Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Admin-only Search Fields #128

merged 4 commits into from May 1, 2019


None yet
2 participants
Copy link

commented Apr 30, 2019

Closes #124

The Blacklight "SearchBuilder" is the object that creates the Solr query.

We want it to include certain Solr fields as search targets only if there is a logged in user, to make sure non-staff isn't searching over staff-only fields.

To do this, we needed features missing from BL 7, but added in BL 7.1.0.alpha, which we now use (hopefully 7.1.0 final soon).

We tell Blacklight that current_user should be included in context that becomes available to our SearchBuilder.

And we give the SearchBuilder a very simple extension to, based on presence of current_user, add in search fields.

Tests: We test with system tests (end-to-end browser tests). While these are slow... it's difficult to set up Blacklight-related tests otherwise, especially with confidence they are really doing what's expected and not false positives due to wrong assumptions in test setup (or assumptions that become wrong). This is the easiest way to write tests that reliably let us know it's doing what's intended -- making sure only admins can search admin-protected fields.

jrochkind added some commits Apr 30, 2019

update blacklight to 7.1.0.alpha that has the feature we need
Need to specify 7.1.0.alpha in Gemfile to get bundler to update to a 'prerelease', if it had been 7.1.0 final, wouldn't have had to touch Gemfile, just bundle update.

This comment has been minimized.

Copy link
Collaborator Author

commented Apr 30, 2019

Done and ready for review/merge whenever @eddierubeiz , assuming tests are green!

Copy link

left a comment

Makes sense!

@eddierubeiz eddierubeiz merged commit 664c498 into master May 1, 2019

2 checks passed

Travis CI - Branch Build Passed
Travis CI - Pull Request Build Passed

@eddierubeiz eddierubeiz deleted the admin_only_search branch May 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.