Thanks Christian. That's what we're working on implementing right now, as a workaround for not being able to express the above query.
The drawback, that I'd like to eliminate, is that we need to keep one index per "first order" aggregation that we want to support. This means we only support use cases that we've thought of way before the user wants them.
If I can do this without pre-aggregation, it means that I instead support arbitrary use cases.
Related discussions: