Fix results delay and add nicer icons

This commit is contained in:
Mark Veidemanis 2022-08-27 17:31:39 +01:00
parent ba41a0b26b
commit 65140f70ac
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 45 additions and 35 deletions

View File

@ -370,14 +370,13 @@ def query_results(
} }
} }
} }
if not settings.DELAY_RESULTS: date_query = True
add_top.append(range_query)
else:
date_query = True
if settings.DELAY_RESULTS: if date_query:
if date_query: if settings.DELAY_RESULTS:
if not request.user.has_perm("bypass_delay"): if request.user.has_perm("core.bypass_delay"):
add_top.append(range_query)
else:
delay_as_ts = datetime.now() - timedelta(days=settings.DELAY_DURATION) delay_as_ts = datetime.now() - timedelta(days=settings.DELAY_DURATION)
lt_as_ts = datetime.strptime( lt_as_ts = datetime.strptime(
range_query["range"]["ts"]["lt"], "%Y-%m-%dT%H:%MZ" range_query["range"]["ts"]["lt"], "%Y-%m-%dT%H:%MZ"
@ -386,15 +385,20 @@ def query_results(
range_query["range"]["ts"]["lt"] = f"now-{settings.DELAY_DURATION}d" range_query["range"]["ts"]["lt"] = f"now-{settings.DELAY_DURATION}d"
add_top.append(range_query) add_top.append(range_query)
else: else:
range_query = { add_top.append(range_query)
"range": { else:
"ts": { if settings.DELAY_RESULTS:
# "gt": , if not request.user.has_perm("core.bypass_delay"):
"lt": f"now-{settings.DELAY_DURATION}d", range_query = {
"range": {
"ts": {
# "gt": ,
"lt": f"now-{settings.DELAY_DURATION}d",
}
} }
} }
} add_top.append(range_query)
add_top.append(range_query)
if "sorting" in query_params: if "sorting" in query_params:
sorting = query_params["sorting"] sorting = query_params["sorting"]
if sorting not in ("asc", "desc", "none"): if sorting not in ("asc", "desc", "none"):
@ -451,7 +455,7 @@ def query_results(
query_created = True query_created = True
elif "query_full" in query_params: elif "query_full" in query_params:
query_full = query_params["query_full"] query_full = query_params["query_full"]
if request.user.has_perm("query_search"): if request.user.has_perm("core.query_search"):
search_query = construct_query(query_full, size) search_query = construct_query(query_full, size)
query_created = True query_created = True
else: else:
@ -502,7 +506,7 @@ def query_results(
if index == "main": if index == "main":
index = settings.OPENSEARCH_INDEX_MAIN index = settings.OPENSEARCH_INDEX_MAIN
else: else:
if not request.user.has_perm(f"index_{index}"): if not request.user.has_perm(f"core.index_{index}"):
message = "Not permitted to search by this index" message = "Not permitted to search by this index"
message_class = "danger" message_class = "danger"
return { return {
@ -588,10 +592,10 @@ def query_results(
if query: if query:
context["query"] = query context["query"] = query
if settings.DELAY_RESULTS: if settings.DELAY_RESULTS:
if not request.user.has_perm("bypass_delay"): if not request.user.has_perm("core.bypass_delay"):
context["delay"] = settings.DELAY_DURATION context["delay"] = settings.DELAY_DURATION
if settings.RANDOMISATION: if settings.RANDOMISATION:
if not request.user.has_perm("bypass_randomisation"): if not request.user.has_perm("core.bypass_randomisation"):
context["randomised"] = True context["randomised"] = True
return context return context

View File

@ -10,36 +10,40 @@
<div class="has-text-grey-light nowrap-parent"> <div class="has-text-grey-light nowrap-parent">
<div class="nowrap-child block"> <div class="nowrap-child block">
<i class="fa-solid fa-chart-mixed"></i> <span class="icon" data-tooltip="{{ card }} hits total">
<i class="fa-solid fa-chart-mixed"></i>
</span>
</div> </div>
<div class="nowrap-child"> <div class="nowrap-child">
<p>fetched {{ table.data|length }} of {{ card }} hits in {{ took }}ms</p> <p>{{ table.data|length }} hits in {{ took }}ms</p>
</div> </div>
{% if exemption is not None %} {% if exemption is not None %}
<div class="nowrap-child"> <div class="nowrap-child">
<i class="fa-solid fa-book-bible"></i> <span class="icon" data-tooltip="God mode">
<i class="fa-solid fa-book-bible"></i>
</span>
</div> </div>
{% else %} {% else %}
{% if redacted != 0 %} {% if redacted != 0 %}
<div class="nowrap-child"> <div class="nowrap-child">
<p>{{ redacted }} redacted</p> <span class="icon" data-tooltip="{{ redacted }} redacted">
<i class="fa-solid fa-mask"></i>
</span>
</div> </div>
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if delay is not None %} {% if delay is not None %}
<div class="nowrap-child"> <div class="nowrap-child">
<div class="nowrap-child"> <span class="icon" data-tooltip="delayed by {{ delay }} days">
<i class="fa-solid fa-clock"></i> <i class="fa-solid fa-clock"></i>
</div> </span>
delayed by {{ delay }} days
</div> </div>
{% endif %} {% endif %}
{% if randomised is True %} {% if randomised is True %}
<div class="nowrap-child"> <div class="nowrap-child">
<div class="nowrap-child"> <span class="icon" data-tooltip="integer fields randomised">
<i class="fa-solid fa-shuffle"></i> <i class="fa-solid fa-shuffle"></i>
</div> </span>
integer fields randomised
</div> </div>
{% endif %} {% endif %}
</div> </div>

