Lucene security search asp.net c#

Question

Hi, Im hoping this would be a really easy question for someone....

Basically we are indexing security information against my documents in lucene.net, the information is stored in 2 document fields called viewuserids and viewroleids, so when we construct a query - only documents which the user has view access to are returned.

The required functionality for a query is that we want only documents to be returned if a user belongs to the roles stored in viewroleids (this bit is working fine), however if viewuserids field contains any ids (the field may not contain any values) on the index the viewroleids should be ignored and only users who are present in viewuserids should be able to see the document.

As mentioned above the role part works as expected, but we need a little help on constucting a term query in the API to take into account the viewuserids (effectively overriding the viewroleids query. This is what we have so far:

BooleanQuery bq = new BooleanQuery();
foreach (int roleId in roleIds)
{
      bq.Add(new TermQuery(new Term("viewroleid", roleId.ToString())),BooleanClause.Occur.SHOULD);
}
bq.Add(new TermQuery(new Term("viewuserid", User.Id.ToString())), BooleanClause.Occur.SHOULD);

Thanks in advance for any help!

NOTE: both fields are stored in the index untokenised

Answer 1

There are multiple ways to do this, but here is one:

Add a field "hasviewuserids", which contains "TRUE" if a document has any viewuserids associated with it, and "FALSE" if not. So if, for example, the current userid is 3 and is in roles 5 and 6, the query would look like:

(+(viewroleids:5 viewroleids:6) +hasviewuserids:FALSE) OR viewuserids:3