: Why not create a multivalued field that stores the customer perms? : add has_access:cust1 has_access:cust2, etc to the document at index : time, and turn this into a filter query at query time?
this can be a particularly effective solution when the permissions don't change at all .. the ideal solution is where each doc is "owned" by one and only one customer, but either way it's a matter of listing all of the customers that have access to the document in a field, and filtering on it. -- for a few hundred customers it's not a lot of work to cache those filters, autowarming will help ensure that it's efficient. this approach doesn't scale particulararly well to the tens of thousands of "users" thta might search your site, but at that point you have to start thinking about how you model the "access" in your underlying datamodel ... odds are you have some concept of "public" documents versus "private" documents, and hte private documents might have Access Control lists based on "groups" and you can filter on that type of information instead. -Hoss