[terms_set] query does not support [minimum_should_match_script]


(Jonathan Channon) #1

Copying the commands in this document and I get the error in the title when I login as a user and do a search. Anybody know why?

https://www.elastic.co/blog/attribute-based-access-control-with-xpack?blade=tw&hulk=social


(Jonathan Channon) #2

To be more specific here's a screenshot:

This is on Elastic 6:1:2 and Kibana 6:1:2


(Samir Bennacer) #5

Hi

Can you try the following query and let me know if you still have any issues

GET /my-index/_search
{
"query": {
"terms_set": {
"security_attributes" : {
"terms" : ["living", "in a van", "down by the river"],
"minimum_should_match_script": {
"source": "params.num_terms"
}
}
}
}
}

Regards


(Jonathan Channon) #6

Works but doesn't return any documents


(Russ Cam) #7

In addition to @ESamir's change to use { "source": "params.num_terms" }, the blog post assumes that security_attributes is mapped as keyword data type. If the mapping has been inferred, the following query will work, using the keyword sub-field (of a multi-field) on security_attributes

GET my_index/_search
{
    "query": { 
        "terms_set": {
            "security_attributes.keyword": {
                "terms": ["living", "in a van", "down by the river"],
                "minimum_should_match_script": { 
                  "source": "params.num_terms" 
                }
            }            
        }
    }
}

which returns

{
  "took": 1,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": 1,
    "max_score": 0.8630463,
    "hits": [
      {
        "_index": "my_index",
        "_type": "doc",
        "_id": "1",
        "_score": 0.8630463,
        "_source": {
          "security_attributes": [
            "living",
            "in a van",
            "down by the river"
          ],
          "body": "you're not going to amount to jack squat"
        }
      }
    ]
  }
}

(Jonathan Channon) #8

Thanks to @forloop the following is what is required to get the demo working:

DELETE my_index

PUT my_index
{
    "mappings" : {
        "doc" : {
            "properties" : {
                "body" : { "type" : "text" },
                "security_attributes":{"type": "keyword"}
            }
        }
    }
}


PUT my_index/doc/1
{ 
    "security_attributes": ["living", "in a van", "down by the river"],
    "body": "you're not going to amount to jack squat"
}

PUT my_index/doc/2
{
    "security_attributes": ["living", "in a house", "down by the river"],
    "body": "keep calm, carry on"
}



GET my_index/_search
{
  "query": {
    "terms_set": {
      "security_attributes": {
        "terms": [
          "living",
          "in a van",
          "down by the river"
        ],
        "minimum_should_match_script": {
          "source": "params.num_terms"
        }
      }
    }
  }
}

(Jonathan Channon) #9

The Json for creating the users in that post is also incorrect, here's the correct version:

PUT _xpack/security/user/matt_foley
{
    "username": "matt_foley",
    "password":"password1",
    "roles": ["my_policy"],
    "full_name": "Matt Foley",
    "email": "mf@rivervan.com",
    "metadata": {
        "security_attributes": ["living", "in a van", "down by the river"]
    }
}
PUT _xpack/security/user/jack_black
{
    "username": "jack_black",
    "password":"password1",
    "roles": ["my_policy"],
    "full_name": "Jack Black",
    "email": "jb@tenaciousd.com",
    "metadata": {
        "security_attributes": ["living", "in a house", "down by the river"]
    }
}

(Jonathan Channon) #10

Oh and also the role json is wrong, the query should be

{"template":{"source":"{\"bool\": {\"filter\": [{\"terms_set\": {\"security_attributes\": {\"terms\": {{#toJson}}_user.metadata.security_attributes{{/toJson}},\"minimum_should_match_script\": {\"source\":\"params.num_terms\"}}}}]}}"}}


(Russ Cam) #11

Thanks @jchannon, the blog post has now been updated :+1:


(system) #12

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.