Hi all, First I’d like to say the nested facets and the json facet api in particular have made my world much better, I thank everyone involved, you are all awesome.
In my implementation has much of the solr query building working on the browser, solr is behind a php server which acts as “proxy” and doorman, filtering at the document level according to user role and supplying some sensible maximums … However we now wish to filter just one or two potentially sensitive fields in one document type according to user role (as determined in the php proxy). Duplicating documents (or cores) seems like overkill for just two fields in one document type .. I wondered if it would be feasible (in the interests of preventing malicious activity) to filter the query itself whether it be parameters (fl, facet.fields, terms, etc) … or even deny any request in which fieldname occurs … Is there someway someone might obscure a fieldname in a request? Kind Regards & thanks in davacne, Douglas