View File

@ -92,7 +92,7 @@ def randomise_list(user, data):
""" """
Randomise data in a list of dictionaries. Randomise data in a list of dictionaries.
""" """
if user.has_perm("bypass_randomisation"): if user.has_perm("core.bypass_randomisation"):
return return
if isinstance(data, list): if isinstance(data, list):
for index, item in enumerate(data): for index, item in enumerate(data):
@ -117,8 +117,10 @@ def obfuscate_list(user, data):
""" """
Obfuscate data in a list of dictionaries. Obfuscate data in a list of dictionaries.
""" """
if user.has_perm("bypass_obfuscation"): if user.has_perm("core.bypass_obfuscation"):
print("USER HAS PERM")
return return
print("NO HAVE PERM")
for index, item in enumerate(data): for index, item in enumerate(data):
for key, value in item.items(): for key, value in item.items():
# Obfuscate a ratio of the field # Obfuscate a ratio of the field
@ -162,7 +164,7 @@ def hash_list(user, data, hash_keys=False):
""" """
Hash a list of dicts or a list with SipHash42. Hash a list of dicts or a list with SipHash42.
""" """
if user.has_perm("bypass_hashing"): if user.has_perm("core.bypass_hashing"):
return return
cache = "cache.hash" cache = "cache.hash"
hash_table = {} hash_table = {}
@ -214,7 +216,7 @@ def hash_lookup(user, data_dict):
denied = [] denied = []
for key, value in list(data_dict.items()): for key, value in list(data_dict.items()):
if key in settings.SEARCH_FIELDS_DENY: if key in settings.SEARCH_FIELDS_DENY:
if not user.has_perm("bypass_hashing"): if not user.has_perm("core.bypass_hashing"):
data_dict[key] = SearchDenied(key=key, value=data_dict[key]) data_dict[key] = SearchDenied(key=key, value=data_dict[key])
denied.append(data_dict[key]) denied.append(data_dict[key])
if ( if (
@ -236,7 +238,7 @@ def hash_lookup(user, data_dict):
hashes.append(h) hashes.append(h)
if not hashes: if not hashes:
# Otherwise the user could inject plaintext search queries # Otherwise the user could inject plaintext search queries
if not user.has_perm("bypass_hashing"): if not user.has_perm("core.bypass_hashing"):
data_dict[key] = SearchDenied(key=key, value=data_dict[key]) data_dict[key] = SearchDenied(key=key, value=data_dict[key])
denied.append(data_dict[key]) denied.append(data_dict[key])
continue continue
@ -275,7 +277,7 @@ def hash_lookup(user, data_dict):
def encrypt_list(user, data, secret): def encrypt_list(user, data, secret):
if user.has_perm("bypass_encryption"): if user.has_perm("core.bypass_encryption"):
return return
cipher = Cipher(algorithms.AES(secret), ECB()) cipher = Cipher(algorithms.AES(secret), ECB())
for index, item in enumerate(data): for index, item in enumerate(data):

View File

@ -369,7 +369,7 @@ class DrilldownContextModal(APIView):
return render(request, self.template_name, results) return render(request, self.template_name, results)
if settings.HASHING: # we probably want to see the tokens if settings.HASHING: # we probably want to see the tokens
if not request.user.has_perm("bypass_hashing"): if not request.user.has_perm("core.bypass_hashing"):
for index, item in enumerate(results["object_list"]): for index, item in enumerate(results["object_list"]):
if "tokens" in item: if "tokens" in item:
results["object_list"][index]["msg"] = results["object_list"][ results["object_list"][index]["msg"] = results["object_list"][