diff --git a/webapp/crashstats/documentation/jinja2/docs/supersearch/api.html b/webapp/crashstats/documentation/jinja2/docs/supersearch/api.html index 5524577c32..c7fd016a72 100644 --- a/webapp/crashstats/documentation/jinja2/docs/supersearch/api.html +++ b/webapp/crashstats/documentation/jinja2/docs/supersearch/api.html @@ -92,7 +92,7 @@

_results_offset

Use this parameter to get a large number of results instead of setting - an arbitraty big _results_number value. Run queries in a + an arbitrary big _results_number value. Run queries in a loop, incrementing this by the value of _results_number, and concatenate the content of the hits key.

@@ -146,7 +146,7 @@

_aggs.*

run an aggregation on field_1, then for each bucket of that aggregation, it will aggregate on field_2, and then for each bucket of that sub-aggregation, it will aggregate on - field_3. Theoratically, we could have any number of + field_3. Theoretically, we could have any number of levels of aggregations, but in practice we only allow all "level 1" aggregations, and a few "level 2" and "level 3".

@@ -300,6 +300,9 @@

{{ filter.name }}

{% endfor %}

+ {# NOTE(willkg): we use permissions_needed so it matches the + protected crash schema rather than the webapp permissions which + users won't understand #} {% if filter.permissions_needed %}

{{ filter.permissions_needed | join(', ') }}

{% endif %} diff --git a/webapp/crashstats/signature/tests/test_views.py b/webapp/crashstats/signature/tests/test_views.py index a5fffca45a..813e3af742 100644 --- a/webapp/crashstats/signature/tests/test_views.py +++ b/webapp/crashstats/signature/tests/test_views.py @@ -9,10 +9,12 @@ import pyquery +from django.contrib.auth.models import AnonymousUser from django.urls import reverse from django.utils.encoding import smart_str from crashstats.crashstats import models +from crashstats.signature.views import get_fields from socorro.lib.libdatetime import date_to_string, utc_now from socorro.lib.libooid import create_new_ooid, date_from_ooid @@ -661,3 +663,16 @@ def test_signature_bugzilla(self, client, db, es_helper): < content.find("Related Crash Signatures") < content.find("Bugs for OOM | small") ) + + def test_get_fields(self, db, user_helper): + # Create anonymous user and get fields + user = AnonymousUser() + fields = get_fields(user) + len_public_fields = len(fields) + assert len(fields) > 0 + + # Create user with protected data access, get fields, and make sure there are + # more of them than if the user didn't have protected data access + user = user_helper.create_protected_user() + fields = get_fields(user) + assert len(fields) > len_public_fields diff --git a/webapp/crashstats/signature/views.py b/webapp/crashstats/signature/views.py index 30a7c2f686..9d716809ab 100644 --- a/webapp/crashstats/signature/views.py +++ b/webapp/crashstats/signature/views.py @@ -71,6 +71,24 @@ def inner(request, *args, **kwargs): return inner +def get_fields(user): + """Retrieve super search fields this user has access to + + :arg user: a Django User instance + + :returns: a list of dicts with "id" and "text" keys + + """ + return sorted( + x["name"] + for x in SuperSearchFields().get().values() + if x["is_exposed"] + and x["is_returned"] + and user.has_perms(x["webapp_permissions_needed"]) + and x["name"] != "signature" # exclude the signature field + ) + + @track_view @csp_update(CONNECT_SRC="analysis-output.telemetry.mozilla.org") @pass_validated_params @@ -84,14 +102,7 @@ def signature_report(request, params, default_context=None): context["signature"] = signature - fields = sorted( - x["name"] - for x in SuperSearchFields().get().values() - if x["is_exposed"] - and x["is_returned"] - and request.user.has_perms(x["permissions_needed"]) - and x["name"] != "signature" # exclude the signature field - ) + fields = get_fields(request.user) context["fields"] = [ {"id": field, "text": field.replace("_", " ")} for field in fields ]