mirrors/bookwyrm
1
0
Fork 1
mirror of https://github.com/bookwyrm-social/bookwyrm.git synced 2024-11-23 10:01:04 +00:00
Code Issues Projects Releases Wiki Activity

Don't let anonymous users search remote data

Browse source
This commit is contained in:
Mouse Reeve 2021-10-03 09:18:17 -07:00
parent cd5541ac30
commit 9a5003f92a
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bookwyrm/views/search.py
View file

@ -67,11 +67,11 @@ class Search(View):
return TemplateResponse(request, f"search/{search_type}.html", data)
def book_search(query, _, min_confidence, search_remote=False):
def book_search(query, user, min_confidence, search_remote=False):
"""the real business is elsewhere"""
# try a local-only search
results = [{"results": search(query, min_confidence=min_confidence)}]
if results and not search_remote:
if not user.is_authenticated or (results and not search_remote):
return results, False
# if there were no local results, or the request was for remote, search all sources