Usernames In Index Data

Hi there @audiofoundry

I am assuming you mean the author name that is included with the WP Post objects that gets indexed?

You could use either of these filters to intercept the data being indexed and unset the array index of post_author before it gets sent to Algolia.

$shared_attributes = (array) apply_filters( 'algolia_searchable_post_shared_attributes', $shared_attributes, $post );
$shared_attributes = (array) apply_filters( 'algolia_searchable_post_' . $post->post_type . '_shared_attributes', $shared_attributes, $post );

Hi Michael,

Thank you for such a prompt response.

Yes sorry for not specifying. Indeed you are correct that it is post_author which is pulling the username.

Thank you for providing those filters, I shall have a go with those and see what happens.

Welcome

Hey @audiofoundry Did you get this figured out in a satisfactory manner? or do you still need a bit of help?

Hi Michael,

I apologise about the delay in getting back to you on this. I came back to this today to finally get around to sorting it, and I’m a bit shocked to find the situation is actually worse than I initially thought it was.

I had put this issue off because I thought it was only the username being indexed but now I see that you’ve got the user_id in there too.

Could you please tell me why on earth your plugin indexes user_login by default? The fact it’s even called that feels like a spit in the face to the users’ security and privacy.

Short of providing the password too, it feels like the plugin is aiming to pull as much sensitive data as possible about the users.

I will try using the filters you provided but to be honest I think the defaults this plugin has on this are HORRIBLE – an obvious security and privacy violation.

Perhaps adding a manual filter should be required to check if your users want to send the user_login and user_id to be indexed, rather than the other way around? It seems that the current setup is simply assuming that everyone is fine having their users’ sensitive data pulled and sent to a third party. Requiring manual PHP edits to stop that happening seems to be the wrong way around.

Why aren’t you guys blocking this by default? Surely only the display name is needed to generate the author facet on the search page? It leaves a bad taste because we all know that the majority of your users will simply plug-and-play the plugin, and perhaps never even check this, yet I would wager that almost all of them would say they wouldn’t want this happening if they were informed and asked about it.

Good day,

I can’t speak for why as much user information was indexed, as that was before my official involvement with the plugin, so I wasn’t involved in deciding what to index. Based on what I’m managing to see, Algolia themselves were also indexing the same 4 details, and we forked from their code into ours. That doesn’t excuse things, but it does explain. We simply didn’t un-do any parts.

Regarding what is or isn’t needed, The only one I do overall agree with would be the user numeral ID NOT being need. Display name is still useful, and the user URL is meant for their author archive which is intended to be a publicly accessible URL. User login…could be useful, but it would also be able to be found via the author archive as well, so both would need to be removed if intended to hide as a whole.

I have opened a Github issue over at https://github.com/WebDevStudios/wp-search-with-algolia/issues/326 for us to consider and review.