I need to write custom plugin to perform custom security filtering. My plan is to have custom AbstractSearchScript implementation and there do filtering inside of the run method (my idea is based on Lookup Script from this wonderful sample: https://github.com/imotov/elasticsearch-native-script-example/tree/2.x). Then I want to: 1) create alias with filter by the script to the index with secured content, 2) restrict access to the index and enable read access to the alias.
So my questions:
Am I on the correct path?
How to access http headers and/or parameters from AbstractSearchScript implementation
Will be grateful for your help!