2019-05-03 06:17:27 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
class SearchController < ApplicationController
|
|
|
|
|
2019-07-02 09:21:52 +08:00
|
|
|
before_action :cancel_overloaded_search, only: [:query]
|
2020-02-28 06:20:36 +08:00
|
|
|
skip_before_action :check_xhr, only: :show
|
|
|
|
after_action :add_noindex_header
|
2019-07-02 09:21:52 +08:00
|
|
|
|
2013-05-25 02:03:45 +08:00
|
|
|
def self.valid_context_types
|
2019-11-14 08:40:26 +08:00
|
|
|
%w{user topic category private_messages tag}
|
2013-05-25 02:03:45 +08:00
|
|
|
end
|
|
|
|
|
2015-07-27 14:13:11 +08:00
|
|
|
def show
|
2019-04-29 15:09:25 +08:00
|
|
|
@search_term = params.permit(:q)[:q]
|
|
|
|
|
|
|
|
# a q param has been given but it's not in the correct format
|
|
|
|
# eg: ?q[foo]=bar
|
|
|
|
if params[:q].present? && !@search_term.present?
|
|
|
|
raise Discourse::InvalidParameters.new(:q)
|
|
|
|
end
|
|
|
|
|
|
|
|
if @search_term.present? &&
|
|
|
|
@search_term.length < SiteSetting.min_search_term_length
|
|
|
|
raise Discourse::InvalidParameters.new(:q)
|
|
|
|
end
|
2018-12-18 22:36:59 +08:00
|
|
|
|
2019-10-22 22:44:52 +08:00
|
|
|
if @search_term.present? && @search_term.include?("\u0000")
|
|
|
|
raise Discourse::InvalidParameters.new("string contains null byte")
|
|
|
|
end
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
rate_limit_errors = rate_limit_search
|
|
|
|
|
|
|
|
discourse_expires_in 1.minute
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
search_args = {
|
|
|
|
type_filter: 'topic',
|
|
|
|
guardian: guardian,
|
2017-07-21 00:12:34 +08:00
|
|
|
blurb_length: 300,
|
|
|
|
page: if params[:page].to_i <= 10
|
|
|
|
[params[:page].to_i, 1].max
|
|
|
|
end
|
2015-09-08 09:03:51 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
context, type = lookup_search_context
|
|
|
|
if context
|
|
|
|
search_args[:search_context] = context
|
|
|
|
search_args[:type_filter] = type if type
|
|
|
|
end
|
|
|
|
|
2017-07-14 01:34:31 +08:00
|
|
|
search_args[:search_type] = :full_page
|
|
|
|
search_args[:ip_address] = request.remote_ip
|
|
|
|
search_args[:user_id] = current_user.id if current_user.present?
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
if rate_limit_errors
|
2020-07-14 11:05:57 +08:00
|
|
|
result = Search::GroupedSearchResults.new(
|
|
|
|
type_filter: search_args[:type_filter],
|
|
|
|
term: @search_term,
|
|
|
|
search_context: context
|
|
|
|
)
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
result.error = I18n.t("rate_limiter.slow_down")
|
|
|
|
elsif site_overloaded?
|
2020-07-14 11:05:57 +08:00
|
|
|
result = Search::GroupedSearchResults.new(
|
|
|
|
type_filter: search_args[:type_filter],
|
|
|
|
term: @search_term,
|
|
|
|
search_context: context
|
|
|
|
)
|
|
|
|
|
2019-07-02 09:21:52 +08:00
|
|
|
result.error = I18n.t("search.extreme_load_error")
|
|
|
|
else
|
|
|
|
search = Search.new(@search_term, search_args)
|
2020-08-04 14:01:43 +08:00
|
|
|
result = search.execute(readonly_mode: @readonly_mode)
|
2019-07-02 09:21:52 +08:00
|
|
|
result.find_user_data(guardian) if result
|
|
|
|
end
|
2016-03-18 13:26:20 +08:00
|
|
|
|
2015-08-20 03:40:43 +08:00
|
|
|
serializer = serialize_data(result, GroupedSearchResultSerializer, result: result)
|
2015-07-27 14:13:11 +08:00
|
|
|
|
|
|
|
respond_to do |format|
|
|
|
|
format.html do
|
|
|
|
store_preloaded("search", MultiJson.dump(serializer))
|
|
|
|
end
|
|
|
|
format.json do
|
|
|
|
render_json_dump(serializer)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-02-06 03:16:51 +08:00
|
|
|
def query
|
2013-06-06 15:14:32 +08:00
|
|
|
params.require(:term)
|
2014-08-28 15:15:53 +08:00
|
|
|
|
2019-10-22 22:44:52 +08:00
|
|
|
if params[:term].include?("\u0000")
|
|
|
|
raise Discourse::InvalidParameters.new("string contains null byte")
|
|
|
|
end
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
rate_limit_errors = rate_limit_search
|
|
|
|
|
|
|
|
discourse_expires_in 1.minute
|
|
|
|
|
2015-08-20 03:40:43 +08:00
|
|
|
search_args = { guardian: guardian }
|
|
|
|
|
|
|
|
search_args[:type_filter] = params[:type_filter] if params[:type_filter].present?
