Improve data security by mandating token search
This commit is contained in:
@@ -15,6 +15,7 @@
|
||||
<link rel="stylesheet" href="{% static 'css/bulma-slider.min.css' %}">
|
||||
<link rel="stylesheet" href="{% static 'css/bulma-calendar.min.css' %}">
|
||||
<link rel="stylesheet" href="{% static 'css/bulma-tagsinput.min.css' %}">
|
||||
<link rel="stylesheet" href="{% static 'css/bulma-switch.min.css' %}">
|
||||
<script src="{% static 'js/bulma-calendar.min.js' %}" integrity="sha384-DThNif0xGXbopX7+PE+UabkuClfI/zELNhaVqoGLutaWB76dyMw0vIQBGmUxSfVQ" crossorigin="anonymous"></script>
|
||||
<script src="{% static 'js/bulma-slider.min.js' %}" integrity="sha384-wbyps8iLG8QzJE02viYc/27BtT5HSa11+b5V7QPR1/huVuA8f4LRTNGc82qAIeIZ" crossorigin="anonymous"></script>
|
||||
<script defer src="{% static 'js/htmx.min.js' %}" integrity="sha384-cZuAZ+ZbwkNRnrKi05G/fjBX+azI9DNOkNYysZ0I/X5ZFgsmMiBXgDZof30F5ofc" crossorigin="anonymous"></script>
|
||||
|
||||
@@ -39,60 +39,23 @@
|
||||
} catch {
|
||||
var value = spl[1];
|
||||
}
|
||||
populateSearch(field, value);
|
||||
return `${field}: ${value}`;
|
||||
});
|
||||
inputTags.BulmaTagsInput().on('after.remove', function(item) {
|
||||
var spl = item.split(": ");
|
||||
var field = spl[0];
|
||||
var value = spl[1].trim();
|
||||
populateSearch(field, value);
|
||||
});
|
||||
}
|
||||
function populateSearch(field, value) {
|
||||
var queryElement = document.getElementById('query');
|
||||
|
||||
var present = true;
|
||||
if (present == true) {
|
||||
var combinations = [`${field}: "${value}"`,
|
||||
`${field}: "${value}"`,
|
||||
`${field}: ${value}`,
|
||||
`${field}:${value}`,
|
||||
`${field}:"${value}"`];
|
||||
var toAppend = ` AND ${field}: "${value}"`;
|
||||
} else {
|
||||
var combinations = [`NOT ${field}: "${value}"`,
|
||||
`NOT ${field}: "${value}"`,
|
||||
`NOT ${field}: ${value}`,
|
||||
`NOT ${field}:${value}`,
|
||||
`NOT ${field}:"${value}"`];
|
||||
}
|
||||
var contains = combinations.some(elem => queryElement.value.includes(elem));
|
||||
if (!contains) {
|
||||
queryElement.value+=toAppend;
|
||||
} else {
|
||||
for (var index in combinations) {
|
||||
combination = combinations[index];
|
||||
queryElement.value = queryElement.value.replaceAll("AND "+combination, "");
|
||||
queryElement.value = queryElement.value.replaceAll(combination, "");
|
||||
}
|
||||
}
|
||||
|
||||
if (field == "src") {
|
||||
document.getElementById("source").selectedIndex = 2;
|
||||
}
|
||||
if (queryElement.value.startsWith(" AND ")) {
|
||||
queryElement.value = queryElement.value.replace(" AND ", "");
|
||||
}
|
||||
if (queryElement.value.startsWith("AND ")) {
|
||||
queryElement.value = queryElement.value.replace("AND ", "");
|
||||
}
|
||||
var inputTags = document.getElementById('tags');
|
||||
inputTags.BulmaTagsInput().add(field+": "+value);
|
||||
htmx.trigger("#search", "click");
|
||||
}
|
||||
</script>
|
||||
<div>
|
||||
{% include 'partials/notify.html' %}
|
||||
<form method="POST" hx-post="{% url 'search' %}"
|
||||
<form class="skipEmptyFields" method="POST" hx-post="{% url 'search' %}"
|
||||
hx-trigger="change"
|
||||
hx-target="#results"
|
||||
hx-swap="innerHTML"
|
||||
@@ -102,12 +65,17 @@
|
||||
<div class="columns">
|
||||
<div class="column">
|
||||
<div class="field has-addons">
|
||||
<div class="control is-expanded has-icons-left">
|
||||
<div id="query" class="control is-expanded has-icons-left">
|
||||
<input
|
||||
hx-post="{% url 'search' %}"
|
||||
hx-trigger="keyup changed delay:200ms"
|
||||
hx-target="#results"
|
||||
hx-swap="innerHTML" id="query" name="query" value="{{ params.query }}" class="input" type="text" placeholder="msg: science AND nick: BillNye AND channel: #science">
|
||||
hx-swap="innerHTML"
|
||||
name="query"
|
||||
value="{{ params.query }}"
