richard
/
wiki
mirror of https://github.com/Requarks/wiki.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix: support permissions by tags for basic db search engine (#2416) 

This code will allow the "search" component to correctly filter pages by usergroup permissions based on tags instead of paths

Co-authored-by: Riccardo Re <riccardo.re@clevermind.cloud>
pull/2452/head
Riccardo Re 4 years ago
committed by GitHub
parent
2d52ba3303
commit
660b78d9e2
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 2 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      server/graph/resolvers/page.js
  2. 6
      server/modules/search/db/engine.js

3
server/graph/resolvers/page.js
View File

@ -57,7 +57,8 @@ module.exports = {
results: _.filter(resp.results, r => { results: _.filter(resp.results, r => {
return WIKI.auth.checkAccess(context.req.user, ['read:pages'], { return WIKI.auth.checkAccess(context.req.user, ['read:pages'], {
path: r.path, path: r.path,
locale: r.locale
locale: r.locale,
tags: r.tags // Tags are needed since access permissions can be limited by page tags too
}) })
}) })
} }

6
server/modules/search/db/engine.js
View File

@ -21,7 +21,11 @@ module.exports = {
*/ */
async query(q, opts) { async query(q, opts) {
const results = await WIKI.models.pages.query() const results = await WIKI.models.pages.query()
.column('id', 'title', 'description', 'path', 'localeCode as locale')
.column('pages.id', 'title', 'description', 'path', 'localeCode as locale')
.withGraphJoined('tags') // Adding page tags since they can be used to check resource access permissions
.modifyGraph('tags', builder => {
builder.select('tag')
})
.where(builder => { .where(builder => {
builder.where('isPublished', true) builder.where('isPublished', true)
if (opts.locale) { if (opts.locale) {

Write Preview
Loading…
Cancel
Save