Add non-searchable tags #398
Conversation
jrcastro2
commented
Sep 6, 2024
•
jrcastro2
commented
- closes Vocab: Add non-searchable tag CERNDocumentServer/cds-rdm#194
jrcastro2
force-pushed
the
add-deprecation
branch
from
0a560e3
to
eda8b19
Compare
invenio_vocabularies/generators.py
Outdated
| class AnyUser(Generator): | ||
| """Allows any user.""" | ||
|
|
||
| def needs(self, **kwargs): | ||
| """Enabling Needs.""" | ||
| return [any_user] | ||
|
|
||
| def query_filter(self, **kwargs): | ||
| """Match only searchable values in search.""" | ||
| return dsl.Q( | ||
| "bool", | ||
| must_not=[dsl.Q("term", tags="non-searchable")], | ||
| ) |
There was a problem hiding this comment.
| class AnyUser(Generator): | |
| """Allows any user.""" | |
| def needs(self, **kwargs): | |
| """Enabling Needs.""" | |
| return [any_user] | |
| def query_filter(self, **kwargs): | |
| """Match only searchable values in search.""" | |
| return dsl.Q( | |
| "bool", | |
| must_not=[dsl.Q("term", tags="non-searchable")], | |
| ) | |
| class Tags(Generator): | |
| """Search filter based on tags.""" | |
| def __init__(self, include=None, exclude=None): | |
| ... | |
| def query_filter(self, **kwargs): | |
| """Search based on configured tags.""" | |
| return dsl.Q( | |
| "bool", | |
| must=[dsl.Q("term", tags=self.include)], | |
| must_not=[dsl.Q("term", tags=self.exclude)], | |
| ) |
- major: I would not reuse the name
AnyUsersince we might start mixing them up and misinterpret its meaning - minor: defining a
Tagsgenerator might be a more flexible approach since it allows us to combine like the following:
class VocabularyPermissionPolicy:
can_search = [
SystemProcess(),
Administration(),
Tags(exclude=["non-searchable"])
]This assumes that Administration() makes sure that admins search/see everything (which I'm not sure if is the case today).
invenio_vocabularies/permissions.py
Outdated
| """Permission policy.""" | ||
|
|
||
| can_search = [SystemProcess(), AnyUser()] | ||
| can_read = [SystemProcess(), AnyUser()] |
There was a problem hiding this comment.
| can_read = [SystemProcess(), AnyUser()] | |
| can_read = [SystemProcess()] |
minor: reads should always be possible, since we just want to control the search behaviour for end-users
jrcastro2
force-pushed
the
add-deprecation
branch
from
eda8b19
to
9da1e75
Compare
jrcastro2
force-pushed
the
add-deprecation
branch
3 times, most recently
from
9a5a2ae
to
88cb173
Compare
| # this permission is needed for the /api/vocabularies/ endpoint | ||
| can_list_vocabularies = [ | ||
| SystemProcess(), | ||
| Tags(exclude=["non-searchable"], only_authenticated=True), |
There was a problem hiding this comment.
side question, for me to understand how this works. How can I know what tags are available?
There was a problem hiding this comment.
Hmm, I think it's only documented in the RFC: https://github.com/inveniosoftware/rfcs/blob/fdb09b8b86263607364c8cc554b3a6580ccba2e2/rfcs/rdm-0077-vocabulary-harvesting.md#data-model
There is PR adding the non-searchableexplanation, however maybe we should document htis better in the docs (?)
| can_search = [SystemProcess(), AnyUser()] | ||
| can_read = [SystemProcess(), AnyUser()] | ||
| can_search = [SystemProcess(), Tags(exclude=["non-searchable"])] | ||
| can_read = [SystemProcess(), Tags(exclude=["non-searchable"])] |
There was a problem hiding this comment.
Is it really what we want here that nobody at all can search non-searchable names?
There was a problem hiding this comment.
People with admin permission can search for it. If there is other permissions that should have access to it let me know. But to me it makes sense that only administrators do have.
jrcastro2
force-pushed
the
add-deprecation
branch
from
88cb173
to
90d019c
Compare
jrcastro2
force-pushed
the
add-deprecation
branch
from
90d019c
to
b1d6113
Compare
