Commit ef4f1af8 authored by Robert Lyon's avatar Robert Lyon

Allowing searchbox for elasticsearch to be public (bug 1257953)

- TO DO: will need to make sure that the results returned by public
search are allowed to be seen by the public

Change-Id: I1787bd1ba0f26d5f7ea86d5d7f1562987f98381c
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 8a81e021
......@@ -294,7 +294,6 @@ if (!get_config('searchplugin')) {
$CFG->searchplugin = 'internal';
}
}
$bcrypt_cost = get_config('bcrypt_cost');
// bcrypt_cost is the cost parameter passed as part of the bcrypt hash
// See http://php.net/manual/en/function.crypt.php
......
......@@ -570,3 +570,8 @@ $cfg->usersuniquebyusername = false;
*/
// $cfg->dbtimezone = '+10:00';
// $cfg->dbtimezone = 'Europe/Rome';
/**
* @global bool $cfg->publicsearchallowed Activates the display of the search box for logged-out users
*/
$cfg->publicsearchallowed = false;
......@@ -485,6 +485,13 @@ EOF;
}
$smarty->assign('LOGGEDIN', $USER->is_logged_in());
$publicsearchallowed = false;
$searchplugin = get_config('searchplugin');
if ($searchplugin) {
safe_require('search', $searchplugin);
$publicsearchallowed = (call_static_method(generate_class_name('search', $searchplugin), 'publicform_allowed') && get_config('publicsearchallowed'));
}
$smarty->assign('publicsearchallowed', $publicsearchallowed);
if ($USER->is_logged_in()) {
global $SELECTEDSUBNAV; // It's evil, but rightnav & mainnav stuff are now in different templates.
$smarty->assign('MAINNAV', main_nav());
......
......@@ -13,6 +13,7 @@
define('INTERNAL', 1);
define('MENUITEM', '');
define('PUBLIC', 1);
require(dirname(dirname(dirname(__FILE__))) . '/init.php');
require_once(get_config('libroot') . 'pieforms/pieform.php');
require_once(get_config('libroot') . 'searchlib.php');
......@@ -31,6 +32,10 @@ define('SECTION_PLUGINNAME', 'elasticsearch');
define('SECTION_PAGE', 'elasticsearch');
global $USER;
if (!get_config('publicsearchallowed') && !$USER->is_logged_in()) {
throw new AccessDeniedException();
}
$options = array();
$query = param_variable('query', '');
......
......@@ -10,6 +10,7 @@
*/
define('INTERNAL', 1);
define('PUBLIC', 1);
define('JSON', 1);
require(dirname(dirname(dirname(dirname(__FILE__)))) . '/init.php');
......@@ -21,6 +22,11 @@ require_once(get_config('docroot') . 'artefact/file/lib.php');
require_once(get_config('libroot') . 'group.php');
require_once(get_config('docroot') . 'search/elasticsearch/lib.php');
global $USER;
if (!get_config('publicsearchallowed') && !$USER->is_logged_in()) {
throw new AccessDeniedException();
}
$offset = param_integer('offset', 0);
$limit = param_integer('limit', 10);
$filter = param_alpha('filter', 'all');
......
......@@ -93,6 +93,15 @@ class PluginSearchElasticsearch extends PluginSearch {
return false;
}
/**
* This function determines whether the plugin allows a search box to display for
* non-logged in users - only useful if results returned by search are allowed to
* be seen by the public
*/
public static function publicform_allowed() {
return true;
}
/**
* Generates the search form used in the page headers
* @return string
......
......@@ -44,6 +44,15 @@ abstract class PluginSearch extends Plugin {
return true;
}
/**
* This function determines whether the plugin allows a search box to display for
* non-logged in users - only useful if results returned by search are allowed to
* be seen by the public
*/
public static function publicform_allowed() {
return false;
}
/**
* Given a query string and limits, return an array of matching users
*
......
......@@ -19,7 +19,7 @@
</div>
{if !$nosearch && $LOGGEDIN} {header_search_form}{/if}
{if !$nosearch && ($LOGGEDIN || $publicsearchallowed)} {header_search_form}{/if}
</div>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment