1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-22 14:49:42 +02:00

Implement category-based permissioning for search results

Only see what you can see.

Co-Authored-By: Saul S <sauls8t@users.noreply.github.com>
This commit is contained in:
HarveyKandola 2018-06-22 17:01:26 +01:00
parent ae50b889c5
commit 467acec3c4
5 changed files with 95 additions and 9 deletions

View file

@ -418,6 +418,7 @@ func (h *Handler) SearchDocuments(w http.ResponseWriter, r *http.Request) {
return
}
// Get search criteria.
options := search.QueryOptions{}
err = json.Unmarshal(body, &options)
if err != nil {
@ -425,24 +426,30 @@ func (h *Handler) SearchDocuments(w http.ResponseWriter, r *http.Request) {
h.Runtime.Log.Error(method, err)
return
}
options.Keywords = strings.TrimSpace(options.Keywords)
// Get documents for search criteria.
results, err := h.Store.Search.Documents(ctx, options)
if err != nil {
h.Runtime.Log.Error(method, err)
}
// Put in slugs for easy UI display of search URL
// Generate slugs for search URL.
for key, result := range results {
results[key].DocumentSlug = stringutil.MakeSlug(result.Document)
results[key].SpaceSlug = stringutil.MakeSlug(result.Space)
}
// Record user search history
// Remove documents that cannot be seen due to lack of
// category view/access permission.
cats, err := h.Store.Category.GetByOrg(ctx, ctx.UserID)
members, err := h.Store.Category.GetOrgCategoryMembership(ctx, ctx.UserID)
filtered := indexer.FilterCategoryProtected(results, cats, members)
// Record user search history.
if !options.SkipLog {
if len(results) > 0 {
go h.recordSearchActivity(ctx, results, options.Keywords)
if len(filtered) > 0 {
go h.recordSearchActivity(ctx, filtered, options.Keywords)
} else {
ctx.Transaction, err = h.Runtime.Db.Beginx()
if err != nil {
@ -468,7 +475,7 @@ func (h *Handler) SearchDocuments(w http.ResponseWriter, r *http.Request) {
h.Store.Audit.Record(ctx, audit.EventTypeSearch)
response.WriteJSON(w, results)
response.WriteJSON(w, filtered)
}
// Record search request once per document.