Make search public and refine blacklisting

core/lib/opensearch.py

@@ -1,6 +1,7 @@
 from django.conf import settings
 from opensearchpy import OpenSearch
 from opensearchpy.exceptions import RequestError
+from django.contrib.auth.models import AnonymousUser
 
 from core.lib.threshold import annotate_num_chans, annotate_num_users, annotate_online
 
@@ -79,6 +80,7 @@ def filter_blacklisted(user, response):
     """
     response["redacted"] = 0
     response["exemption"] = None
+    is_anonymous = isinstance(user, AnonymousUser)
     # For every hit from ES
     for item in list(response["hits"]["hits"]):
         # For every blacklisted type
@@ -94,14 +96,15 @@ def filter_blacklisted(user, response):
                         # Remove the item
                         if item in response["hits"]["hits"]:
                             # Anonymous
-                            if not user:
+                            if is_anonymous:
                                 response["hits"]["hits"].remove(item)
                             else:
                                 if not user.is_superuser:
                                     response["hits"]["hits"].remove(item)
+                                else:
+                                    response["exemption"] = True
                             # Let the UI know something was redacted
                             response["redacted"] += 1
-                            response["exemption"] = True
 
 
 def run_main_query(client, user, query, custom_query=False, index=None, size=None):
@@ -133,10 +136,15 @@ def query_results(request, size=None):
     Accept a HTTP request object. Run the query, and annotate the
     results with the other data we have.
     """
+    is_anonymous = isinstance(request.user, AnonymousUser)
+    if is_anonymous:
+        sizes = ["5", "10", "15", "20"]
+    else:
+        sizes = settings.OPENSEARCH_MAIN_SIZES
     if not size:
         if "size" in request.POST:
             size = request.POST["size"]
-            if size not in settings.OPENSEARCH_MAIN_SIZES:
+            if size not in sizes:
                 return False
     if "query" in request.POST:
         query = request.POST["query"]

core/templates/base.html

@@ -118,9 +118,6 @@
 
           {% if user.is_authenticated %}
             {% if user|has_plan:'drilldown' %}
-              <a class="navbar-item" href="{% url 'drilldown' %}">
-                Drilldown
-              </a>
               <a class="navbar-item" href="{% url 'insights' %}">
                 Insights
               </a>

core/views/ui/drilldown.py

@@ -7,6 +7,7 @@ from django.shortcuts import render
 from django.views import View
 from rest_framework.parsers import FormParser
 from rest_framework.views import APIView
+from django.contrib.auth.models import AnonymousUser
 
 from core.lib.opensearch import query_results
 from core.lib.threshold import (
@@ -24,8 +25,13 @@ class Drilldown(View):
     def get(self, request):
         #if not request.user.has_plan(self.plan_name):
         #    return render(request, "denied.html")
+        is_anonymous = isinstance(request.user, AnonymousUser)
+        if is_anonymous:
+            sizes = ["5", "10", "15", "20"]
+        else:
+            sizes = settings.OPENSEARCH_MAIN_SIZES
         context = {
-            "sizes": settings.OPENSEARCH_MAIN_SIZES,
+            "sizes": sizes,
         }
         return render(request, self.template_name, context)