diff --git a/core/lib/opensearch.py b/core/lib/opensearch.py index 657fd7e..d054bdc 100644 --- a/core/lib/opensearch.py +++ b/core/lib/opensearch.py @@ -1,5 +1,4 @@ from django.conf import settings -from django.contrib.auth.models import AnonymousUser from opensearchpy import OpenSearch from opensearchpy.exceptions import RequestError @@ -80,9 +79,11 @@ def filter_blacklisted(user, response): """ response["redacted"] = 0 response["exemption"] = None - is_anonymous = isinstance(user, AnonymousUser) + if user.is_superuser: + response["exemption"] = True + # is_anonymous = isinstance(user, AnonymousUser) # For every hit from ES - for item in list(response["hits"]["hits"]): + for index, item in enumerate(list(response["hits"]["hits"])): # For every blacklisted type for blacklisted_type in settings.OPENSEARCH_BLACKLISTED.keys(): # Check this field we are matching exists @@ -92,17 +93,20 @@ def filter_blacklisted(user, response): for blacklisted_item in settings.OPENSEARCH_BLACKLISTED[ blacklisted_type ]: - if blacklisted_item in str(content): + if blacklisted_item == str(content): # Remove the item if item in response["hits"]["hits"]: # Anonymous - if is_anonymous: + if user.is_anonymous: response["hits"]["hits"].remove(item) else: if not user.is_superuser: response["hits"]["hits"].remove(item) else: - response["exemption"] = True + response["hits"]["hits"][index]["_source"][ + "exemption" + ] = True + # Let the UI know something was redacted response["redacted"] += 1 @@ -136,9 +140,9 @@ def query_results(request, size=None): Accept a HTTP request object. Run the query, and annotate the results with the other data we have. """ - is_anonymous = isinstance(request.user, AnonymousUser) - if is_anonymous: - sizes = ["5", "10", "15", "20"] + # is_anonymous = isinstance(request.user, AnonymousUser) + if request.user.is_anonymous: + sizes = settings.OPENSEARCH_MAIN_SIZES_ANON else: sizes = settings.OPENSEARCH_MAIN_SIZES if not size: @@ -148,13 +152,10 @@ def query_results(request, size=None): return False if "query" in request.POST: query = request.POST["query"] - if hasattr(request, "user"): - user = request.user - else: - user = None + results = run_main_query( client, - user, # passed through run_main_query to filter_blacklisted + request.user, # passed through run_main_query to filter_blacklisted query, size=size, ) diff --git a/core/templates/ui/drilldown/results.html b/core/templates/ui/drilldown/results.html index 3c2bc2b..9b1ca21 100644 --- a/core/templates/ui/drilldown/results.html +++ b/core/templates/ui/drilldown/results.html @@ -28,8 +28,9 @@
{% for item in results %} -