Skip to content

Commit 5afffde

Browse files
madnificentmadnificent
committed
Add readme for wildcard variable matching
Explanation is a bit complex but we will not supply more extensive documentation for the experimental feature. Co-author: @erikap
1 parent 305a2b6 commit 5afffde

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

README.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -787,10 +787,13 @@ Assume your application contains a company-specific user group in the authorizat
787787

788788
A typical group to be specified as a single `eager_indexing_group` is `{ "variables": [], "name": "clean" }`. The index will not contain any data, but will be used in the combination to fully match the user's allowed groups.
789789

790-
#### [EXPERIMENTAL] Ignoring allowed groups
790+
#### [Experimental] Ignoring allowed groups
791791
In some cases you may search to ignore certain allowed groups when looking for matching indexes. Typically because they will not relate to data that has to be indexed and you want to avoid having many empty indexes. In this case you will have to provide an entry in the `ignored_allowed_groups` list for each group, currently this means including each possible variable value.
792792
For example the clean group can be added to `ignored_allowed_groups` by adding `{ "variables": [], "name": "clean" }` to the list.
793793

794+
#### [Experimental] Dynamic allowed group variables
795+
In some cases you may encounter variables which are not known up front. The `"variables"` array accepts a `"*"` to indicate a wildcard for an attribute. This is currently supported in `ignored_allowed_groups`. In `eager_indexing_groups` this is supported, but only if the `eager_indexing_group` array contains a single group. Within `eager_indexing_groups` this allows us to create a dynamic index for an access right whilst still indicating this index does not impact other indexes. For example, you may want to index the user's message history (`[{ "name": "user", "variables": ["*"] }]` which does not impact the index of the code-lists in public `[{ "name": "public", "variables": [] }].` An example for ignored groups may be to ignore all of the anonymous sessions' information which could be done as: `ignored_allowed_groups": [ { "name": "anonymous-session", "variables": ["*"] } ]`.
796+
794797
### Delta integration
795798
Mu-search integrates with the delta's generated by [mu-authorization](https://github.com/mu-semtech/mu-authorization) and dispatched by the [delta-notifier](https://github.com/mu-semtech/delta-notifier).
796799

0 commit comments

Comments
 (0)