Task #5905
Feature #5810: Implement SOLR-based search
Task #5822: Enforce access control for SOLR-based search implementation
Implement access control filter
History
#1 Updated by Jing Tao about 9 years ago
Append filter query (fq) to the main query. The fq looks like:
fq=(readPermission:"public")OROR....
The username and group information will be got from the session.
#2 Updated by Jing Tao about 9 years ago
I also tested that if there is a fq in the user specified query, it wouldn't cause any issue:
The user specified query is:
q=title:*solr*&fl=title,id&fq=id:tao.1
And the actually query was executed is:
webapp=null path=/select params={{main(fl=title,id&q=title:*solr*&fq=id:tao.1),extra(fq=(readPermission:"public"))}}
#3 Updated by Jing Tao about 9 years ago
- Status changed from New to Resolved
Add junit test to test the public, specified user and group users readable documents. Also it tests a use with untrusted certificate. It works.