So, if I used something like r-u-d-o in a field (read,update,delete,others) I could get it tokenized to those four characters,and then search for those in that field. Is that what you're suggesting, (thanks by the way).
An article I read created a 'hybrid' access control system (can't remember if it was ACL or RBAC). It used a primary system like Unix file system 9bit permission for the primary permissions normally needed on most objects of any kind, and then flagged if there were any other permissions and any other groups. It was very fast for the primary permissons, and fast for the secondary. Dennis Gearon Signature Warning ---------------- It is always a good idea to learn from your own mistakes. It is usually a better idea to learn from others’ mistakes, so you do not have to make them yourself. from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036' EARTH has a Right To Life, otherwise we all die. ----- Original Message ---- From: Jonathan Rochkind <rochk...@jhu.edu> To: "solr-user@lucene.apache.org" <solr-user@lucene.apache.org> Sent: Wed, January 19, 2011 8:40:30 AM Subject: Re: unix permission styles for access control No. There is no built in way to address 'bits' in Solr that I am aware of. Instead you can think about how to transform your data at indexing into individual tokens (rather than bits) in one or more field, such that they are capable of answering your query. Solr works in tokens as the basic unit of operation (mostly, basically), not characters or bytes or bits. On 1/19/2011 9:48 AM, Dennis Gearon wrote: > Sorry for repeat, trying to make sure this gets on the newsgroup to 'all'. > > So 'fieldName.x' is how to address bits? > > > Dennis Gearon > > > Signature Warning > ---------------- > It is always a good idea to learn from your own mistakes. It is usually a >better > idea to learn from others’ mistakes, so you do not have to make them yourself. > from 'http://blogs.techrepublic.com.com/security/?p=4501&tag=nl.e036' > > > EARTH has a Right To Life, > otherwise we all die. > > > > ----- Original Message ---- > From: Toke Eskildsen<t...@statsbiblioteket.dk> > To: "solr-user@lucene.apache.org"<solr-user@lucene.apache.org> > Sent: Wed, January 19, 2011 12:23:04 AM > Subject: Re: unix permission styles for access control > > On Wed, 2011-01-19 at 08:15 +0100, Dennis Gearon wrote: >> I was wondering if the are binary operation filters? Haven't seen any in the >> book nor was able to find any using google. >> >> So if I had 0600(octal) in a permission field, and I wanted to return any >> records that 'permission& 0400(octal)==TRUE', how would I filter that? > Don't you mean permission& 0400(octal) == 0400? Anyway, the > functionality can be accomplished by extending your index a bit. > > > You could split the permission into user, group and all parts, then use > an expanded query. > > If the permission is 0755 it will be indexed as > user_p:7 group_p:5 all_p:5 > > If you're searching for something with at least 0650 your query should > be expanded to > (user_p:7 OR user_p:6) AND (group_p:7 OR group_p:5) > > > Alternatively you could represent the bits explicitly in the index: > user_p:1 user_p:2 user_p:4 group_p:1 group_p:4 all_p:1 all_p:5 > > Then a search for 0650 would query with > user_p:2 AND user_p:4 AND group_p:1 AND group_p:4 > > > Finally you could represent all valid permission values, still split > into parts with > user_p:1 user_p:2 user_p:3 user_p:4 user_p:5 user_p:6 user_p:7 > group_p:1 group_p:2 group_p:3 group_p:4 group_p:5 > all_p:1 all_p:2 all_p:3 all_p:4 all_p:5 > > The query would be simply > user_p:6 AND group_p:5
