Permissions


(mr_max) #1

i have two types

contacts: {
  'full_name': 'test',
  'first_name': 'john',
  'last_name': 'sendy'
  'perms': ['D123','U3423']
}

user_perms: [{
  'id': 123,
  'attr': ['D123']
},{
  'id': 3423,
  'attr': []
}]

my filter

$params = [
                'index' => 'portal',
                'type' => 'contact',
                'size' => 50,
                'body' => [
                    'query' => [
                        'filtered' => [
                            'query' => [
                                'match' => [
                                    'full_name' => [
                                        'query' => $value,
                                        'operator' => 'and',
                                        'fuzziness' => 1
                                    ]
                                ]
                            ],
                            'filter' => [
                                        'terms' =>
                                        [
                                            'perms.original' => [
                                                'index' => 'portal',
                                                'type' => 'user_perms',
                                                'id' => "3081",
                                                'path' => 'attr.original'
                                            ]
                                        ]
                            ]
                        ]
                    ]
                ]
            ];

I'd like to if user have empty attr then he see all contacts, if user have some attr then see only contacts with this attrs.
Help please.


(Mark Walkom) #2

Then you'd need something like Shield to do this, there is nothing inbuilt in ES to handle it.


(mr_max) #3

i.e. before filtering if the user has no attributes, then the filter does not specify, Yes?


(system) #4