From e4651c4ce11869f78f23607dd2254462c7a8427b Mon Sep 17 00:00:00 2001 From: Mark Veidemanis Date: Tue, 2 Aug 2022 22:22:22 +0100 Subject: [PATCH] Make search public and refine blacklisting --- core/lib/opensearch.py | 14 +++++++++++--- core/templates/base.html | 3 --- core/views/ui/drilldown.py | 8 +++++++- 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/core/lib/opensearch.py b/core/lib/opensearch.py index dd3bd5c..b832864 100644 --- a/core/lib/opensearch.py +++ b/core/lib/opensearch.py @@ -1,6 +1,7 @@ from django.conf import settings from opensearchpy import OpenSearch from opensearchpy.exceptions import RequestError +from django.contrib.auth.models import AnonymousUser from core.lib.threshold import annotate_num_chans, annotate_num_users, annotate_online @@ -79,6 +80,7 @@ def filter_blacklisted(user, response): """ response["redacted"] = 0 response["exemption"] = None + is_anonymous = isinstance(user, AnonymousUser) # For every hit from ES for item in list(response["hits"]["hits"]): # For every blacklisted type @@ -94,14 +96,15 @@ def filter_blacklisted(user, response): # Remove the item if item in response["hits"]["hits"]: # Anonymous - if not user: + if is_anonymous: response["hits"]["hits"].remove(item) else: if not user.is_superuser: response["hits"]["hits"].remove(item) + else: + response["exemption"] = True # Let the UI know something was redacted response["redacted"] += 1 - response["exemption"] = True def run_main_query(client, user, query, custom_query=False, index=None, size=None): @@ -133,10 +136,15 @@ def query_results(request, size=None): Accept a HTTP request object. Run the query, and annotate the results with the other data we have. """ + is_anonymous = isinstance(request.user, AnonymousUser) + if is_anonymous: + sizes = ["5", "10", "15", "20"] + else: + sizes = settings.OPENSEARCH_MAIN_SIZES if not size: if "size" in request.POST: size = request.POST["size"] - if size not in settings.OPENSEARCH_MAIN_SIZES: + if size not in sizes: return False if "query" in request.POST: query = request.POST["query"] diff --git a/core/templates/base.html b/core/templates/base.html index 40012aa..f3168c2 100644 --- a/core/templates/base.html +++ b/core/templates/base.html @@ -118,9 +118,6 @@ {% if user.is_authenticated %} {% if user|has_plan:'drilldown' %} - - Drilldown - Insights diff --git a/core/views/ui/drilldown.py b/core/views/ui/drilldown.py index f663d35..4251a98 100644 --- a/core/views/ui/drilldown.py +++ b/core/views/ui/drilldown.py @@ -7,6 +7,7 @@ from django.shortcuts import render from django.views import View from rest_framework.parsers import FormParser from rest_framework.views import APIView +from django.contrib.auth.models import AnonymousUser from core.lib.opensearch import query_results from core.lib.threshold import ( @@ -24,8 +25,13 @@ class Drilldown(View): def get(self, request): #if not request.user.has_plan(self.plan_name): # return render(request, "denied.html") + is_anonymous = isinstance(request.user, AnonymousUser) + if is_anonymous: + sizes = ["5", "10", "15", "20"] + else: + sizes = settings.OPENSEARCH_MAIN_SIZES context = { - "sizes": settings.OPENSEARCH_MAIN_SIZES, + "sizes": sizes, } return render(request, self.template_name, context)