You are viewing a plain text version of this content. The canonical link for it is here.
Posted to solr-user@lucene.apache.org by "Mugoma Joseph O." <mu...@yengas.com> on 2013/08/09 12:58:06 UTC
Filter search items based on creator permission settings
Hello,
I have an application where document creators determine what access
permission (s) to give. The permissions are of the form:
1. EVERYONE => 1
2. MY_FRIENDS => 2
3. ME_ONLY => 3
Example:
1. User 1 creates doc1 and sets permission to EVERYONE
2. User 2 created doc2 and sets permission to ME_ONLY
3. User 3 creates doc3 and sets permissions to MY_FRIENDS
In the index we have creator_ids representing the list of users who
created the document. e.g. for doc1:
creator_ids=[1]
The list of MY_FRIENDS (for each document creator) is determined by
different module, accessible at runtime.
A document can be created by more than one user, with each user giving
permissions independently. e.g.:
1. User 4 & 5 creates doc4. User 4 sets permission as EVERYONE while user
5 sets permission to ME_ONLY.
2. User 6 & 7 creates doc5. User 6 sets permissions to MY_FRIENDS while
user 7 sets permissive to ME_ONLY
For the case of multiple creators the less restrictive permission is used.
e.g.:
1. For doc4 the overriding permission will be EVERYONE
2. For doc5 the overriding permission will be MY_FRIENDS
I have checked several discussions and can't find one that fits the model
above:
1.
http://stackoverflow.com/questions/9222835/solr-permissions-filtering-results-depending-on-access-rights
2. https://issues.apache.org/jira/browse/SOLR-1872
3. https://issues.apache.org/jira/browse/SOLR-1834
4. http://lucene.472066.n3.nabble.com/Solr-and-Permissions-td2663289.html
5. http://stackoverflow.com/questions/6815250/fine-grained-security-in-solr
What's the best way handling this?
Thanks in advance.
Mugoma.
Re: Filter search items based on creator permission settings
Posted by Chris Hostetter <ho...@fucit.org>.
: In-Reply-To:
: <CA...@mail.gmail.com>
: References:
: <CA...@mail.gmail.com>
: Subject: Filter search items based on creator permission settings
https://people.apache.org/~hossman/#threadhijack
Thread Hijacking on Mailing Lists
When starting a new discussion on a mailing list, please do not reply to
an existing message, instead start a fresh email. Even if you change the
subject line of your email, other mail headers still track which thread
you replied to and your question is "hidden" in that thread and gets less
attention. It makes following discussions in the mailing list archives
particularly difficult.
-Hoss