I'd like to take advantage of the query string query to avoid the pain of
parsing a user's search text. I want them to have pretty much all the
powers that the parser provides including AND, OR, prefix, fuzzy etc.
However, there are a couple limitations I'd like to impose:
No leading wildcard (simple enough, that's an option on query_string).
The user should not be able to choose the fields to search in (e.g.
"price:100" should not be allowed). Is there a way to do this with ES, or
do I need to handle restrictions like this on the client end?
I would suggest writing your own parser. It will pay off in the long run.
On Thursday, December 6, 2012 12:38:54 PM UTC-5, Anil Rhemtulla wrote:
I'd like to take advantage of the query string query to avoid the pain of
parsing a user's search text. I want them to have pretty much all the
powers that the parser provides including AND, OR, prefix, fuzzy etc.
However, there are a couple limitations I'd like to impose:
No leading wildcard (simple enough, that's an option on query_string).
The user should not be able to choose the fields to search in (e.g.
"price:100" should not be allowed). Is there a way to do this with ES, or
do I need to handle restrictions like this on the client end?
Not sure what @Anil_Rhemtulla has finally done to overcome this issue, butI have the same problem with query_string. Very powerful and at the same time very exposed and unrestricted.
I don't believe writing a parser by users is a feasible solution just for limiting the fields at least. Like "flags" in Simple Query String, I think it would be nice to have the option like "allowed fields" in query_string to not allowing the users to query any fields in your mapping.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.