As described in NoSearchResultsForALLOWWEBVIEW, even if access controls are set that deny a user view access on a web, Search will still attempt to search that web. When it tries to open the topics to get the summaries, it will fail; not immediately, but much much later when the view script checks $TWiki::readTopicPermissionFailed and redirects to viewauth.

This means that a user viewing a topic may be struck by a sudden and mysterious demand to log in. If the search is embedded in a page - for example, in the SiteMap - then it looks to the user like all WebHome topics require logins. Very confusing. This happened to a user I was just helping on IRC, and is frankly a bit of a turn-off.

It would be much more intuitive if search only searched webs it was allowed to search. Search already returns a banner for each web it searches, it wouldn't be too much to ask to have an "access denied" message in those headers.

This seems to me to be very straightforward to implement, so I'm proposing it for Dakar.

-- CrawfordCurrie - 21 Feb 2005

Doh - I just tried the testcase on DevelopBranch, and it appears that the changes I made to the error handling mean that webs you are not allowed to view are effectively invisible to search.

-- CrawfordCurrie - 21 Feb 2005

that's good, i'd rather they be "invisible" anyway because it "leaks" less data (ie, web names)

-- WillNorris - 21 Feb 2005

yeah, i was thrilled when i noticed this - as I'm hoping to eventually have a truely private web on my server though there still is a difference (in DEVELOP)

if you search for topic in a web that does no exists, you get nothing at all, if you seardh for topics in a web that you don't have access to, you get the "0 topics" search count

-- SvenDowideit - 21 Feb 2005

Really? Hmnmm - I guess they should be totally invisible. Create a ChangeProposal.

-- CrawfordCurrie - 22 Feb 2005

I believe this is fixed; at least, I can't find a failing testcase.

-- CrawfordCurrie - 06 Mar 2005