Forum: Ferret Is this the best approach?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Da45ca349d8ded3246b3e57f17274e25?d=identicon&s=25 Doug Pfeffer (Guest)
on 2007-01-28 19:08
Hello,
I'm working on a Rails app with a fairly complex set of model
relationships. I'm abandoning my MySQL based search mechanism for
Ferret/acts_as_ferret in the hopes of being able to more easily and
effectivly enable searching. Before I get coding I was wondering if you
folks might be able to tell me if my plan makes sense, or what could be
a better way. The situation is as follows:

Users of the app all "own" a variety of data. Most of the time only the
creator of an object has access to it, but there are also scenarios when
multiple users have access to a single object. No object can be
manipulated without knowledge of what user is making the request. This
makes searching difficult because I've got to filter the results based
not just on the search params but by user permissions as well.

At this point I plan on using a single index, with :store_class_name
enabled for all models. The tricky part is limiting the search results
to only the items the searching user has access to. I think the easiest
way to do with would just to store an "owner_id" along with every entry
in the index, which would be the User's ID in my database. So for every
search I'd include the user's id as a requirement. The downside is that
I'll need to have redundant data for multi-owner situations, with one
entry for each user that has access to it. This will make managing
deletes and edits complicated (and slow?) because the system will need
to be removing/creating multiple instances of the same entry in the
index.

The end result of this approach is a sort of flattened clone of the
database, which seems a little awkward, but I'm not sure how else to go
about it. I could just do a regular search by content and filter the
results after the fact, but that seems kind of crappy too.

Hopefully that made sense. Is there a better way to do this? Did I leave
out any details?

Thanks!
Doug
B6a4a3523b3053cb138ee3b986128f15?d=identicon&s=25 Andreas Korth (Guest)
on 2007-01-28 21:40
(Received via mailing list)
On 28.01.2007, at 19:08, Doug Pfeffer wrote:

> I've got to filter the results based
> not just on the search params but by user permissions as well.

You can store multiple user ids in a single field (:owners) and limit
the search to only those documents that contain the currents user's
id in that field.

Cheers,
Andy
This topic is locked and can not be replied to.