private static SolrQueryResults <Dictionary <string, object> > ApplySecurity(SolrQueryResults <Dictionary <string, object> > solrQueryResults, SearchSecurityOptions options, ICorePipeline pipeline, IAccessRight accessRight, ref int numberFound) { if (!options.HasFlag(SearchSecurityOptions.DisableSecurityCheck)) { var removalList = new HashSet <Dictionary <string, object> >(); foreach (var searchResult in solrQueryResults.Where(searchResult => searchResult != null)) { object secToken; object dataSource; if (!searchResult.TryGetValue(BuiltinFields.UniqueId, out secToken)) { continue; } searchResult.TryGetValue(BuiltinFields.DataSource, out dataSource); var isExcluded = OutboundIndexFilterPipeline.CheckItemSecurity(pipeline, accessRight, new OutboundIndexFilterArgs((string)secToken, (string)dataSource)); if (isExcluded) { removalList.Add(searchResult); numberFound = numberFound - 1; } } foreach (var item in removalList) { solrQueryResults.Remove(item); } } return(solrQueryResults); }
public IEnumerable <TElement> GetSearchResults(int startIndex, int endIndex) { for (int idx = startIndex; idx <= endIndex; ++idx) { //Document doc = this.context.Searcher.Doc(this.searchHits.ScoreDocs[idx].Doc, (FieldSelector)this.fieldSelector); var doc = this.searchHits.Results.Skip(idx).FirstOrDefault().Document; if (!this.context.SecurityOptions.HasFlag((Enum)SearchSecurityOptions.DisableSecurityCheck)) { object secTokenFieldValue; object dataSourceFieldValue; doc.TryGetValue("s_uniqueid", out secTokenFieldValue); doc.TryGetValue("s_datasource", out dataSourceFieldValue); string secToken = secTokenFieldValue != null?secTokenFieldValue.ToString() : null; string dataSource = dataSourceFieldValue != null?dataSourceFieldValue.ToString() : null; if (!string.IsNullOrEmpty(secToken)) { bool isExcluded = OutboundIndexFilterPipeline.CheckItemSecurity(this.context.Index.Locator.GetInstance <ICorePipeline>(), this.context.Index.Locator.GetInstance <IAccessRight>(), new OutboundIndexFilterArgs(secToken, dataSource)); if (!isExcluded) { yield return(this.mapper.MapToType <TElement>(doc, this.selectMethod, this.virtualFieldProcessors, this.executionContexts, this.context.SecurityOptions)); } } } else { yield return(this.mapper.MapToType <TElement>(doc, this.selectMethod, this.virtualFieldProcessors, this.executionContexts, this.context.SecurityOptions)); } } }
private static IQueryResponse <Dictionary <string, object> > ApplySecurity(IQueryResponse <Dictionary <string, object> > queryResults, SearchSecurityOptions options, ref int resultsTotal) { if (!options.HasFlag(SearchSecurityOptions.DisableSecurityCheck)) { var hitsToRemove = new HashSet <IHit <Dictionary <string, object> > >(); foreach (var hit in from searchResult in queryResults.Hits.Hits where searchResult != null select searchResult) { object uniqueId; if (!hit.Source.TryGetValue("_uniqueid", out uniqueId)) //TODO: shouldn't have to use the Source property here, the Fields property should be populated. probably something wrong with field mapping. { continue; } object datasource; hit.Source.TryGetValue("_datasource", out datasource); //TODO: shouldn't have to use the Source property here, the Fields property should be populated. probably something wrong with field mapping. if (!OutboundIndexFilterPipeline.CheckItemSecurity(new OutboundIndexFilterArgs((string)uniqueId, (string)datasource))) { continue; } hitsToRemove.Add(hit); } foreach (var hit in hitsToRemove) { queryResults.Hits.Hits.Remove(hit); resultsTotal--; } } return(queryResults); }
public IEnumerable <AzureSearchHit <TElement> > GetSearchHits() { for (int idx = this.startIndex; idx <= this.endIndex; ++idx) { //Document doc = this.context.Searcher.Doc(this.searchHits.ScoreDocs[idx].Doc, (FieldSelector)this.fieldSelector); var result = this.searchHits.Results[idx]; var doc = result.Document; var highlightResults = new List <HighlightResult>(); if (result.Highlights != null) { foreach (var highlight in result.Highlights) { highlightResults.Add(new HighlightResult(highlight.Key, highlight.Value)); } } if (!this.context.SecurityOptions.HasFlag((Enum)SearchSecurityOptions.DisableSecurityCheck)) { object secTokenFieldValue; object dataSourceFieldValue; doc.TryGetValue("s_uniqueid", out secTokenFieldValue); doc.TryGetValue("s_datasource", out dataSourceFieldValue); string secToken = secTokenFieldValue != null?secTokenFieldValue.ToString() : null; string dataSource = dataSourceFieldValue != null?dataSourceFieldValue.ToString() : null; if (!string.IsNullOrEmpty(secToken)) { bool isExcluded = OutboundIndexFilterPipeline.CheckItemSecurity(this.context.Index.Locator.GetInstance <ICorePipeline>(), this.context.Index.Locator.GetInstance <IAccessRight>(), new OutboundIndexFilterArgs(secToken, dataSource)); if (!isExcluded) { yield return(new AzureSearchHit <TElement>(0f, this.mapper.MapToType <TElement>(doc, this.selectMethod, this.virtualFieldProcessors, this.executionContexts, this.context.SecurityOptions), highlightResults)); } } } else { yield return(new AzureSearchHit <TElement>(0f, this.mapper.MapToType <TElement>(doc, this.selectMethod, this.virtualFieldProcessors, this.executionContexts, this.context.SecurityOptions), highlightResults)); } } }