Commit e8f57ea6 authored by Robert Lyon's avatar Robert Lyon
Browse files

Allowing for users to not show up in public search (bug 1257953)



Thinking of privacy issues here - when should the users showup on
search results.

This patch allows users to show up based on the access of their
profile page (accesstypes: public, loggedin, friends) and whether
'Show users in public search' is set or not.

Normally all profile pages are accessible by logged in users - but
this can be altered if 'Logged-in profile access' is unchecked and
users remove the access off their profile page.

Change-Id: I4daa8cb2812bddb231ba489dfeefb4843b653d40
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent b721e8cf
......@@ -152,6 +152,13 @@ $siteoptionform = array(
'defaultvalue' => get_config('searchusernames'),
'disabled' => in_array('searchusernames', $OVERRIDDEN),
),
'searchuserspublic' => array(
'type' => 'checkbox',
'title' => get_string('searchuserspublic', 'admin'),
'description' => get_string('searchuserspublicdescription', 'admin'),
'defaultvalue' => get_config('searchuserspublic'),
'disabled' => in_array('searchuserspublic', $OVERRIDDEN),
),
'anonymouscomments' => array(
'type' => 'checkbox',
'title' => get_string('anonymouscomments', 'admin'),
......@@ -699,7 +706,7 @@ function siteoptions_submit(Pieform $form, $values) {
'noreplyaddress', 'defaultnotificationmethod', 'homepageinfo', 'showonlineuserssideblock', 'onlineuserssideblockmaxusers',
'registerterms', 'licensemetadata', 'licenseallowcustom', 'allowmobileuploads', 'creategroups', 'createpublicgroups', 'allowgroupcategories', 'wysiwyg',
'staffreports', 'staffstats', 'userscandisabledevicedetection',
'masqueradingreasonrequired', 'masqueradingnotified',
'masqueradingreasonrequired', 'masqueradingnotified', 'searchuserspublic',
'eventloglevel', 'eventlogexpiry', 'sitefilesaccess',
);
$count = 0;
......
......@@ -342,6 +342,8 @@ $string['searchplugindescription'] = 'Search plugin to use';
$string['searchconfigerror'] = 'The configuration settings for search plugin "%s" are incorrect, please check the configuration settings under Extensions -> Plugin type: search. You may need to hit the search\'s \'reset\' button when done.';
$string['searchusernames'] = 'Search usernames';
$string['searchusernamesdescription'] = 'If checked, allow usernames to be searched on as part of "Search users".';
$string['searchuserspublic'] = 'Show users in public search';
$string['searchuserspublicdescription'] = 'Allow users\' names to appear in public search results. This needs to have \'publicsearchallowed\' set to true and be using a search plugin that allows public search, e.g. Elasticsearch. Changing this setting will require search re-indexing.';
$string['sessionlifetime'] = 'Session lifetime';
$string['sessionlifetimedescription'] = 'Time in minutes after which an inactive logged-in user will be automatically logged out.';
$string['setsiteoptionsfailed'] = 'Failed setting the %s option';
......
......@@ -1528,7 +1528,16 @@ class ElasticsearchIndexing {
IF NOT EXISTS (SELECT 1 FROM {search_elasticsearch_queue} WHERE itemid = OLD.id AND type = '.$tablewithoutprefix.') THEN
INSERT INTO {search_elasticsearch_queue} (itemid, type) VALUES (OLD.id, '.$tablewithoutprefix.');
END IF;
IF (TG_TABLE_NAME=\'{view}\') THEN
IF (TG_TABLE_NAME=\'' . $dbprefix . 'view\') THEN
INSERT INTO {search_elasticsearch_queue} (itemid, type)
SELECT u.id, \'usr\' AS type FROM {usr} u
INNER JOIN {view} v ON v.owner = u.id
WHERE v.type = \'profile\'
AND v.id = OLD.id
AND NOT EXISTS (
SELECT q.id FROM {search_elasticsearch_queue} q
WHERE q.type = \'usr\' AND q.itemid = u.id
);
INSERT INTO {search_elasticsearch_queue} (itemid, type)
SELECT va.artefact, \'artefact\' AS type
FROM {view_artefact} va
......@@ -1542,7 +1551,16 @@ class ElasticsearchIndexing {
IF NOT EXISTS (SELECT 1 FROM {search_elasticsearch_queue} WHERE itemid = NEW.id AND type = ' . $tablewithoutprefix . ') THEN
INSERT INTO {search_elasticsearch_queue} (itemid, type) VALUES (NEW.id, ' . $tablewithoutprefix . ');
END IF;
IF (TG_TABLE_NAME=\'{view}\') THEN
IF (TG_TABLE_NAME=\'' . $dbprefix . 'view\') THEN
INSERT INTO {search_elasticsearch_queue} (itemid, type)
SELECT u.id, \'usr\' AS type FROM {usr} u
INNER JOIN {view} v ON v.owner = u.id
WHERE v.type = \'profile\'
AND v.id = NEW.id
AND NOT EXISTS (
SELECT q.id FROM {search_elasticsearch_queue} q
WHERE q.type = \'usr\' AND q.itemid = u.id
);
INSERT INTO {search_elasticsearch_queue} (itemid, type)
SELECT va.artefact, \'artefact\' AS type
FROM {view_artefact} va
......
......@@ -39,6 +39,17 @@ class ElasticsearchType_usr extends ElasticsearchType
'index_name' => 'institution',
'include_in_all' => FALSE
),
// access to user - to be able to hide user from public search
'access' => array(
'type' => 'object',
'index' => 'not_analyzed',
'include_in_all' => FALSE,
'general' => array(
'type' => 'string',
'index' => 'not_analyzed',
'include_in_all' => FALSE
),
),
'ctime' => array(
'type' => 'date',
'format' => 'YYYY-MM-dd HH:mm:ss',
......@@ -70,6 +81,7 @@ class ElasticsearchType_usr extends ElasticsearchType
'lastname' => NULL,
'preferredname' => NULL,
'institutions' => NULL,
'access' => NULL,
'ctime' => NULL,
'sort' => NULL,
);
......@@ -117,6 +129,34 @@ class ElasticsearchType_usr extends ElasticsearchType
$record->email[] = $email->email;
}
}
// check to see if the user's profile page is viewable and which is the most 'open' access
$accessrank = array('loggedin','friends');
if (get_config('searchuserspublic')) {
array_unshift($accessrank, 'public');
}
// get all accesses of user's profile page ordered by the $accessrank array
// so that the first result will be the most 'open' access allowed
if (is_postgres()) {
$join = '';
$count = 0;
foreach ($accessrank as $key => $access) {
$count++;
$join .= "('" . $access . "'," . $key . ")";
if ($count != sizeof($accessrank)) {
$join .= ",";
}
}
$sql = "SELECT va.accesstype FROM {view} v, {view_access} va
JOIN (VALUES" . $join . ") AS x (access_type, ordering) ON va.accesstype = x.access_type
WHERE v.id = va.view AND v.type = 'profile' AND v.owner = ? ORDER BY x.ordering";
}
$profileviewaccess = recordset_to_array(get_recordset_sql($sql, array($record->id)));
$record->access['general'] = (!empty($profileviewaccess)) ? $profileviewaccess[0]->accesstype : 'none';
// always allow user to search themselves for vanity reasons
$record->access['usrs'] = $record->id;
$record->mainfacetterm = self::$mainfacetterm;
$allowhidename = get_config('userscanhiderealnames');
$showusername = get_config('searchusernames');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment