[ESRCH-43] [INVESTIGATION] Make sure access control restrictions are honoured Created: 01/Dec/20  Updated: 19/Jan/21

Status: Accepted
Project: External Enterprise Search
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Story Priority: Neutral
Reporter: Michael Duerig Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Epic Link: Elastic Search

 Description   

We need to ensure that queries against ES return results that are consistent with the current user's access rights in JCR:

  • Individual results should only include items that the currently logged in user has read access to.
  • Aggregated results (count, sum, etc.) should only include items that the current user has read access to.
  • Join queries should only join against items the current user has read access to. E.g. for the equivalent of isDescendantNode in JCR, a user needs access to the parent node to find its children.

Generated at Mon Feb 12 01:55:42 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.