Bug #4287

Users get only search results for their own institution under some circumstances

Added by Jesús García Crespo about 10 years ago. Updated about 7 years ago.

Status:VerifiedStart date:
Priority:MediumDue date:
Assignee:Dan Gillean% Done:

0%

Category:Search / Browse
Target version:Release 2.2.0
Google Code Legacy ID:atom-2339 Tested version:2.0.0, 2.0.1, 2.1
Sponsored: Requires documentation:

Description

To reproduce this error: ========================
1) Create repos A, B, C
2) Create:
- Description with title "Peanut A", part of repository A. Publish it.
- Description with title Peanut B", part of repository B. Publish it.
- Description with title "Peanut C", part of repository C. Publish it.
3) Create an user Foobar, no groups.
4) Give Foobar viewDraft permissions for repository A.
5) Search for "Peanut"

Resulting error: ================
Only the description Peanut A will appear.

Expected result: ================
Peanut A, Peanut B, Peanut C should appear in the search results.

[g] Legacy categories: Search / browse

filterDrafts.php Magnifier (2.02 KB) Edgar Rodríguez Silva, 12/30/2014 03:34 PM

History

#1 Updated by Jesús García Crespo about 10 years ago

Additionally, if viewDraft permissions are assigned for more than one repository, the user won't get any search result at all. I think this issue is realted to the way that the search query is built in searchFilterDrafts (QubitAcl class).

#2 Updated by David Juhasz almost 10 years ago

Reassign to new account.

[g] New owner: David Juhasz

#3 Updated by Edgar Rodríguez Silva over 7 years ago

I have worked to solve this bug. I have changes in plugins/qbAclPlugin/lib/QubitAclSearch.class.php to achieve an appropriate elasticSearch Query.

I think the query must be like in the next example:

{
  "query": {
    "filtered": {
      "filter": {
        "bool": {
          "should": [
            {
              "term": {
                "QubitInformationObject.publicationStatusId": "160" 
              }
            },
            {
              "bool": {
                "must": [
                  { "term": {"QubitInformationObject.publicationStatusId": "159" } },
                  { "term": {"QubitInformationObject.repository.id": "41" }}
                ]
              }
            },
            {
              "bool": {
                "must": [
                  { "term": {"QubitInformationObject.publicationStatusId": "159" } },
                  { "term": {"QubitInformationObject.repository.id": "42" }}
                ]
              }
            }
          ]
        }
      }
    }
  }
}

This made that all description published will be shown, including the description with draft status from the repositories with permissions (id=42 and id=41)).

I attached the code for the method filterDrafts I have changed.

#4 Updated by Jesús García Crespo over 7 years ago

I can't see the attachment! A pull request would be the nicest way but it's ok.

#6 Updated by Jesús García Crespo over 7 years ago

  • Category set to Search / Browse
  • Status changed from New to Code Review
  • Assignee changed from David Juhasz to José Raddaoui Marín
  • Target version set to Release 2.2.0
  • Tested version 2.0.0, 2.0.1, 2.1 added

Hey Radda, do you want to review this? https://github.com/artefactual/atom/pull/97 - it seems fine, but it'd be great to have a couple of extra eyes with time to do some testing. Merge if you're good with it please!

#7 Updated by José Raddaoui Marín over 7 years ago

  • Status changed from Code Review to QA/Review
  • Assignee changed from José Raddaoui Marín to Dan Gillean

I've followed the steps in the description and the result was the expected result, the three descriptions showed up. I've done the following then:

6) Turn Peanut A, Peanut B and Peanut C into draft descriptions (with admin user)
7) Search for "Penaut" (with Foobar user)

Result: Only Peanut A is returned

8) Give Foobar viewDraft permissions for repository B (with admin user)
9) Search for "Penaut" (with Foobar user)

Result: Peanut A and Penaut B are returned

It looks like everything is okay for me using qa/2.2.x. Am I missing something? Maybe this has been already fixed.

Dan, would you be so kind to test whether you can replicate it or not. Please, give the ticket back to me if you can.

#8 Updated by Sarah Romkey about 7 years ago

  • Status changed from QA/Review to Verified

This is working. I also checked against Jesus's comment (https://projects.artefactual.com/issues/4287#note-1) about having permissions to view drafts of more than one repository- also working properly.

Also available in: Atom PDF