|
|
|
|
search_args[:search_for_id] = true if params[:search_for_id].present?
|
2013-05-25 02:03:45 +08:00
|
|
|
|
2017-07-26 08:51:44 +08:00
|
|
|
context, type = lookup_search_context
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
if context
|
|
|
|
search_args[:search_context] = context
|
|
|
|
search_args[:type_filter] = type if type
|
|
|
|
end
|
|
|
|
|
2017-07-14 01:34:31 +08:00
|
|
|
search_args[:search_type] = :header
|
|
|
|
search_args[:ip_address] = request.remote_ip
|
|
|
|
search_args[:user_id] = current_user.id if current_user.present?
|
2019-01-14 17:30:45 +08:00
|
|
|
search_args[:restrict_to_archetype] = params[:restrict_to_archetype] if params[:restrict_to_archetype].present?
|
2017-07-14 01:34:31 +08:00
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
if rate_limit_errors
|
2020-07-14 11:05:57 +08:00
|
|
|
result = Search::GroupedSearchResults.new(
|
|
|
|
type_filter: search_args[:type_filter],
|
|
|
|
term: params[:term],
|
|
|
|
search_context: context
|
|
|
|
)
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
result.error = I18n.t("rate_limiter.slow_down")
|
|
|
|
elsif site_overloaded?
|
2020-07-14 11:05:57 +08:00
|
|
|
result = GroupedSearchResults.new(
|
|
|
|
type_filter: search_args["type_filter"],
|
|
|
|
term: params[:term],
|
|
|
|
search_context: context
|
|
|
|
)
|
2019-07-02 09:21:52 +08:00
|
|
|
else
|
|
|
|
search = Search.new(params[:term], search_args)
|
2020-08-04 14:01:43 +08:00
|
|
|
result = search.execute(readonly_mode: @readonly_mode)
|
2019-07-02 09:21:52 +08:00
|
|
|
end
|
2015-09-08 09:03:51 +08:00
|
|
|
render_serialized(result, GroupedSearchResultSerializer, result: result)
|
|
|
|
end
|
|
|
|
|
2017-07-18 03:42:32 +08:00
|
|
|
def click
|
|
|
|
params.require(:search_log_id)
|
|
|
|
params.require(:search_result_type)
|
|
|
|
params.require(:search_result_id)
|
|
|
|
|
2017-11-29 01:54:27 +08:00
|
|
|
search_result_type = params[:search_result_type].downcase.to_sym
|
|
|
|
if SearchLog.search_result_types.has_key?(search_result_type)
|
2017-08-31 12:06:56 +08:00
|
|
|
attributes = { id: params[:search_log_id] }
|
2017-07-18 03:42:32 +08:00
|
|
|
if current_user.present?
|
2017-08-31 12:06:56 +08:00
|
|
|
attributes[:user_id] = current_user.id
|
2017-07-18 03:42:32 +08:00
|
|
|
else
|
2017-08-31 12:06:56 +08:00
|
|
|
attributes[:ip_address] = request.remote_ip
|
2017-07-18 03:42:32 +08:00
|
|
|
end
|
|
|
|
|
2017-11-29 01:54:27 +08:00
|
|
|
if search_result_type == :tag
|
|
|
|
search_result_id = Tag.find_by_name(params[:search_result_id])&.id
|
|
|
|
else
|
|
|
|
search_result_id = params[:search_result_id]
|
|
|
|
end
|
|
|
|
|
2017-08-31 12:06:56 +08:00
|
|
|
SearchLog.where(attributes).update_all(
|
2017-11-29 01:54:27 +08:00
|
|
|
search_result_type: SearchLog.search_result_types[search_result_type],
|
|
|
|
search_result_id: search_result_id
|
2017-07-18 03:42:32 +08:00
|
|
|
)
|
|
|
|
end
|
|
|
|
|
|
|
|
render json: success_json
|
|
|
|
end
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
protected
|
|
|
|
|
2019-07-02 09:21:52 +08:00
|
|
|
def site_overloaded?
