Create Python equivalent of secondStateJS.js
tpmccallum opened this issue · 2 comments
If the search engine is being used in a local/single user environment (accessing an Elasticsearch ES with no access control restrictions) the JS will work out of the box.
When placing the Elasticsearch behind access control mechanisms i.e. in the global multi-user environment the Python will perform all of the Elasticsearch work using AWS Config (signing all communication between the web server and the Elasticsearch index).
The Python will also be callable via an end user's browser and/or by a remote machine. So on one hand we are improving the security of the search engine, but on the other hand we are also creating a host of pre-defined API endpoints to the index (the end users will never access Elasticsearch directly in this scenario, the host of pre-defined Python functions are the gatekeeper to the Elasticsearch instance).
After much thought and testing, it turns out that this could be achieved with a minimum amount of coding (no redundancy).
The original secondStateJS.js file can stay. There is no need for global and local. There is just a single variable called publicIP, which if set commands the secondStateJS.js file to call ES via Flask. If the publicIP is not set (remains blank) then the application knows that this is a local instance and therefore just uses the standard JS calls to ES.
There is no need to duplicate any of the work in different files and this also has the added advantage of only needing one set of access control config (because all of the access control work is only performed by the Python).