Currently, I am working with large indexes that contain hierarchical documents. I am trying to restrict read access to some documents (document level security) and certain fields (field level security) of those documents based on roles.
Some of the document level security restrictions are time-based (now), some field level security depends on values of other fields of that same document.
I am struggling while defining all these security rules. Also, I am using the great NEST client but the authorization is done outside (Identity Server) before performing the NEST search call.
Is there a set of good practices that I should follow or keep in mind while setting this up?