Make search public and refine blacklisting

2022-08-02 22:22:22 +01:00 · 2022-08-02 22:22:22 +01:00 · e4651c4ce1
parent 473dfd1b43
commit e4651c4ce1
3 changed files with 18 additions and 7 deletions
--- a/core/lib/opensearch.py
+++ b/core/lib/opensearch.py
@ -1,6 +1,7 @@
 from django.conf import settings
 from opensearchpy import OpenSearch
 from opensearchpy.exceptions import RequestError
+from django.contrib.auth.models import AnonymousUser

 from core.lib.threshold import annotate_num_chans, annotate_num_users, annotate_online

@ -79,6 +80,7 @@ def filter_blacklisted(user, response):
    """
    response["redacted"] = 0
    response["exemption"] = None
+    is_anonymous = isinstance(user, AnonymousUser)
    # For every hit from ES
    for item in list(response["hits"]["hits"]):
        # For every blacklisted type
@ -94,14 +96,15 @@ def filter_blacklisted(user, response):
                        # Remove the item
                        if item in response["hits"]["hits"]:
                            # Anonymous
-                            if not user:
+                            if is_anonymous:
                                response["hits"]["hits"].remove(item)
                            else:
                                if not user.is_superuser:
                                    response["hits"]["hits"].remove(item)
+                                else:
+                                    response["exemption"] = True
                            # Let the UI know something was redacted
                            response["redacted"] += 1
-                            response["exemption"] = True


 def run_main_query(client, user, query, custom_query=False, index=None, size=None):
@ -133,10 +136,15 @@ def query_results(request, size=None):
    Accept a HTTP request object. Run the query, and annotate the
    results with the other data we have.
    """
+    is_anonymous = isinstance(request.user, AnonymousUser)
+    if is_anonymous:
+        sizes = ["5", "10", "15", "20"]
+    else:
+        sizes = settings.OPENSEARCH_MAIN_SIZES
    if not size:
        if "size" in request.POST:
            size = request.POST["size"]
-            if size not in settings.OPENSEARCH_MAIN_SIZES:
+            if size not in sizes:
                return False
    if "query" in request.POST:
        query = request.POST["query"]
--- a/core/templates/base.html
+++ b/core/templates/base.html
@ -118,9 +118,6 @@

          {% if user.is_authenticated %}
            {% if user|has_plan:'drilldown' %}
-              <a class="navbar-item" href="{% url 'drilldown' %}">
-                Drilldown
-              </a>
              <a class="navbar-item" href="{% url 'insights' %}">
                Insights
              </a>
--- a/core/views/ui/drilldown.py
+++ b/core/views/ui/drilldown.py
@ -7,6 +7,7 @@ from django.shortcuts import render
 from django.views import View
 from rest_framework.parsers import FormParser
 from rest_framework.views import APIView
+from django.contrib.auth.models import AnonymousUser

 from core.lib.opensearch import query_results
 from core.lib.threshold import (
@ -24,8 +25,13 @@ class Drilldown(View):
    def get(self, request):
        #if not request.user.has_plan(self.plan_name):
        #    return render(request, "denied.html")
+        is_anonymous = isinstance(request.user, AnonymousUser)
+        if is_anonymous:
+            sizes = ["5", "10", "15", "20"]
+        else:
+            sizes = settings.OPENSEARCH_MAIN_SIZES
        context = {
-            "sizes": settings.OPENSEARCH_MAIN_SIZES,
+            "sizes": sizes,
        }
        return render(request, self.template_name, context)