|
||||
class="input"
|
||||
type="text"
|
||||
placeholder="(science | tech | art) + (interest) -hello">
|
||||
<span class="icon is-small is-left">
|
||||
<i class="fas fa-magnifying-glass"></i>
|
||||
</span>
|
||||
@@ -166,6 +134,19 @@
|
||||
</a>
|
||||
</p>
|
||||
</div>
|
||||
<div class="control">
|
||||
<div class="field">
|
||||
<input
|
||||
id="full_query"
|
||||
type="checkbox"
|
||||
class="switch"
|
||||
{% if params.query_full is not None %}checked="checked"{% else %}none{% endif %}
|
||||
data-script="on click toggle .is-hidden on #query_full">
|
||||
<label
|
||||
class="{% if not perms.core.query_search %}is-disabled{% endif %}"
|
||||
for="full_query">Full query </label>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="column is-narrow">
|
||||
<div class="field has-addons block">
|
||||
@@ -411,24 +392,45 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div id="query_full" class="block {% if params.query_full is None %}is-hidden{% endif %}">
|
||||
<div class="control is-expanded has-icons-left">
|
||||
<input
|
||||
hx-post="{% url 'search' %}"
|
||||
hx-trigger="keyup changed delay:200ms"
|
||||
hx-target="#results"
|
||||
hx-swap="innerHTML"
|
||||
name="query_full"
|
||||
value="{{ params.query_full }}"
|
||||
class="input"
|
||||
type="text"
|
||||
placeholder="msg: science AND nick: BillNye AND channel: #science">
|
||||
<span class="icon is-small is-left">
|
||||
<i class="fas fa-magnifying-glass"></i>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div class="block">
|
||||
<input
|
||||
hx-trigger="change"
|
||||
hx-post="{% url 'search' %}"
|
||||
hx-target="#results"
|
||||
hx-swap="innerHTML"
|
||||
id="tags"
|
||||
class="input"
|
||||
type="tags"
|
||||
name="tags"
|
||||
placeholder="Add tags"
|
||||
value="{{ params.tags }}">
|
||||
</div>
|
||||
<div class="is-hidden"></div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="block">
|
||||
<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">
|
||||
</div>
|
||||
<div class="block">
|
||||
<div id="results">
|
||||
<!-- {% if results %}
|
||||
{% include 'ui/drilldown/results.html' %}
|
||||
{% endif %} -->
|
||||
{% if table %}
|
||||
{% include 'ui/drilldown/table_results.html' %}
|
||||
{% else %}
|
||||
<script>
|
||||
setupTags();
|
||||
</script>
|
||||
{% endif %}
|
||||
{% include 'ui/drilldown/table_results.html' %}
|
||||
<script>
|
||||
setupTags();
|
||||
</script>
|
||||
</div>
|
||||
</div>
|
||||
<div id="modals-here">
|
||||
|
||||
@@ -37,23 +37,3 @@
|
||||
{% endif %}
|
||||
{% include 'ui/drilldown/table_results_partial.html' %}
|
||||
{% endif %}
|
||||
{# Update the tags in case the user changed the query #}
|
||||
{# Check for focus and refocus #}
|
||||
<script>
|
||||
var inputTags = document.getElementsByClassName('tags-input');
|
||||
var inputBox = document.querySelector("[placeholder='Add query']");
|
||||
var isFocused = (document.activeElement === inputBox);
|
||||
for (index = 0; index < inputTags.length; index++) {
|
||||
if (index == 0) {
|
||||
inputTags[0].outerHTML = '<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">';
|
||||
} else {
|
||||
inputTags[index].remove();
|
||||
}
|
||||
}
|
||||
// inputTags[0].outerHTML = '<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">';
|
||||
setupTags();
|
||||
var inputBox = document.querySelector("[placeholder='Add query']");
|
||||
if (isFocused) {
|
||||
inputBox.focus();
|
||||
}
|
||||
</script>
|
||||
@@ -143,7 +143,7 @@
|
||||
</span>
|
||||
</td>
|
||||
{% elif column.name == 'tokens' %}
|
||||
<td class="{{ column.name }}">
|
||||
<td class="{{ column.name }} wrap" style="max-width: 10em">
|
||||
{{ cell|joinsep:',' }}
|
||||
</td>
|
||||
{% elif column.name == 'src' %}
|
||||
|
||||
Reference in New Issue
Block a user