations.some(elem => queryElement.value.includes(elem));
|
||||
if (!contains) {
|
||||
|
@ -80,17 +76,8 @@
|
|||
queryElement.value = queryElement.value.replaceAll("AND "+combination, "");
|
||||
queryElement.value = queryElement.value.replaceAll(combination, "");
|
||||
}
|
||||
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
|
||||
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
|
||||
|
||||
}
|
||||
// if (!queryElement.value.includes(toAppend) && !queryElement.value.includes(toRemove)) {
|
||||
// queryElement.value+=toAppend;
|
||||
// } else {
|
||||
// queryElement.value = queryElement.value.replaceAll(toAppend, "");
|
||||
// queryElement.value = queryElement.value.replaceAll(toRemove, "");
|
||||
|
||||
// }
|
||||
if (field == "src") {
|
||||
document.getElementById("source").selectedIndex = 2;
|
||||
}
|
||||
|
@ -104,6 +91,7 @@
|
|||
}
|
||||
</script>
|
||||
<div>
|
||||
{% include 'partials/notify.html' %}
|
||||
<form method="POST" hx-post="{% url 'search' %}"
|
||||
hx-trigger="change"
|
||||
hx-target="#results"
|
||||
|
|
|
@ -105,13 +105,6 @@ def drilldown_search(request, return_context=False, template=None):
|
|||
query_params.update(tmp_post)
|
||||
query_params.update(tmp_get)
|
||||
|
||||
if "index" in query_params:
|
||||
if not request.user.is_superuser and not query_params["index"] == "main":
|
||||
message = "You can't use the index parameter"
|
||||
message_class = "danger"
|
||||
context = {"message": message, "class": message_class}
|
||||
return render(request, template_name, context)
|
||||
|
||||
# Parse the dates
|
||||
if "dates" in query_params:
|
||||
dates = parse_dates(query_params["dates"])
|
||||
|
@ -126,20 +119,23 @@ def drilldown_search(request, return_context=False, template=None):
|
|||
|
||||
if "query" in query_params:
|
||||
context = query_results(request, query_params)
|
||||
|
||||
# Turn the query into tags for populating the taglist
|
||||
tags = create_tags(query_params["query"])
|
||||
context["tags"] = tags
|
||||
else:
|
||||
context = {"object_list": []}
|
||||
|
||||
# Valid sizes
|
||||
context["sizes"] = sizes
|
||||
|
||||
# URI we're passing to the template for linking
|
||||
if "csrfmiddlewaretoken" in query_params:
|
||||
del query_params["csrfmiddlewaretoken"]
|
||||
|
||||
url_params = urllib.parse.urlencode(query_params)
|
||||
context["client_uri"] = url_params
|
||||
|
||||
# Turn the query into tags for populating the taglist
|
||||
if "query" in query_params:
|
||||
tags = create_tags(query_params["query"])
|
||||
context["tags"] = tags
|
||||
|
||||
context["params"] = query_params
|
||||
if "message" in context:
|
||||
response = render(request, template_name, context)
|
||||
|
@ -154,8 +150,6 @@ def drilldown_search(request, return_context=False, template=None):
|
|||
graph = make_graph(context["object_list"])
|
||||
context["data"] = graph
|
||||
|
||||
if context:
|
||||
context["sizes"] = sizes
|
||||
context = make_table(context)
|
||||
|
||||
# URI we're passing to the template for linking, table fields removed
|
||||
|
@ -173,8 +167,6 @@ def drilldown_search(request, return_context=False, template=None):
|
|||
if return_context:
|
||||
return context
|
||||
return response
|
||||
else:
|
||||
return HttpResponse("No results")
|
||||
|
||||
|
||||
class DrilldownTableView(SingleTableView):
|
||||
|
|
Loading…
Reference in New Issue