Add more comments about source parsing
This commit is contained in:
parent
7d0ebf87bd
commit
2050e6cb47
GPG Key ID:
5ACFCEED46C0904F
|
|
@ -542,6 +542,10 @@ class ElasticsearchBackend(StorageBackend):
|
||||||
total_sources = (
|
total_sources = (
|
||||||
len(settings.MAIN_SOURCES) - 1 + len(settings.SOURCES_RESTRICTED)
|
len(settings.MAIN_SOURCES) - 1 + len(settings.SOURCES_RESTRICTED)
|
||||||
)
|
)
|
||||||
|
|
||||||
|
# If the sources the user has access to are equal to all
|
||||||
|
# possible sources, then we don't need to add the source
|
||||||
|
# filter to the query.
|
||||||
if total_count != total_sources:
|
if total_count != total_sources:
|
||||||
add_top_tmp = {"bool": {"should": []}}
|
add_top_tmp = {"bool": {"should": []}}
|
||||||
for source_iter in sources:
|
for source_iter in sources:
|
||||||
|
|
|
||||||
|
|
@ -98,6 +98,7 @@ def parse_source(user, query_params, raise_error=False):
|
||||||
if "source" in query_params:
|
if "source" in query_params:
|
||||||
source = query_params["source"]
|
source = query_params["source"]
|
||||||
|
|
||||||
|
# Validate permissions for restricted sources
|
||||||
if source in settings.SOURCES_RESTRICTED:
|
if source in settings.SOURCES_RESTRICTED:
|
||||||
if not user.has_perm("core.restricted_sources"):
|
if not user.has_perm("core.restricted_sources"):
|
||||||
message = f"Access denied: {source}"
|
message = f"Access denied: {source}"
|
||||||
|
|
@ -105,6 +106,8 @@ def parse_source(user, query_params, raise_error=False):
|
||||||
raise QueryError(message)
|
raise QueryError(message)
|
||||||
message_class = "danger"
|
message_class = "danger"
|
||||||
return {"message": message, "class": message_class}
|
return {"message": message, "class": message_class}
|
||||||
|
|
||||||
|
# Check validity of source
|
||||||
elif source not in settings.MAIN_SOURCES:
|
elif source not in settings.MAIN_SOURCES:
|
||||||
message = f"Invalid source: {source}"
|
message = f"Invalid source: {source}"
|
||||||
if raise_error:
|
if raise_error:
|
||||||
|
|
@ -118,11 +121,17 @@ def parse_source(user, query_params, raise_error=False):
|
||||||
if source:
|
if source:
|
||||||
sources = [source]
|
sources = [source]
|
||||||
else:
|
else:
|
||||||
|
# Here we need to populate what "all" means for the user.
|
||||||
|
# They may only have access to a subset of the sources.
|
||||||
|
# We build a custom source list with ones they have access
|
||||||
|
# to, and then remove "all" from the list.
|
||||||
sources = list(settings.MAIN_SOURCES)
|
sources = list(settings.MAIN_SOURCES)
|
||||||
if user.has_perm("core.restricted_sources"):
|
if user.has_perm("core.restricted_sources"):
|
||||||
|
# If the user can use restricted sources, add them in.
|
||||||
for source_iter in settings.SOURCES_RESTRICTED:
|
for source_iter in settings.SOURCES_RESTRICTED:
|
||||||
sources.append(source_iter)
|
sources.append(source_iter)
|
||||||
|
|
||||||
|
# Get rid of "all", it's just a meta-source
|
||||||
if "all" in sources:
|
if "all" in sources:
|
||||||
sources.remove("all")
|
sources.remove("all")
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue