Fix results delay and add nicer icons

This commit is contained in:
Mark Veidemanis 2022-08-27 17:31:39 +01:00
parent ba41a0b26b
commit 65140f70ac
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
4 changed files with 45 additions and 35 deletions

View File

@ -370,14 +370,13 @@ def query_results(
}
}
}
if not settings.DELAY_RESULTS:
add_top.append(range_query)
else:
date_query = True
if settings.DELAY_RESULTS:
if date_query:
if not request.user.has_perm("bypass_delay"):
if settings.DELAY_RESULTS:
if request.user.has_perm("core.bypass_delay"):
add_top.append(range_query)
else:
delay_as_ts = datetime.now() - timedelta(days=settings.DELAY_DURATION)
lt_as_ts = datetime.strptime(
range_query["range"]["ts"]["lt"], "%Y-%m-%dT%H:%MZ"
@ -386,6 +385,10 @@ def query_results(
range_query["range"]["ts"]["lt"] = f"now-{settings.DELAY_DURATION}d"
add_top.append(range_query)
else:
add_top.append(range_query)
else:
if settings.DELAY_RESULTS:
if not request.user.has_perm("core.bypass_delay"):
range_query = {
"range": {
"ts": {
@ -395,6 +398,7 @@ def query_results(
}
}
add_top.append(range_query)
if "sorting" in query_params:
sorting = query_params["sorting"]
if sorting not in ("asc", "desc", "none"):
@ -451,7 +455,7 @@ def query_results(
query_created = True
elif "query_full" in query_params:
query_full = query_params["query_full"]
if request.user.has_perm("query_search"):
if request.user.has_perm("core.query_search"):
search_query = construct_query(query_full, size)
query_created = True
else:
@ -502,7 +506,7 @@ def query_results(
if index == "main":
index = settings.OPENSEARCH_INDEX_MAIN
else:
if not request.user.has_perm(f"index_{index}"):
if not request.user.has_perm(f"core.index_{index}"):
message = "Not permitted to search by this index"
message_class = "danger"
return {
@ -588,10 +592,10 @@ def query_results(
if query:
context["query"] = query
if settings.DELAY_RESULTS:
if not request.user.has_perm("bypass_delay"):
if not request.user.has_perm("core.bypass_delay"):
context["delay"] = settings.DELAY_DURATION
if settings.RANDOMISATION:
if not request.user.has_perm("bypass_randomisation"):
if not request.user.has_perm("core.bypass_randomisation"):
context["randomised"] = True
return context

View File

@ -10,36 +10,40 @@
<div class="has-text-grey-light nowrap-parent">
<div class="nowrap-child block">
<span class="icon" data-tooltip="{{ card }} hits total">
<i class="fa-solid fa-chart-mixed"></i>
</span>
</div>
<div class="nowrap-child">
<p>fetched {{ table.data|length }} of {{ card }} hits in {{ took }}ms</p>
<p>{{ table.data|length }} hits in {{ took }}ms</p>
</div>
{% if exemption is not None %}
<div class="nowrap-child">
<span class="icon" data-tooltip="God mode">
<i class="fa-solid fa-book-bible"></i>
</span>
</div>
{% else %}
{% if redacted != 0 %}
<div class="nowrap-child">
<p>{{ redacted }} redacted</p>
<span class="icon" data-tooltip="{{ redacted }} redacted">
<i class="fa-solid fa-mask"></i>
</span>
</div>
{% endif %}
{% endif %}
{% if delay is not None %}
<div class="nowrap-child">
<div class="nowrap-child">
<span class="icon" data-tooltip="delayed by {{ delay }} days">
<i class="fa-solid fa-clock"></i>
</div>
delayed by {{ delay }} days
</span>
</div>
{% endif %}
{% if randomised is True %}
<div class="nowrap-child">
<div class="nowrap-child">
<span class="icon" data-tooltip="integer fields randomised">
<i class="fa-solid fa-shuffle"></i>
</div>
integer fields randomised
</span>
</div>
{% endif %}
</div>

View File

@ -92,7 +92,7 @@ def randomise_list(user, data):
"""
Randomise data in a list of dictionaries.
"""
if user.has_perm("bypass_randomisation"):
if user.has_perm("core.bypass_randomisation"):
return
if isinstance(data, list):
for index, item in enumerate(data):
@ -117,8 +117,10 @@ def obfuscate_list(user, data):
"""
Obfuscate data in a list of dictionaries.
"""
if user.has_perm("bypass_obfuscation"):
if user.has_perm("core.bypass_obfuscation"):
print("USER HAS PERM")
return
print("NO HAVE PERM")
for index, item in enumerate(data):
for key, value in item.items():
# Obfuscate a ratio of the field
@ -162,7 +164,7 @@ def hash_list(user, data, hash_keys=False):
"""
Hash a list of dicts or a list with SipHash42.
"""
if user.has_perm("bypass_hashing"):
if user.has_perm("core.bypass_hashing"):
return
cache = "cache.hash"
hash_table = {}
@ -214,7 +216,7 @@ def hash_lookup(user, data_dict):
denied = []
for key, value in list(data_dict.items()):
if key in settings.SEARCH_FIELDS_DENY:
if not user.has_perm("bypass_hashing"):
if not user.has_perm("core.bypass_hashing"):
data_dict[key] = SearchDenied(key=key, value=data_dict[key])
denied.append(data_dict[key])
if (
@ -236,7 +238,7 @@ def hash_lookup(user, data_dict):
hashes.append(h)
if not hashes:
# Otherwise the user could inject plaintext search queries
if not user.has_perm("bypass_hashing"):
if not user.has_perm("core.bypass_hashing"):
data_dict[key] = SearchDenied(key=key, value=data_dict[key])
denied.append(data_dict[key])
continue
@ -275,7 +277,7 @@ def hash_lookup(user, data_dict):
def encrypt_list(user, data, secret):
if user.has_perm("bypass_encryption"):
if user.has_perm("core.bypass_encryption"):
return
cipher = Cipher(algorithms.AES(secret), ECB())
for index, item in enumerate(data):

View File

@ -369,7 +369,7 @@ class DrilldownContextModal(APIView):
return render(request, self.template_name, results)
if settings.HASHING: # we probably want to see the tokens
if not request.user.has_perm("bypass_hashing"):
if not request.user.has_perm("core.bypass_hashing"):
for index, item in enumerate(results["object_list"]):
if "tokens" in item:
results["object_list"][index]["msg"] = results["object_list"][