Fix hashing with 4chan

2 years ago · 38b712ac9a
parent b8a08f9615
commit 38b712ac9a
3 changed files with 22 additions and 9 deletions
--- a/core/lib/opensearch.py
+++ b/core/lib/opensearch.py
@ -244,6 +244,7 @@ def run_main_query(client, user, query, custom_query=False, index=None, size=Non

 def parse_results(results):
    results_parsed = []
+    stringify = ["host", "channel"]
    if "hits" in results.keys():
        if "hits" in results["hits"]:
            for item in results["hits"]["hits"]:
@ -254,6 +255,9 @@ def parse_results(results):
                else:
                    return False
                element = item[data_index]
+                for field in stringify:
+                    if field in element:
+                        element[field] = str(element[field])
                # Why are fields in lists...
                if data_index == "fields":
                    element = {k: v[0] for k, v in element.items() if len(v)}
@ -319,7 +323,7 @@ def query_results(
            denied_q = hash_lookup(request.user, query_params)
            denied.extend(denied_q)
            if tags:
-                denied_t = hash_lookup(request.user, tags)
+                denied_t = hash_lookup(request.user, tags, query_params)
                denied.extend(denied_t)

    message = "Permission denied: "
--- a/core/views/helpers.py
+++ b/core/views/helpers.py
@ -211,11 +211,19 @@ def hash_list(user, data, hash_keys=False):
        r.hmset(cache, hash_table)


-def hash_lookup(user, data_dict):
+def hash_lookup(user, data_dict, supplementary_data=None):
    cache = "cache.hash"
    hash_list = SortedSet()
    denied = []
    for key, value in list(data_dict.items()):
+        print("DATA DICT", data_dict)
+        if "source" in data_dict:
+            if data_dict["source"] in settings.SAFE_SOURCES:
+                continue
+        if supplementary_data:
+            if "source" in supplementary_data:
+                if supplementary_data["source"] in settings.SAFE_SOURCES:
+                    continue
        if key in settings.SEARCH_FIELDS_DENY:
            if not user.has_perm("core.bypass_hashing"):
                data_dict[key] = SearchDenied(key=key, value=data_dict[key])
--- a/core/views/ui/drilldown.py
+++ b/core/views/ui/drilldown.py
@ -374,13 +374,14 @@ class DrilldownContextModal(APIView):
            return render(request, self.template_name, results)

        if settings.HASHING:  # we probably want to see the tokens
-            if not request.user.has_perm("core.bypass_hashing"):
-                for index, item in enumerate(results["object_list"]):
-                    if "tokens" in item:
-                        results["object_list"][index]["msg"] = results["object_list"][
-                            index
-                        ].pop("tokens")
-                        # item["msg"] = item.pop("tokens")
+            if query_params["src"] not in settings.SAFE_SOURCES:
+                if not request.user.has_perm("core.bypass_hashing"):
+                    for index, item in enumerate(results["object_list"]):
+                        if "tokens" in item:
+                            results["object_list"][index]["msg"] = results["object_list"][
+                                index
+                            ].pop("tokens")
+                            # item["msg"] = item.pop("tokens")

        # Make the time nicer
        # for index, item in enumerate(results["object_list"]):