From fc86aae11909d0968a2c7b7773099e8a9f327cfc Mon Sep 17 00:00:00 2001 From: Mark Veidemanis Date: Wed, 3 Aug 2022 21:56:27 +0100 Subject: [PATCH] Improve redaction and anonymous user handling --- core/lib/opensearch.py | 29 ++++++++++++------------ core/templates/ui/drilldown/results.html | 5 ++-- core/views/ui/drilldown.py | 6 ++--- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/core/lib/opensearch.py b/core/lib/opensearch.py index 657fd7e..d054bdc 100644 --- a/core/lib/opensearch.py +++ b/core/lib/opensearch.py @@ -1,5 +1,4 @@ from django.conf import settings -from django.contrib.auth.models import AnonymousUser from opensearchpy import OpenSearch from opensearchpy.exceptions import RequestError @@ -80,9 +79,11 @@ def filter_blacklisted(user, response): """ response["redacted"] = 0 response["exemption"] = None - is_anonymous = isinstance(user, AnonymousUser) + if user.is_superuser: + response["exemption"] = True + # is_anonymous = isinstance(user, AnonymousUser) # For every hit from ES - for item in list(response["hits"]["hits"]): + for index, item in enumerate(list(response["hits"]["hits"])): # For every blacklisted type for blacklisted_type in settings.OPENSEARCH_BLACKLISTED.keys(): # Check this field we are matching exists @@ -92,17 +93,20 @@ def filter_blacklisted(user, response): for blacklisted_item in settings.OPENSEARCH_BLACKLISTED[ blacklisted_type ]: - if blacklisted_item in str(content): + if blacklisted_item == str(content): # Remove the item if item in response["hits"]["hits"]: # Anonymous - if is_anonymous: + if user.is_anonymous: response["hits"]["hits"].remove(item) else: if not user.is_superuser: response["hits"]["hits"].remove(item) else: - response["exemption"] = True + response["hits"]["hits"][index]["_source"][ + "exemption" + ] = True + # Let the UI know something was redacted response["redacted"] += 1 @@ -136,9 +140,9 @@ def query_results(request, size=None): Accept a HTTP request object. Run the query, and annotate the results with the other data we have. """ - is_anonymous = isinstance(request.user, AnonymousUser) - if is_anonymous: - sizes = ["5", "10", "15", "20"] + # is_anonymous = isinstance(request.user, AnonymousUser) + if request.user.is_anonymous: + sizes = settings.OPENSEARCH_MAIN_SIZES_ANON else: sizes = settings.OPENSEARCH_MAIN_SIZES if not size: @@ -148,13 +152,10 @@ def query_results(request, size=None): return False if "query" in request.POST: query = request.POST["query"] - if hasattr(request, "user"): - user = request.user - else: - user = None + results = run_main_query( client, - user, # passed through run_main_query to filter_blacklisted + request.user, # passed through run_main_query to filter_blacklisted query, size=size, ) diff --git a/core/templates/ui/drilldown/results.html b/core/templates/ui/drilldown/results.html index 3c2bc2b..9b1ca21 100644 --- a/core/templates/ui/drilldown/results.html +++ b/core/templates/ui/drilldown/results.html @@ -28,8 +28,9 @@ {% for item in results %} - - {% if item.type == 'join' %} + {% if item.exemption == True %} + + {% elif item.type == 'join' %} {% elif item.type == 'quit' %} diff --git a/core/views/ui/drilldown.py b/core/views/ui/drilldown.py index b41cc6e..c13d68f 100644 --- a/core/views/ui/drilldown.py +++ b/core/views/ui/drilldown.py @@ -1,7 +1,6 @@ import json from django.conf import settings -from django.contrib.auth.models import AnonymousUser from django.http import HttpResponse, HttpResponseForbidden, JsonResponse from django.shortcuts import render from django.views import View @@ -24,9 +23,8 @@ class Drilldown(View): def get(self, request): # if not request.user.has_plan(self.plan_name): # return render(request, "denied.html") - is_anonymous = isinstance(request.user, AnonymousUser) - if is_anonymous: - sizes = ["5", "10", "15", "20"] + if request.user.is_anonymous: + sizes = settings.OPENSEARCH_MAIN_SIZES_ANON else: sizes = settings.OPENSEARCH_MAIN_SIZES context = {