Hello, I have an application where document creators determine what access permission (s) to give. The permissions are of the form:
1. EVERYONE => 1 2. MY_FRIENDS => 2 3. ME_ONLY => 3 Example: 1. User 1 creates doc1 and sets permission to EVERYONE 2. User 2 created doc2 and sets permission to ME_ONLY 3. User 3 creates doc3 and sets permissions to MY_FRIENDS In the index we have creator_ids representing the list of users who created the document. e.g. for doc1: creator_ids=[1] The list of MY_FRIENDS (for each document creator) is determined by different module, accessible at runtime. A document can be created by more than one user, with each user giving permissions independently. e.g.: 1. User 4 & 5 creates doc4. User 4 sets permission as EVERYONE while user 5 sets permission to ME_ONLY. 2. User 6 & 7 creates doc5. User 6 sets permissions to MY_FRIENDS while user 7 sets permissive to ME_ONLY For the case of multiple creators the less restrictive permission is used. e.g.: 1. For doc4 the overriding permission will be EVERYONE 2. For doc5 the overriding permission will be MY_FRIENDS I have checked several discussions and can't find one that fits the model above: 1. http://stackoverflow.com/questions/9222835/solr-permissions-filtering-results-depending-on-access-rights 2. https://issues.apache.org/jira/browse/SOLR-1872 3. https://issues.apache.org/jira/browse/SOLR-1834 4. http://lucene.472066.n3.nabble.com/Solr-and-Permissions-td2663289.html 5. http://stackoverflow.com/questions/6815250/fine-grained-security-in-solr What's the best way handling this? Thanks in advance. Mugoma.
