For both ldap and external_auth rules, could we enhance the indices part to support “*_@user” notation?
This e.g. will enable allowing only indices w/ pattern that ends w/ user name.
Then I could do document filtering by having one big index, e,g, index_entities, followed by creating an index alias per each user, e.g. index_entities_{user} which uses ES filtered alias feature to attach some condition to the alias.
Yes sir, that is correct. And I love to hear I’m not the only one person excited about the direction this plugin is taking
I’ll clarify what makes me giggle: now that we have an onResponse hook in the Rule framework, we can quite easily implement document-level and field-level security. I.e:
Return only documents of type (mapping)
Return only documents whose field “x” equals to “y”
In the meanwhile, doing this with filters as you say, is a “@user” variable away in the “indices” rule, which is exactly what I’m going to add next to the project.
Hi,
Be advised that in ES6 they’re going to drop the concept of type, so no point in adding a feature for filtering mapping types
The index alias concept works great w/ the plugin, it allows for any query to bound to the index.
It’s just that at this point I must add concrete rules per user