: The application that I am working on contains a directory of user : profiles that acts a lot like a social networking site. Each user : profile is composed of a set of fields (first_name, last_name, bio, : phone_number, etc). Every user profile field is associated with a : privacy setting that optionally hides the data inside of the field : from other users. The privacy settings allow people to show the field : to nobody, only their contacts on the site, all logged in users, or : anyone.
it sounds like you need to denormalize your data more ... one possibility: instead of one document per "user" object, have one document per user object+sercurity level which contains only the indexed/stored fields that are available at that level. Another possibility is to keep your one doc per user, but have one field per field+security level (ie first_name_anonymous, first_name_member, etc...) A third possibility... : created a query filter that was dynamic depending on the identity of : the logged in user, that looked something like this for a query for : the term secret: : : (first_name: secret AND (first_name_contact:anonymous OR : first_name_contact:member)) OR : (last_name: secret AND (last_name_contact:anonymous OR : last_name_contact:member)) OR.... : : This was used as a filter query with a standard query for the search : term secret performed on the resulting filtered set of documents. This : worked great if the search was a single word. However, if the users' : search query contained multiple terms - for instance, 'my secret' : results might be inappropriately revealed. This is because matches ...perhaps you are just building your multi word queries poorly, if you show us what some examples of the full query structures looked like for "my secret" and give us some examples of docs where it should/shouldn't match maybe people can suggest a better way of structuring the query. -Hoss
