Finding substring achored at beginning of field


(Dennis) #1

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on how
to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).


(Shay Banon) #2

You could just have the permissions field to be not_analyzed in the
mappings, and then it will do an exact match. Is that what you are after?

Regarding filters vs. queries, filters are cached, so if you have
a recurring cases of permissions, then filters make more sense.

Last, why do you build your query using the query parser string syntax?
Things like that are perfect for building it using the query DSL.

On Wed, May 9, 2012 at 12:56 AM, Dennis gearond@gmail.com wrote:

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).


(Dennis) #3

I actually did not put a query in my email. Those were JSON representations
of Java class attributes. I don't have a preference over query string vs
Query DSL.

What I was trying to say in my original post is that I'd like to at least
search for exact match of a substring, which starts at the beginning of the
string. And I'd like to do that in an array, if possible, but I could do it
in a long string also.

On Thursday, May 10, 2012 1:06:50 AM UTC-5, kimchy wrote:

You could just have the permissions field to be not_analyzed in the
mappings, and then it will do an exact match. Is that what you are after?

Regarding filters vs. queries, filters are cached, so if you have
a recurring cases of permissions, then filters make more sense.

Last, why do you build your query using the query parser string syntax?
Things like that are perfect for building it using the query DSL.

On Wed, May 9, 2012 at 12:56 AM, Dennis gearond@gmail.com wrote:

I would like to query/filter based on the beginning of a string in
arrays, like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character,
disallowing it INSIDE of group, resource, or permission names, and may yet
do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a
query based approach, or a filter based approach? (I don't need or want
ranking based on permissions).


(Dennis) #4

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in arrays,
like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character, disallowing
it INSIDE of group, resource, or permission names, and may yet do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a query
based approach, or a filter based approach? (I don't need or want ranking
based on permissions).


(Dennis) #5

Sorry about posting the original message with no reply in it, AFTER I did
reply.

I'm beginning to not like the new google groups interface.

On Wednesday, May 16, 2012 10:12:47 PM UTC-5, Dennis wrote:

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in
arrays, like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character,
disallowing it INSIDE of group, resource, or permission names, and may yet
do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a
query based approach, or a filter based approach? (I don't need or want
ranking based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in
arrays, like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character,
disallowing it INSIDE of group, resource, or permission names, and may yet
do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a
query based approach, or a filter based approach? (I don't need or want
ranking based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in
arrays, like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character,
disallowing it INSIDE of group, resource, or permission names, and may yet
do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a
query based approach, or a filter based approach? (I don't need or want
ranking based on permissions).

On Tuesday, May 8, 2012 4:56:26 PM UTC-5, Dennis wrote:

I would like to query/filter based on the beginning of a string in
arrays, like so:

Items stored look like:

{
"name":"some name",
"permissions":[
"group_resource_permission",
"group_resource_permission",
"group_resource_permission",
]
}

I want to defeat somebody who might name their domain/resource,
"group_targetGroup_resource_permission",
which if allowed, would allow them to match permission queries based on
'targetGroup' or 'targetGroup_resource_permission'.
Forcing the searched for string in a list of permissions to BEGIN at the
beginning of the string would be what I am after.

I COULD prefix each permission with a punctuation character,
disallowing it INSIDE of group, resource, or permission names, and may yet
do that.
Ex.
{
"name":"some name",
"permissions":[
"~group_resource_permission",
"~group_resource_permission",
"~group_resource_permission",
]
}
AUTHORIZATION_ANCHOR="~";
AUTHORIZATION_ELEMENT_SEPARATOR="_";

Then queries/filters are post pended with an additional term for
permissions:
" AND " + AUTHORIZATION_ANCHOR + user.group() +
AUTHORIZATION_ELEMENT_SEPARATOR + Optional_resource +
AUTHORIZATION_ELEMENT_SEPARATOR + optional_permission;

But it's cooler and a good learning experience to gain the knowledge on
how to do it in a query/filter.

In any case, which will be faster, and which will use less memory, a
query based approach, or a filter based approach? (I don't need or want
ranking based on permissions).


(system) #6