Where would the best place be to check for the view permission on index documents. In the verity plugin I could loop through the results and create an new query in the displaySearch by using:
With Solrpro it looks like the start and rows to return go right into the guts of cfsolrlib.cfc (I know that a good thing) not making it possible to do any custom filtering before display. Or am I mistaken?
Well, looping over the results in CF and creating a new cf query result is not very efficient. A better way to do it would be to filter in Solr itself (using a filter query, or fq).
Example: get a list of all objectIds in the site that the user has permission to view (or ids they don’t have permission to view) - assuming the list is readily available somehow - and send that list in as a filter query (you’d be surprised how fast Solr can handle this - even if you sent in millions of Ids… it would have to be sent in as a POST instead of GET to handle the long query string, but it should work in theory). The problem is whether or not you can easily get a list of objectIDs (preferrably cached in CF) that the user has permission to view (or not view).
There may be a better filter option if I can think of one (it’s late and I need to go to bed ). The point is to let the Solr search engine do what it was designed to do (which is much faster than CF query filtering).
Thanks Jeff, in this case in a few hundred docs rather than thousands. I’ll looks into the filter options or look at forcing solr to return the full result set.