|
|
|
|
(queue_time = request.env['REQUEST_QUEUE_SECONDS']) &&
|
|
|
|
(GlobalSetting.disable_search_queue_threshold > 0) &&
|
|
|
|
(queue_time > GlobalSetting.disable_search_queue_threshold)
|
|
|
|
end
|
|
|
|
|
2020-06-05 00:26:08 +08:00
|
|
|
def rate_limit_search
|
|
|
|
begin
|
|
|
|
if current_user.present?
|
|
|
|
RateLimiter.new(current_user, "search-min", SiteSetting.rate_limit_search_user, 1.minute).performed!
|
|
|
|
else
|
2020-07-10 07:08:34 +08:00
|
|
|
RateLimiter.new(nil, "search-min-#{request.remote_ip}", SiteSetting.rate_limit_search_anon_user, 1.minute).performed!
|
|
|
|
RateLimiter.new(nil, "search-min-anon-global", SiteSetting.rate_limit_search_anon_global, 1.minute).performed!
|
2020-06-05 00:26:08 +08:00
|
|
|
end
|
|
|
|
rescue RateLimiter::LimitExceeded => e
|
|
|
|
return e
|
|
|
|
end
|
|
|
|
false
|
|
|
|
end
|
|
|
|
|
2019-07-02 09:21:52 +08:00
|
|
|
def cancel_overloaded_search
|
|
|
|
if site_overloaded?
|
|
|
|
render_json_error I18n.t("search.extreme_load_error"), status: 409
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
def lookup_search_context
|
|
|
|
|
|
|
|
return if params[:skip_context] == "true"
|
|
|
|
|
2013-05-25 02:03:45 +08:00
|
|
|
search_context = params[:search_context]
|
2015-09-08 09:03:51 +08:00
|
|
|
unless search_context
|
|
|
|
if (context = params[:context]) && (id = params[:context_id])
|
|
|
|
search_context = { type: context, id: id }
|
|
|
|
end
|
|
|
|
end
|
2015-08-20 03:40:43 +08:00
|
|
|
|
2013-05-25 02:03:45 +08:00
|
|
|
if search_context.present?
|
|
|
|
raise Discourse::InvalidParameters.new(:search_context) unless SearchController.valid_context_types.include?(search_context[:type])
|
|
|
|
raise Discourse::InvalidParameters.new(:search_context) if search_context[:id].blank?
|
|
|
|
|
|
|
|
# A user is found by username
|
|
|
|
context_obj = nil
|
2014-12-04 10:46:52 +08:00
|
|
|
if ['user', 'private_messages'].include? search_context[:type]
|
2015-09-08 09:03:51 +08:00
|
|
|
context_obj = User.find_by(username_lower: search_context[:id].downcase)
|
2016-06-17 11:46:59 +08:00
|
|
|
elsif 'category' == search_context[:type]
|
|
|
|
context_obj = Category.find_by(id: search_context[:id].to_i)
|
|
|
|
elsif 'topic' == search_context[:type]
|
|
|
|
context_obj = Topic.find_by(id: search_context[:id].to_i)
|
2019-11-14 08:40:26 +08:00
|
|
|
elsif 'tag' == search_context[:type]
|
|
|
|
context_obj = Tag.where_name(search_context[:name]).first
|
2013-05-25 02:03:45 +08:00
|
|
|
end
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
type_filter = nil
|
2014-12-04 10:46:52 +08:00
|
|
|
if search_context[:type] == 'private_messages'
|
2015-09-08 09:03:51 +08:00
|
|
|
type_filter = 'private_messages'
|
2014-12-04 10:46:52 +08:00
|
|
|
end
|
|
|
|
|
2013-05-25 02:03:45 +08:00
|
|
|
guardian.ensure_can_see!(context_obj)
|
|
|
|
|
2015-09-08 09:03:51 +08:00
|
|
|
[context_obj, type_filter]
|
|
|
|
end
|
2013-02-06 03:16:51 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|