allow search by unauthenticated users

2024-11-22 03:56:49 +03:00 · 2021-11-24 15:15:36 -08:00 · 2021-11-24 15:15:36 -08:00 · c592dc6520
commit c592dc6520
parent 64ee9a2d7b
3 changed files with 32 additions and 65 deletions
--- a/node_common/managers/search/search.js
+++ b/node_common/managers/search/search.js
@ -32,9 +32,12 @@ export const searchMultiple = async ({
  } else {
    ownerQuery = {
      bool: {
-        should: [{ term: { ownerId } }],
+        should: [],
      },
    };
+    if (ownerId) {
+      ownerQuery.bool.should.push({ term: { ownerId } });
+    }
    if (globalSearch) {
      ownerQuery.bool.should.push({ term: { isPublic: true } });
    }
@ -214,9 +217,12 @@ export const searchSlate = async ({ query, ownerId, userId, globalSearch = false
    } else {
      ownerQuery = {
        bool: {
-          should: [{ term: { ownerId } }],
+          should: [],
        },
      };
+      if (ownerId) {
+        ownerQuery.bool.should.push({ term: { ownerId } });
+      }
      if (globalSearch) {
        ownerQuery.bool.should.push({ term: { isPublic: true } });
      }
@ -289,9 +295,12 @@ export const searchFile = async ({ query, ownerId, userId, globalSearch = false,
    } else {
      ownerQuery = {
        bool: {
-          should: [{ term: { ownerId } }],
+          should: [],
        },
      };
+      if (ownerId) {
+        ownerQuery.bool.should.push({ term: { ownerId } });
+      }
      if (globalSearch) {
        ownerQuery.bool.should.push({ term: { isPublic: true } });
      }
@ -304,55 +313,10 @@ export const searchFile = async ({ query, ownerId, userId, globalSearch = false,
        query: {
          bool: {
            must,
-            // filter: [{ term: { "tags.id": "0824a3cb-e839-4246-8ff4-d919919e1487" } }],
-            // filter: [{ term: { isLink: true } }],
-            // filter: [{ term: { ownerId: "f9cc7b00-ce59-4b49-abd1-c7ef7253e258" } }],
-            // filter: [
-            //   { term: { ownerId: "f9cc7b00-ce59-4b49-abd1-c7ef7253e258" } },
-            //   { term: { isLink: true } },
-            // ],
          },
        },
      },
    });
-    // const result = await searchClient.search({
-    //   index: "files",
-    //   body: {
-    //     query: {
-    //       bool: {
-    //         must: {
-    //           multi_match: {
-    //             query,
-    //             fuzziness: "AUTO",
-    //             type: "best_fields",
-    //             fields: [
-    //               "name",
-    //               "body",
-    //               "linkName",
-    //               "linkBody",
-    //               "linkAuthor",
-    //               "linkSource",
-    //               "linkDomain",
-    //             ],
-    //             tie_breaker: 0.3,
-    //           },
-    //         },
-    //         should: [
-    //           { term: { ownerId: "f9cc7b00-ce59-4b49-abd1-c7ef7253e258" } },
-    //           { term: { isLink: false } },
-    //         ],
-    //         minimum_should_match: 1,
-    //         // filter: [{ term: { "tags.id": "0824a3cb-e839-4246-8ff4-d919919e1487" } }],
-    //         // filter: [{ term: { isLink: true } }],
-    //         // filter: [{ term: { ownerId: "f9cc7b00-ce59-4b49-abd1-c7ef7253e258" } }],
-    //         // filter: [
-    //         //   { term: { ownerId: "f9cc7b00-ce59-4b49-abd1-c7ef7253e258" } },
-    //         //   { term: { isLink: true } },
-    //         // ], //this does an AND, not an OR
-    //       },
-    //     },
-    //   },
-    // });

    if (result.statusCode !== 200) return;
    const hits = result?.body?.hits?.hits;
--- a/node_common/request-utilities.js
+++ b/node_common/request-utilities.js
@ -2,28 +2,31 @@ import * as Data from "~/node_common/data";
 import * as Strings from "~/common/strings";
 import * as Utilities from "~/node_common/utilities";

-export const checkAuthorizationInternal = async (req, res) => {
+export const checkAuthorizationInternal = async (req, res, allowUnauthenticated = false) => {
  const id = Utilities.getIdFromCookie(req);
-  if (!id) {
+  if (!id && !allowUnauthenticated) {
    return res.status(401).send({ decorator: "SERVER_NOT_AUTHENTICATED", error: true });
  }

-  const user = await Data.getUserById({
-    id,
-  });
-
-  if (!user) {
-    return res.status(404).send({
-      decorator: "SERVER_USER_NOT_FOUND",
-      error: true,
+  let user;
+  if (id) {
+    user = await Data.getUserById({
+      id,
    });
-  }

-  if (user.error) {
-    return res.status(500).send({
-      decorator: "SERVER_USER_NOT_FOUND",
-      error: true,
-    });
+    if (!user) {
+      return res.status(404).send({
+        decorator: "SERVER_USER_NOT_FOUND",
+        error: true,
+      });
+    }
+
+    if (user.error) {
+      return res.status(500).send({
+        decorator: "SERVER_USER_NOT_FOUND",
+        error: true,
+      });
+    }
  }

  return { id, user };
--- a/pages/api/search/search.js
+++ b/pages/api/search/search.js
@ -9,7 +9,7 @@ import SearchManager from "~/node_common/managers/search";
 //               tagsIds: Applies when searching for only files. Will only search for files contained within the given tags
 //               grouped: Applies when searching for multiple object types only. Specifies whether to group the results by object type in the form { users: [user1, user2, ...], slates: [slate1, slate2, ...], files: [file1, file2, ...]}
 export default async (req, res) => {
-  const userInfo = await RequestUtilities.checkAuthorizationInternal(req, res);
+  const userInfo = await RequestUtilities.checkAuthorizationInternal(req, res, true);
  if (!userInfo) return;
  const { id, user } = userInfo;