I've been working with Jeff on this and I think we have figured out a
solution.
(https://github.com/altamiracorp/securegraph/tree/master/securegraph-elasticsearch-plugin)
By using parent/child documents and a custom filter we were able to query
documents with security. Each child document has a visibility string field
along with "fieldName" field. The filter then filters child documents that
do not have the proper authorizations supplied in the filter. This then
causes the parent document to not return if no children are found.
On Monday, June 30, 2014 8:52:10 AM UTC-4, justin...@gmail.com wrote:
>
> Have you figured out a solution to this problem yet? This may be what
> Michael suggested but you might be able to apply the group permissions to
> the document. For example create a structure like:
> visibility: { groups: ["groupA", "group1"], exclude: ["groupB", "group2"]}
>
> You could then apply the group visibility to the query.
>
> It's not a perfect solutions, but I am curious if it would work and what
> sort of impact to expect if it was used.
>
>
> On Wednesday, March 5, 2014 11:10:11 AM UTC-6, Jeff Kunkle wrote:
>>
>> I've been trying to figure out how I can index a graph data structure
>> using ElasticSearch and could really use some advice from someone more
>> knowledgeable than me. First, let me explain the challenge. The graph model
>> has individual access controls at the vertex (node), edge (relationship),
>> and property level. I'd like my users to be able to search the graph for
>> vertices or edges containing matching properties, with two caveats:
>>
>> 1. They should not get vertex or edge results they don't have
>> permission to see.
>> 2. Properties a user does not have access to see should not be
>> evaluated in the query.
>>
>> My first thought was to index properties as either nested or child
>> documents of a vertex/edge and use a custom filter to remove properties a
>> user didn't have access to. The first problem I run into is when I try a
>> boolean query across properties. For example, assume I want to query a
>> person vertex by first name and date of birth. Since these properties are
>> indexed as separate documents there is never a match.
>>
>> What I essentially need is the ability to query across nested or child
>> documents and return the parent only when there are matches across the
>> child documents. For example, assume a parent vertex with one property
>> document called "full_name" set to Barak Obama and another property
>> document named "political_party" set to Democrat. Is there any way for me
>> to query for the parent document of these two properties by asking for one
>> property with full_name="Barak Obama" and another property with
>> political_party="Democrat"?
>>
>
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/0ed5af3c-a599-42f4-996e-f0db41d6869a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
