Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Advanced Search Plugin: Search Query Interceptor #36

Open
Draykee opened this issue Jan 20, 2025 · 0 comments
Open

Advanced Search Plugin: Search Query Interceptor #36

Draykee opened this issue Jan 20, 2025 · 0 comments

Comments

@Draykee
Copy link

Draykee commented Jan 20, 2025
edited
Loading

Summary

I would like to request a feature to intercept and validate search queries. The purpose of this feature is to ensure that access to certain products and channels can be gated before the query is processed and send to Typesense.

Use Case

In my use case, I need to restrict the usage of specific channels in the search input filter to enforce access control. For example:

  • Certain channels should not be available for selection in the search filter for unauthorized users.
  • If no channel is specified, instead of using the default channel, I want to search in all channels the user has access to. Like this, exclusive products stay protected from unauthorized access
  • Additionally, I might need to validate and potentially modify other search input parameter to align with custom business rules.

Currently, overriding the search query would typically allow me to achieve this. However, since the AdvancedSearchPlugin is already overriding the search query, further overrides would result in bad practice and potential maintenance issues.

Proposed Solution

I suggest introducing an InjectableStrategy that allows validation and manipulation of the search input before it is processed and sent to the underlying search service (e.g., Typesense). This strategy could provide the following benefits:

  1. Allow developers to validate inputs and ensure they conform to business logic (e.g., preventing use of restricted channels).
  2. Enable safe and modular manipulation of search inputs without conflicting with the existing query-building logic in the AdvancedSearchPlugin.
@Resolver()
export class ShopResolver  {
   constructor(
        @Inject(SOME_WAY_OF_INJECTING)
        protected interceptor: SearchQueryInterceptor,
    ) {}

    @Query()
    async search(
        @Ctx() ctx: RequestContext,
        @Args() args: QuerySearchArgs,
    ) {
        return this.search(ctx, this.interceptor.intercept(ctx, args));
    }

Expected Behavior

The new InjectableStrategy should provide:

  • A hook to validate search inputs before they are processed.
  • A way to modify or filter inputs programmatically, e.g., disallowing the default channel or limiting searches to only the channels the user has access to.

Benefits

  • Improved flexibility and control over search queries.
  • Input parameter validation
  • Tracking of search queries, other then clickhouse (own, custom logic)
  • Cleaner architecture by avoiding multiple conflicting overrides.
  • Enhanced security and compliance with access restrictions. (in my case)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Draykee