He**llo,给定一个 Indextank 索引,如下所示: class Threads < ActiveRecord::Base has_many :permissions
include Tanker
tankit 'rails_3_demo' do
indexes :content
end
after_save :update_tank_indexes
after_destroy :delete_tank_indexes
end
该索引存在于我的 Thread 模型中。问题是线程具有权限。目前,如果我允许用户搜索索引,他们将搜索所有用户的线程。什么是处理权限的聪明方法,所以我的用户只能跨用户有权访问的线程进行搜索。谢谢**
架构:
USER (id)
PROJECT (id)
PERMISSION (user_id, project_id)
Thread (project_id)
只要用户拥有项目的权限记录,他们就可以查看该项目的所有线程。
One way to do this is to also index permissions and have append "AND permissions:[value]" to your queries, where value are the permissions that match the user. That way a user would only see the results that have the right permissions.
In order to give you more details I'd need to know your permission scheme, but for example your permissions variable that you index could be a string with words such as "root joe bob jim" for a thread that only those users can access.