diff --git a/intg/src/main/java/org/apache/atlas/model/discovery/IndexSearchParams.java b/intg/src/main/java/org/apache/atlas/model/discovery/IndexSearchParams.java index 384ac27360..8d8cc08247 100644 --- a/intg/src/main/java/org/apache/atlas/model/discovery/IndexSearchParams.java +++ b/intg/src/main/java/org/apache/atlas/model/discovery/IndexSearchParams.java @@ -27,6 +27,7 @@ public class IndexSearchParams extends SearchParams { * (this will include related attributes which has relationshipStatus as DELETED along with ACTIVE ones) * */ private boolean allowDeletedRelations; + private boolean accessControlExclusive; @Override public String getQuery() { @@ -46,6 +47,14 @@ public boolean isAllowDeletedRelations() { return allowDeletedRelations; } + public boolean isAccessControlExclusive() { + return accessControlExclusive; + } + + public void setAccessControlExclusive(boolean accessControlExclusive) { + this.accessControlExclusive = accessControlExclusive; + } + public void setAllowDeletedRelations(boolean allowDeletedRelations) { this.allowDeletedRelations = allowDeletedRelations; } @@ -78,6 +87,7 @@ public String toString() { ", persona='" + persona + '\'' + ", queryString='" + queryString + '\'' + ", allowDeletedRelations=" + allowDeletedRelations + + ", accessControlExclusive=" + accessControlExclusive + ", utmTags="+ getUtmTags() + '}'; } diff --git a/repository/src/main/java/org/apache/atlas/discovery/EntityDiscoveryService.java b/repository/src/main/java/org/apache/atlas/discovery/EntityDiscoveryService.java index 8b2aeecda1..b1b120c3fb 100644 --- a/repository/src/main/java/org/apache/atlas/discovery/EntityDiscoveryService.java +++ b/repository/src/main/java/org/apache/atlas/discovery/EntityDiscoveryService.java @@ -1149,9 +1149,57 @@ private String getIndexName(IndexSearchParams params) throws AtlasBaseException String aliasName = parts[parts.length - 1]; if (StringUtils.isNotEmpty(aliasName)) { + if(params.isAccessControlExclusive()) { + accessControlExclusiveDsl(params, aliasName); + aliasName = aliasName+","+VERTEX_INDEX_NAME; + } return aliasName; } else { throw new AtlasBaseException("ES alias not found for purpose/persona " + params.getPurpose()); } } + + private void accessControlExclusiveDsl(IndexSearchParams params, String aliasName) { + + List> mustClauses = new ArrayList<>(); + Map clientQuery = (Map) params.getDsl().get("query"); + + mustClauses.add(clientQuery); + + List>filterClauses = new ArrayList<>(); + filterClauses.add(getMap("terms", getMap("_index", Collections.singletonList(aliasName)))); + + Map boolQuery = new HashMap<>(); + boolQuery.put("must", mustClauses); + boolQuery.put("filter",filterClauses); + + List> shouldClauses = new ArrayList<>(); + shouldClauses.add(getMap("bool", boolQuery)); + shouldClauses.add(getStaticBoolQuery()); + + Map topBoolQuery = getMap("bool", getMap("should", shouldClauses)); + + Map copyOfDsl = new HashMap(params.getDsl()); + copyOfDsl.put("query", topBoolQuery); + + params.setDsl(copyOfDsl); + } + + private Map getStaticBoolQuery() { + List> mustClauses = new ArrayList<>(); + Map mustClause = getMap("bool", getMap("should", Arrays.asList( + getMap("term", getMap("daapVisibility", "Public")), + getMap("term", getMap("daapVisibility", "Protected")) + ))); + mustClauses.add(mustClause); + + List>filterClauses = new ArrayList<>(); + filterClauses.add(getMap("terms", getMap("_index", Collections.singletonList(VERTEX_INDEX_NAME)))); + + Map boolQuery = new HashMap<>(); + boolQuery.put("must", mustClauses); + boolQuery.put("filter", filterClauses); + + return getMap("bool", boolQuery); + } }