I am trying to set up document-level security for my index. The documents have fields which will be filtered on to enforce access permissions.
My question is: given a query, is it possible to set things up so that ES will invoke a custom script filter on every clause in said query without munging the query to insert the filter explicitly?
For example, if a query is:
filtered: {
query: {
term: { foo: "bar" }
},
filter: {
has_parent: {
type: "some_type",
query: {
term: { blah: "xyz" }
}
}
}
}
then, I would want my custom filter invoked (implicitly) on both term queries above.
Is there an alternative to doing the above without preprocessing the query and explicitly inserting my custom filter everywhere?