From 25d909fb2bb7286dd6cec8a6f69e8d50b65a1e6f Mon Sep 17 00:00:00 2001 From: Jim Myers Date: Wed, 31 Jul 2024 15:39:36 -0400 Subject: [PATCH] drop public access for all groups --- .../dataverse/search/SearchServiceBean.java | 4 ++-- .../iq/dataverse/search/SearchUtil.java | 19 ++++++++++--------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/src/main/java/edu/harvard/iq/dataverse/search/SearchServiceBean.java b/src/main/java/edu/harvard/iq/dataverse/search/SearchServiceBean.java index 263c8d50e00..1641c241458 100644 --- a/src/main/java/edu/harvard/iq/dataverse/search/SearchServiceBean.java +++ b/src/main/java/edu/harvard/iq/dataverse/search/SearchServiceBean.java @@ -197,7 +197,7 @@ public SolrQueryResponse search( boolean avoidJoin = FeatureFlags.AVOID_EXPENSIVE_SOLR_JOIN.enabled(); String permissionFilterGroups = getPermissionFilterGroups(dataverseRequest, solrQuery, onlyDatatRelatedToMe, addFacets, avoidJoin); if(settingsService.isTrueForKey(SettingsServiceBean.Key.SolrFullTextIndexing, false)) { - query = SearchUtil.expandQuery(query, permissionFilterGroups!=null && !isAllGroups(permissionFilterGroups), avoidJoin); + query = SearchUtil.expandQuery(query, permissionFilterGroups==null, isAllGroups(permissionFilterGroups), avoidJoin); logger.fine("Sanitized, Expanded Query: " + query); String q1Query = buildPermissionGroupQuery(avoidJoin,SearchFields.FULL_TEXT_SEARCHABLE_BY,permissionFilterGroups); solrQuery.add("q1", q1Query); @@ -964,7 +964,7 @@ public QueryResponse simpleSearch(DataverseRequest dataverseRequest, String retu boolean avoidJoin = FeatureFlags.AVOID_EXPENSIVE_SOLR_JOIN.enabled(); String permissionFilterGroups = getPermissionFilterGroups(dataverseRequest, solrQuery, false, !(facets == null || facets.isEmpty()), avoidJoin); if (settingsService.isTrueForKey(SettingsServiceBean.Key.SolrFullTextIndexing, false)) { - query = SearchUtil.expandQuery(query, permissionFilterGroups != null && !isAllGroups(permissionFilterGroups), avoidJoin); + query = SearchUtil.expandQuery(query, permissionFilterGroups == null, isAllGroups(permissionFilterGroups), avoidJoin); logger.fine("Sanitized, Expanded Query: " + query); String finalQ1Query = buildPermissionGroupQuery(avoidJoin,SearchFields.FULL_TEXT_SEARCHABLE_BY,permissionFilterGroups); solrQuery.add("q1", finalQ1Query); diff --git a/src/main/java/edu/harvard/iq/dataverse/search/SearchUtil.java b/src/main/java/edu/harvard/iq/dataverse/search/SearchUtil.java index 795cf5a3ee8..aae264780ec 100644 --- a/src/main/java/edu/harvard/iq/dataverse/search/SearchUtil.java +++ b/src/main/java/edu/harvard/iq/dataverse/search/SearchUtil.java @@ -259,7 +259,7 @@ public static String getGeoRadius(String userSuppliedGeoRadius) throws NumberFor * @return * @throws SearchException */ - public static String expandQuery(String query, boolean joinNeeded, boolean avoidJoin) throws SearchException { + public static String expandQuery(String query, boolean publicOnly, boolean allGroups, boolean avoidJoin) throws SearchException { // If it isn't 'find all' // Note that this query is used to populate the main Dataverse view and, without // this check, Dataverse assumes its a real search and displays the hit hints @@ -309,22 +309,23 @@ public static String expandQuery(String query, boolean joinNeeded, boolean avoid // If it has a : that is not part of an escaped doi or handle (e.g. doi\:), e.g. // it is field-specific + boolean joinNeeded = !publicOnly && !allGroups; if (!(specialTokenPattern.matcher(part).matches())) { - String andClause = (avoidJoin&& !joinNeeded) ? " AND " + SearchFields.ACCESS + ":" + SearchConstants.PUBLIC :""; + String andClause = (avoidJoin && publicOnly) ? " AND " + SearchFields.ACCESS + ":" + SearchConstants.PUBLIC :""; if (part.startsWith("+")) { - ftQuery.append(expandPart(part + " OR (+" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, joinNeeded, avoidJoin)); + ftQuery.append(expandPart(part + " OR (+" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, publicOnly, joinNeeded, avoidJoin)); } else if (part.startsWith("-")) { - ftQuery.append(expandPart(part + " OR (-" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, joinNeeded, avoidJoin)); + ftQuery.append(expandPart(part + " OR (-" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, publicOnly, joinNeeded, avoidJoin)); } else if (part.startsWith("!")) { - ftQuery.append(expandPart(part + " OR (!" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, joinNeeded, avoidJoin)); + ftQuery.append(expandPart(part + " OR (!" + SearchFields.FULL_TEXT + ":" + part.substring(1) + andClause, publicOnly, joinNeeded, avoidJoin)); } else { - ftQuery.append(expandPart(part + " OR (" + SearchFields.FULL_TEXT + ":" + part + andClause, joinNeeded, avoidJoin)); + ftQuery.append(expandPart(part + " OR (" + SearchFields.FULL_TEXT + ":" + part + andClause, publicOnly, joinNeeded, avoidJoin)); } } else { if (part.contains(SearchFields.FULL_TEXT + ":")) { // Any reference to the FULL_TEXT field has to be joined with the permission // term - ftQuery.append(expandPart("(" + part, joinNeeded, avoidJoin)); + ftQuery.append(expandPart("(" + part, publicOnly, joinNeeded, avoidJoin)); } else { if(!(part.equals("\\") || part.equals("/"))) { ftQuery.append(part); @@ -339,8 +340,8 @@ public static String expandQuery(String query, boolean joinNeeded, boolean avoid return ftQuery.toString(); } - private static Object expandPart(String part, boolean joinNeeded, boolean avoidJoin) { - String permClause = (avoidJoin && joinNeeded) ? SearchFields.ACCESS + ":" + SearchConstants.PUBLIC : ""; + private static Object expandPart(String part, boolean publicOnly, boolean joinNeeded, boolean avoidJoin) { + String permClause = (avoidJoin && publicOnly) ? SearchFields.ACCESS + ":" + SearchConstants.PUBLIC : ""; if (joinNeeded) { if (!permClause.isEmpty()) { permClause = "(" + permClause + " OR " + "{!join from=" + SearchFields.DEFINITION_POINT + " to=id v=$q1})))";