Improve redaction and anonymous user handling

This commit is contained in:
Mark Veidemanis 2022-08-03 21:56:27 +01:00
parent 8b7fef59c5
commit fc86aae119
Signed by: m
GPG Key ID: 5ACFCEED46C0904F
3 changed files with 20 additions and 20 deletions

View File

@ -1,5 +1,4 @@
from django.conf import settings
from django.contrib.auth.models import AnonymousUser
from opensearchpy import OpenSearch
from opensearchpy.exceptions import RequestError
@ -80,9 +79,11 @@ def filter_blacklisted(user, response):
"""
response["redacted"] = 0
response["exemption"] = None
is_anonymous = isinstance(user, AnonymousUser)
if user.is_superuser:
response["exemption"] = True
# is_anonymous = isinstance(user, AnonymousUser)
# For every hit from ES
for item in list(response["hits"]["hits"]):
for index, item in enumerate(list(response["hits"]["hits"])):
# For every blacklisted type
for blacklisted_type in settings.OPENSEARCH_BLACKLISTED.keys():
# Check this field we are matching exists
@ -92,17 +93,20 @@ def filter_blacklisted(user, response):
for blacklisted_item in settings.OPENSEARCH_BLACKLISTED[
blacklisted_type
]:
if blacklisted_item in str(content):
if blacklisted_item == str(content):
# Remove the item
if item in response["hits"]["hits"]:
# Anonymous
if is_anonymous:
if user.is_anonymous:
response["hits"]["hits"].remove(item)
else:
if not user.is_superuser:
response["hits"]["hits"].remove(item)
else:
response["exemption"] = True
response["hits"]["hits"][index]["_source"][
"exemption"
] = True
# Let the UI know something was redacted
response["redacted"] += 1
@ -136,9 +140,9 @@ def query_results(request, size=None):
Accept a HTTP request object. Run the query, and annotate the
results with the other data we have.
"""
is_anonymous = isinstance(request.user, AnonymousUser)
if is_anonymous:
sizes = ["5", "10", "15", "20"]
# is_anonymous = isinstance(request.user, AnonymousUser)
if request.user.is_anonymous:
sizes = settings.OPENSEARCH_MAIN_SIZES_ANON
else:
sizes = settings.OPENSEARCH_MAIN_SIZES
if not size:
@ -148,13 +152,10 @@ def query_results(request, size=None):
return False
if "query" in request.POST:
query = request.POST["query"]
if hasattr(request, "user"):
user = request.user
else:
user = None
results = run_main_query(
client,
user, # passed through run_main_query to filter_blacklisted
request.user, # passed through run_main_query to filter_blacklisted
query,
size=size,
)

View File

@ -28,8 +28,9 @@
</thead>
<tbody>
{% for item in results %}
<tr>
{% if item.type == 'join' %}
{% if item.exemption == True %}
<tr class="has-background-grey-lighter">
{% elif item.type == 'join' %}
<tr class="has-background-success-light">
{% elif item.type == 'quit' %}
<tr class="has-background-danger-light">

View File

@ -1,7 +1,6 @@
import json
from django.conf import settings
from django.contrib.auth.models import AnonymousUser
from django.http import HttpResponse, HttpResponseForbidden, JsonResponse
from django.shortcuts import render
from django.views import View
@ -24,9 +23,8 @@ class Drilldown(View):
def get(self, request):
# if not request.user.has_plan(self.plan_name):
# return render(request, "denied.html")
is_anonymous = isinstance(request.user, AnonymousUser)
if is_anonymous:
sizes = ["5", "10", "15", "20"]
if request.user.is_anonymous:
sizes = settings.OPENSEARCH_MAIN_SIZES_ANON
else:
sizes = settings.OPENSEARCH_MAIN_SIZES
context = {