Module org.elasticsearch.xcore
Class SecurityIndexReaderWrapper
java.lang.Object
org.elasticsearch.xpack.core.security.authz.accesscontrol.SecurityIndexReaderWrapper
- All Implemented Interfaces:
org.elasticsearch.core.CheckedFunction<org.apache.lucene.index.DirectoryReader,org.apache.lucene.index.DirectoryReader, IOException>
public class SecurityIndexReaderWrapper
extends Object
implements org.elasticsearch.core.CheckedFunction<org.apache.lucene.index.DirectoryReader,org.apache.lucene.index.DirectoryReader,IOException>
An IndexReader wrapper implementation that is used for field and document level security.
Based on the ThreadContext this class will enable field and/or document level security.
Field level security is enabled by wrapping the original DirectoryReader in a FieldSubsetReader
in the apply(DirectoryReader) method.
Document level security is enabled by wrapping the original DirectoryReader in a DocumentSubsetReader
instance.
-
Constructor Summary
ConstructorsConstructorDescriptionSecurityIndexReaderWrapper(Function<ShardId, SearchExecutionContext> searchExecutionContextProvider, DocumentSubsetBitsetCache bitsetCache, SecurityContext securityContext, XPackLicenseState licenseState, ScriptService scriptService) -
Method Summary
Modifier and TypeMethodDescriptionorg.apache.lucene.index.DirectoryReaderapply(org.apache.lucene.index.DirectoryReader reader) protected IndicesAccessControlprotected UsergetUser()
-
Constructor Details
-
SecurityIndexReaderWrapper
public SecurityIndexReaderWrapper(Function<ShardId, SearchExecutionContext> searchExecutionContextProvider, DocumentSubsetBitsetCache bitsetCache, SecurityContext securityContext, XPackLicenseState licenseState, ScriptService scriptService)
-
-
Method Details
-
apply
public org.apache.lucene.index.DirectoryReader apply(org.apache.lucene.index.DirectoryReader reader) - Specified by:
applyin interfaceorg.elasticsearch.core.CheckedFunction<org.apache.lucene.index.DirectoryReader,org.apache.lucene.index.DirectoryReader, IOException>
-
getIndicesAccessControl
-
getUser
-