From 41e066aba86da311f61f916c64828cf965b5a668 Mon Sep 17 00:00:00 2001
From: jamieorc <jamieorc@gmail.com>
Date: Wed, 25 Jun 2014 15:48:06 -0400
Subject: [PATCH] FOCUS-5622: updated for LWE 2.9 Secure Solr:

* pass along auth headers to solr server if present
* monkey-patched Blacklight 4.3 to take opts so :headers key can be
passed to RSolr
---
 app/controllers/base_controller.rb        | 11 ++++++-
 app/controllers/catalog_controller.rb     |  2 +-
 app/controllers/collections_controller.rb |  2 +-
 config/initializers/blacklight_patches.rb | 35 +++++++++++++++++++++++
 4 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 config/initializers/blacklight_patches.rb

diff --git a/app/controllers/base_controller.rb b/app/controllers/base_controller.rb
index 860fb47..784990d 100644
--- a/app/controllers/base_controller.rb
+++ b/app/controllers/base_controller.rb
@@ -18,7 +18,16 @@ def current_collection
   
   # TODO: refactor to use lucidworks-ruby gem
   def lws_api_get(path)
-    resp = Net::HTTP.get_response(URI.parse("#{FlareConfig.lws_api_url}#{path}"))
+    options = {headers: solr_headers}
+    resp = HTTParty.get("#{FlareConfig.lws_api_url}#{path}", options)
     result = JSON.parse(resp.body)
   end
+  
+  def solr_headers
+    if request.headers["HTTP_LWS_ROLES"].blank? || request.headers["HTTP_AUTHORIZATION"].blank?
+      {}
+    else
+      {"lws_roles" => request.headers["HTTP_LWS_ROLES"], "Authorization" => request.headers["HTTP_AUTHORIZATION"]}
+    end
+  end
 end
\ No newline at end of file
diff --git a/app/controllers/catalog_controller.rb b/app/controllers/catalog_controller.rb
index 986e6ba..268b6cc 100644
--- a/app/controllers/catalog_controller.rb
+++ b/app/controllers/catalog_controller.rb
@@ -15,7 +15,7 @@ def index
       extra_head_content << view_context.auto_discovery_link_tag(:rss, url_for(params.merge(:format => 'rss')), :title => t('flare.search.rss_feed') )
       extra_head_content << view_context.auto_discovery_link_tag(:atom, url_for(params.merge(:format => 'atom')), :title => t('flare.search.atom_feed') )
       
-      (@response, @document_list) = get_search_results
+      (@response, @document_list) = get_search_results(params, {}, {headers: solr_headers})
       @filters = params[:f] || []
       
       respond_to do |format|
diff --git a/app/controllers/collections_controller.rb b/app/controllers/collections_controller.rb
index 3ca8e04..e164e42 100644
--- a/app/controllers/collections_controller.rb
+++ b/app/controllers/collections_controller.rb
@@ -14,7 +14,7 @@ def index
   
   def find(*args)
     path = "#{args[2]}/#{blacklight_config.solr_path}"
-    response = blacklight_solr.get(path, :params=> args[1])
+    response = blacklight_solr.get(path, {:params=> args[1], headers: solr_headers})
     Blacklight::SolrResponse.new(force_to_utf8(response), args[1])
     rescue Errno::ECONNREFUSED => e
     raise Blacklight::Exceptions::ECONNREFUSED.new("Unable to connect to Solr instance using #{blacklight_solr.inspect}")
diff --git a/config/initializers/blacklight_patches.rb b/config/initializers/blacklight_patches.rb
new file mode 100644
index 0000000..03bccc2
--- /dev/null
+++ b/config/initializers/blacklight_patches.rb
@@ -0,0 +1,35 @@
+Blacklight::SolrHelper.module_eval do
+  # As get_search_results and query_solr do not take additional options to pass along
+  # to RSolr's send_and_receive, they are patched here to take an additional arg to do so.
+  # We need this in order to pass along the :headers key for auth as per FOCUS-5578.
+  
+  def get_search_results(user_params = params || {}, extra_controller_params = {}, opts = {})
+    Rails.logger.info("*** Using patched Blacklight::SolrHelper.get_search_results")
+    solr_response = query_solr(user_params, extra_controller_params, opts)
+    document_list = solr_response.docs.collect {|doc| SolrDocument.new(doc, solr_response)} 
+    return [solr_response, document_list]
+  end
+
+  def query_solr(user_params = params || {}, extra_controller_params = {}, opts = {})
+    Rails.logger.info("*** Using patched Blacklight::SolrHelper.query_solr")
+    # In later versions of Rails, the #benchmark method can do timing
+    # better for us. 
+    bench_start = Time.now
+    solr_params = self.solr_search_params(user_params).merge(extra_controller_params)
+    solr_params[:qt] ||= blacklight_config.qt
+    path = blacklight_config.solr_path
+    
+    options = opts.merge({params: solr_params})
+    # delete these parameters, otherwise rsolr will pass them through.
+    res = blacklight_solr.send_and_receive(path, options)
+    
+    solr_response = Blacklight::SolrResponse.new(force_to_utf8(res), solr_params)
+
+    Rails.logger.debug("Solr query: #{solr_params.inspect}")
+    Rails.logger.debug("Solr response: #{solr_response.inspect}") if defined?(::BLACKLIGHT_VERBOSE_LOGGING) and ::BLACKLIGHT_VERBOSE_LOGGING
+    Rails.logger.debug("Solr fetch: #{self.class}#query_solr (#{'%.1f' % ((Time.now.to_f - bench_start.to_f)*1000)}ms)")
+    
+
+    solr_response
+  end
+end
\ No newline at end of file