XF/neptune
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improve data security by mandating token search

Browse Source
This commit is contained in:
Mark Veidemanis
2022-08-26 17:16:55 +01:00
parent e85fa910aa
commit 3f02c61463
9 changed files with 309 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
core/templates/ui/drilldown/drilldown.html
View File

@@ -39,60 +39,23 @@
} catch {
var value = spl[1];
}
populateSearch(field, value);
return `${field}: ${value}`;
});
inputTags.BulmaTagsInput().on('after.remove', function(item) {
var spl = item.split(": ");
var field = spl[0];
var value = spl[1].trim();
populateSearch(field, value);
});
}
function populateSearch(field, value) {
var queryElement = document.getElementById('query');
var present = true;
if (present == true) {
var combinations = [`${field}: "${value}"`,
`${field}: "${value}"`,
`${field}: ${value}`,
`${field}:${value}`,
`${field}:"${value}"`];
var toAppend = ` AND ${field}: "${value}"`;
} else {
var combinations = [`NOT ${field}: "${value}"`,
`NOT ${field}: "${value}"`,
`NOT ${field}: ${value}`,
`NOT ${field}:${value}`,
`NOT ${field}:"${value}"`];
}
var contains = combinations.some(elem => queryElement.value.includes(elem));
if (!contains) {
queryElement.value+=toAppend;
} else {
for (var index in combinations) {
combination = combinations[index];
queryElement.value = queryElement.value.replaceAll("AND "+combination, "");
queryElement.value = queryElement.value.replaceAll(combination, "");
}
}
if (field == "src") {
document.getElementById("source").selectedIndex = 2;
}
if (queryElement.value.startsWith(" AND ")) {
queryElement.value = queryElement.value.replace(" AND ", "");
}
if (queryElement.value.startsWith("AND ")) {
queryElement.value = queryElement.value.replace("AND ", "");
}
var inputTags = document.getElementById('tags');
inputTags.BulmaTagsInput().add(field+": "+value);
htmx.trigger("#search", "click");
}
</script>
<div>
{% include 'partials/notify.html' %}
<form method="POST" hx-post="{% url 'search' %}"
<form class="skipEmptyFields" method="POST" hx-post="{% url 'search' %}"
hx-trigger="change"
hx-target="#results"
hx-swap="innerHTML"
@@ -102,12 +65,17 @@
<div class="columns">
<div class="column">
<div class="field has-addons">
<div class="control is-expanded has-icons-left">
<div id="query" class="control is-expanded has-icons-left">
<input
hx-post="{% url 'search' %}"
hx-trigger="keyup changed delay:200ms"
hx-target="#results"
hx-swap="innerHTML" id="query" name="query" value="{{ params.query }}" class="input" type="text" placeholder="msg: science AND nick: BillNye AND channel: #science">
hx-swap="innerHTML"
name="query"
value="{{ params.query }}"
class="input"
type="text"
placeholder="(science | tech | art) + (interest) -hello">
<span class="icon is-small is-left">
<i class="fas fa-magnifying-glass"></i>
</span>
@@ -166,6 +134,19 @@
</a>
</p>
</div>
<div class="control">
<div class="field">
<input
id="full_query"
type="checkbox"
class="switch"
{% if params.query_full is not None %}checked="checked"{% else %}none{% endif %}
data-script="on click toggle .is-hidden on #query_full">
<label
class="{% if not perms.core.query_search %}is-disabled{% endif %}"
for="full_query">Full query </label>
</div>
</div>
</div>
<div class="column is-narrow">
<div class="field has-addons block">
@@ -411,24 +392,45 @@
</div>
</div>
</div>
<div id="query_full" class="block {% if params.query_full is None %}is-hidden{% endif %}">
<div class="control is-expanded has-icons-left">
<input
hx-post="{% url 'search' %}"
hx-trigger="keyup changed delay:200ms"
hx-target="#results"
hx-swap="innerHTML"
name="query_full"
value="{{ params.query_full }}"
class="input"
type="text"
placeholder="msg: science AND nick: BillNye AND channel: #science">
<span class="icon is-small is-left">
<i class="fas fa-magnifying-glass"></i>
</span>
</div>
</div>
<div class="block">
<input
hx-trigger="change"
hx-post="{% url 'search' %}"
hx-target="#results"
hx-swap="innerHTML"
id="tags"
class="input"
type="tags"
name="tags"
placeholder="Add tags"
value="{{ params.tags }}">
</div>
<div class="is-hidden"></div>
</form>
</div>
<div class="block">
<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">
</div>
<div class="block">
<div id="results">
<!-- {% if results %}
{% include 'ui/drilldown/results.html' %}
{% endif %} -->
{% if table %}
{% include 'ui/drilldown/table_results.html' %}
{% else %}
<script>
setupTags();
</script>
{% endif %}
{% include 'ui/drilldown/table_results.html' %}
<script>
setupTags();
</script>
</div>
</div>
<div id="modals-here">

20
core/templates/ui/drilldown/table_results.html
View File

@@ -37,23 +37,3 @@
{% endif %}
{% include 'ui/drilldown/table_results_partial.html' %}
{% endif %}
{# Update the tags in case the user changed the query #}
{# Check for focus and refocus #}
<script>
var inputTags = document.getElementsByClassName('tags-input');
var inputBox = document.querySelector("[placeholder='Add query']");
var isFocused = (document.activeElement === inputBox);
for (index = 0; index < inputTags.length; index++) {
if (index == 0) {
inputTags[0].outerHTML = '<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">';
} else {
inputTags[index].remove();
}
}
// inputTags[0].outerHTML = '<input id="tags" class="input" type="tags" placeholder="Add query" value="{{ tags|joinsep:',' }}">';
setupTags();
var inputBox = document.querySelector("[placeholder='Add query']");
if (isFocused) {
inputBox.focus();
}
</script>

2
core/templates/ui/drilldown/table_results_partial.html
View File

@@ -143,7 +143,7 @@
</span>
</td>
{% elif column.name == 'tokens' %}
<td class="{{ column.name }}">
<td class="{{ column.name }} wrap" style="max-width: 10em">
{{ cell|joinsep:',' }}
</td>
{% elif column.name == 'src' %}