Global Search available for all users. Apply allowed domain filter for standard users search result.

This commit is contained in:
Rauno Tuul 2023-02-13 12:10:44 +02:00
parent 077bbb813c
commit 3688add76a

View File

@ -2021,7 +2021,6 @@ def delete_template(template):
@admin_bp.route('/global-search', methods=['GET']) @admin_bp.route('/global-search', methods=['GET'])
@login_required @login_required
@operator_role_required
def global_search(): def global_search():
if request.method == 'GET': if request.method == 'GET':
domains = [] domains = []
@ -2033,6 +2032,22 @@ def global_search():
server = Server(server_id='localhost') server = Server(server_id='localhost')
results = server.global_search(object_type='all', query=query) results = server.global_search(object_type='all', query=query)
# Filter results to domains to which the user has access permission
if current_user.role.name not in [ 'Administrator', 'Operator' ]:
allowed_domains = db.session.query(Domain) \
.outerjoin(DomainUser, Domain.id == DomainUser.domain_id) \
.outerjoin(Account, Domain.account_id == Account.id) \
.outerjoin(AccountUser, Account.id == AccountUser.account_id) \
.filter(
db.or_(
DomainUser.user_id == current_user.id,
AccountUser.user_id == current_user.id
)) \
.with_entities(Domain.name) \
.all()
allowed_domains = [value for value, in allowed_domains]
results = list(filter(lambda r: r['zone_id'][:-1] in allowed_domains, results))
# Format the search result # Format the search result
for result in results: for result in results:
if result['object_type'] == 'zone': if result['object_type'] == 'zone':