Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Tobias 4 posts 106 karma points
    Jul 14, 2023 @ 15:15
    Tobias
    0

    Examine search filtered for restricted content

    Hi!

    Adding a search for my fairly simple site I'm using IExamineManager. On this site I have some content that is restricted for members and some that are publically available.

    I want to make the search to show hits depending to what you have access to. What would be the best way to achieve this? I can only figure this out using IPublicAccessService and check every single document which does not seem very effective.

    Looking in the backoffice it seems that my External index does not have the restricted pages, which forces me to query the Internal index which probably also forces me to verify the document is published. Hoping there is a more slick solution to this and any pointers would be appreciated.

    Using version 11.4.2

  • Marc Goodson 2157 posts 14431 karma points MVP 9x c-trib
    Jul 16, 2023 @ 09:43
    Marc Goodson
    101

    Hi Tobias

    The InternalIndex is generally used by the Umbraco Backoffice to provide the internal search for editors, and so supports indexing unprotected content and unpublished content.

    The ExternalIndex is provided with some default configuration that might suit most sites, to allow you to search Published Content.

    The configuration around these indexes can be changed or you can add your own new index with a yepspecific configuration.

    With the indexes there is a property called 'SupportProtectedContent'

    https://github.com/umbraco/Umbraco-CMS/blob/2b629693950818865a9f8ee316ec7bc1538d287f/src/Umbraco.Infrastructure/Examine/IUmbracoIndex.cs#L31

    By default, InternalIndex has this set to true, and ExternalIndex set to false.

    There is some information here about how you can change this configuration.

    https://docs.umbraco.com/umbraco-cms/reference/searching/examine/indexing

    Now in terms of protecting content, it depends on how many different MemberGroups you have with variation of access levels for the current user.

    What I've done in the past, is tap into the TransformingIndexValues Notification (formerly GatheringNodes), and add a new custom field to the index called 'PermittedMemberAccess' which has the word 'PUBLIC' by default, but is replaced with either 'PRIVATE' if it's only accessible to logged in members or set it to a space delimited string of member groups that can access it., eg "ProductOwner ProductBuyer RegionalCustomer" or whatever!

    With these values in the index, when a search is performed on the front end, I can check if the searcher is logged in, if not, I restrict the Examine Query to only return entries from the index with 'PUBLIC' in the PermittedMemberAccess field. If the user is logged in, then I can read their member groups, and update the query to be all entries with 'PUBLIC' in the PermittedMemberAccess AND any entries with a matching 'Member Group Name'

    What I've found, if there are tons of different MemberGroups, or different combinations of MemberGroup access is applied to different pages across the site, that PublicAccess can be a pain (as when you apply it to a document you have to pick the login page, the error page and select the groups - it's fine if you are just tying down a Members Area, but if you have a ton of individual Blog Posts that are targeted at different Member Groups it becomes unsustainable! Then I usually create a Property on the Content item, that is a checkbox list of the permitted Member Groups, and read this in the TransformingIndexValues event, that is also better for performance (as Public Access makes database queries).

    Anyway lots of waffle, hope that gives you a steer!

    regards Marc

  • Tobias 4 posts 106 karma points
    Jul 16, 2023 @ 11:45
    Tobias
    1

    Thank you Marc for your extensive answer. I will look into your recommendations.

    I only have 2 member groups which can be considered hierarcal and only used for read or not read content. Feels like the custom field is a good way to go for now.

Please Sign in or register to post replies

Write your reply to:

Draft