Adding a search for my fairly simple site I'm using IExamineManager. On this site I have some content that is restricted for members and some that are publically available.
I want to make the search to show hits depending to what you have access to.
What would be the best way to achieve this? I can only figure this out using IPublicAccessService and check every single document which does not seem very effective.
Looking in the backoffice it seems that my External index does not have the restricted pages, which forces me to query the Internal index which probably also forces me to verify the document is published. Hoping there is a more slick solution to this and any pointers would be appreciated.
The InternalIndex is generally used by the Umbraco Backoffice to provide the internal search for editors, and so supports indexing unprotected content and unpublished content.
The ExternalIndex is provided with some default configuration that might suit most sites, to allow you to search Published Content.
The configuration around these indexes can be changed or you can add your own new index with a yepspecific configuration.
With the indexes there is a property called 'SupportProtectedContent'
Now in terms of protecting content, it depends on how many different MemberGroups you have with variation of access levels for the current user.
What I've done in the past, is tap into the TransformingIndexValues Notification (formerly GatheringNodes), and add a new custom field to the index called 'PermittedMemberAccess' which has the word 'PUBLIC' by default, but is replaced with either 'PRIVATE' if it's only accessible to logged in members or set it to a space delimited string of member groups that can access it., eg "ProductOwner ProductBuyer RegionalCustomer" or whatever!
With these values in the index, when a search is performed on the front end, I can check if the searcher is logged in, if not, I restrict the Examine Query to only return entries from the index with 'PUBLIC' in the PermittedMemberAccess field. If the user is logged in, then I can read their member groups, and update the query to be all entries with 'PUBLIC' in the PermittedMemberAccess AND any entries with a matching 'Member Group Name'
What I've found, if there are tons of different MemberGroups, or different combinations of MemberGroup access is applied to different pages across the site, that PublicAccess can be a pain (as when you apply it to a document you have to pick the login page, the error page and select the groups - it's fine if you are just tying down a Members Area, but if you have a ton of individual Blog Posts that are targeted at different Member Groups it becomes unsustainable! Then I usually create a Property on the Content item, that is a checkbox list of the permitted Member Groups, and read this in the TransformingIndexValues event, that is also better for performance (as Public Access makes database queries).
Anyway lots of waffle, hope that gives you a steer!
Thank you Marc for your extensive answer. I will look into your recommendations.
I only have 2 member groups which can be considered hierarcal and only used for read or not read content. Feels like the custom field is a good way to go for now.
Examine search filtered for restricted content
Hi!
Adding a search for my fairly simple site I'm using
IExamineManager
. On this site I have some content that is restricted for members and some that are publically available.I want to make the search to show hits depending to what you have access to. What would be the best way to achieve this? I can only figure this out using
IPublicAccessService
and check every single document which does not seem very effective.Looking in the backoffice it seems that my External index does not have the restricted pages, which forces me to query the Internal index which probably also forces me to verify the document is published. Hoping there is a more slick solution to this and any pointers would be appreciated.
Using version 11.4.2
Hi Tobias
The InternalIndex is generally used by the Umbraco Backoffice to provide the internal search for editors, and so supports indexing unprotected content and unpublished content.
The ExternalIndex is provided with some default configuration that might suit most sites, to allow you to search Published Content.
The configuration around these indexes can be changed or you can add your own new index with a yepspecific configuration.
With the indexes there is a property called 'SupportProtectedContent'
https://github.com/umbraco/Umbraco-CMS/blob/2b629693950818865a9f8ee316ec7bc1538d287f/src/Umbraco.Infrastructure/Examine/IUmbracoIndex.cs#L31
By default, InternalIndex has this set to true, and ExternalIndex set to false.
There is some information here about how you can change this configuration.
https://docs.umbraco.com/umbraco-cms/reference/searching/examine/indexing
Now in terms of protecting content, it depends on how many different MemberGroups you have with variation of access levels for the current user.
What I've done in the past, is tap into the TransformingIndexValues Notification (formerly GatheringNodes), and add a new custom field to the index called 'PermittedMemberAccess' which has the word 'PUBLIC' by default, but is replaced with either 'PRIVATE' if it's only accessible to logged in members or set it to a space delimited string of member groups that can access it., eg "ProductOwner ProductBuyer RegionalCustomer" or whatever!
With these values in the index, when a search is performed on the front end, I can check if the searcher is logged in, if not, I restrict the Examine Query to only return entries from the index with 'PUBLIC' in the PermittedMemberAccess field. If the user is logged in, then I can read their member groups, and update the query to be all entries with 'PUBLIC' in the PermittedMemberAccess AND any entries with a matching 'Member Group Name'
What I've found, if there are tons of different MemberGroups, or different combinations of MemberGroup access is applied to different pages across the site, that PublicAccess can be a pain (as when you apply it to a document you have to pick the login page, the error page and select the groups - it's fine if you are just tying down a Members Area, but if you have a ton of individual Blog Posts that are targeted at different Member Groups it becomes unsustainable! Then I usually create a Property on the Content item, that is a checkbox list of the permitted Member Groups, and read this in the TransformingIndexValues event, that is also better for performance (as Public Access makes database queries).
Anyway lots of waffle, hope that gives you a steer!
regards Marc
Thank you Marc for your extensive answer. I will look into your recommendations.
I only have 2 member groups which can be considered hierarcal and only used for read or not read content. Feels like the custom field is a good way to go for now.
is working on a reply...