Fix hashing with 4chan
This commit is contained in:
parent
b8a08f9615
commit
38b712ac9a
|
@ -244,6 +244,7 @@ def run_main_query(client, user, query, custom_query=False, index=None, size=Non
|
|||
|
||||
def parse_results(results):
|
||||
results_parsed = []
|
||||
stringify = ["host", "channel"]
|
||||
if "hits" in results.keys():
|
||||
if "hits" in results["hits"]:
|
||||
for item in results["hits"]["hits"]:
|
||||
|
@ -254,6 +255,9 @@ def parse_results(results):
|
|||
else:
|
||||
return False
|
||||
element = item[data_index]
|
||||
for field in stringify:
|
||||
if field in element:
|
||||
element[field] = str(element[field])
|
||||
# Why are fields in lists...
|
||||
if data_index == "fields":
|
||||
element = {k: v[0] for k, v in element.items() if len(v)}
|
||||
|
@ -319,7 +323,7 @@ def query_results(
|
|||
denied_q = hash_lookup(request.user, query_params)
|
||||
denied.extend(denied_q)
|
||||
if tags:
|
||||
denied_t = hash_lookup(request.user, tags)
|
||||
denied_t = hash_lookup(request.user, tags, query_params)
|
||||
denied.extend(denied_t)
|
||||
|
||||
message = "Permission denied: "
|
||||
|
|
|
@ -211,11 +211,19 @@ def hash_list(user, data, hash_keys=False):
|
|||
r.hmset(cache, hash_table)
|
||||
|
||||
|
||||
def hash_lookup(user, data_dict):
|
||||
def hash_lookup(user, data_dict, supplementary_data=None):
|
||||
cache = "cache.hash"
|
||||
hash_list = SortedSet()
|
||||
denied = []
|
||||
for key, value in list(data_dict.items()):
|
||||
print("DATA DICT", data_dict)
|
||||
if "source" in data_dict:
|
||||
if data_dict["source"] in settings.SAFE_SOURCES:
|
||||
continue
|
||||
if supplementary_data:
|
||||
if "source" in supplementary_data:
|
||||
if supplementary_data["source"] in settings.SAFE_SOURCES:
|
||||
continue
|
||||
if key in settings.SEARCH_FIELDS_DENY:
|
||||
if not user.has_perm("core.bypass_hashing"):
|
||||
data_dict[key] = SearchDenied(key=key, value=data_dict[key])
|
||||
|
|
|
@ -374,6 +374,7 @@ class DrilldownContextModal(APIView):
|
|||
return render(request, self.template_name, results)
|
||||
|
||||
if settings.HASHING: # we probably want to see the tokens
|
||||
if query_params["src"] not in settings.SAFE_SOURCES:
|
||||
if not request.user.has_perm("core.bypass_hashing"):
|
||||
for index, item in enumerate(results["object_list"]):
|
||||
if "tokens" in item:
|
||||
|
|
Loading…
Reference in New Issue