Thanks Terry for highlighting this: Yes, tenant isolation is the must. It's not reflected in the prototype - it queries Solr directly; but the proper implementation will go through the query API service, where ACL will be applied.
UX folks are welcome to comment on expected queries. I think the key benefit of cross-resource index over querying DBs is that it saves the clients from implementing complex queries case by case, leaving flexibility to the user. -- Dmitri. On Wed, Nov 20, 2013 at 2:27 AM, Thierry Carrez <thie...@openstack.org>wrote: > Dmitri Zimin(e) | StackStorm wrote: > > Hi Stackers, > > > > The project Search is a service providing fast full-text search for > > resources across OpenStack services. > > [...] > > At first glance this looks slightly scary from a security / tenant > isolation perspective. Most search results would be extremely > user-specific (and leaking data from one user to another would be > catastrophic), so the benefits of indexing (vs. querying DB) would be > very limited ? > > -- > Thierry Carrez (ttx) > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev