...
This article provides information on how to use about the functionality, configuration and workflow behind the filter by permissions feature and how it worksof the Sitefinity connector.
Prerequisite
| Info |
|---|
Configured Connector - Configure Hawksearch |
...
Steps to configure filtering by Permissions
Create Open the Sitefinity backend, create a user and assign him a roleOpen or create a Sitefinity page
Edit the permission for that role so that the user cannot view a certain content type e.g News
Go to Content and create one blog post and one news
Go to Administration → Search Indexes , create an index and reindex
Create a Sitefinity page and open it for editting
Place the Hawksearch box and Hawksearch results widgets
Open the widget designer of each widget and click the Filter by permissions checkbox
Under Where to search choose the newly created index and save the changes
Open the page in the Frontend and search for the news that was created
Filter by permissions workflow
| Info |
|---|
When filtering is active the connector exposes endpoints for the search and autocomplete queries making it work as a proxy. |
Typing in the search box triggers the connector’s autocomplete endpoint. Searching , searching triggers the connectors connector's search endpoint.
A server-side call to the Hawksearch API is made which returns the result results for that request.
The user’s permissions are evaluated and used to filter the results server-side.
After the filtering is completed the results are displayed to the user though the Hawksearch result results widget.
By filtering the results on the server nobody will be able to intercept the request cannot be intercepted client-side and see therefore making sure the results cannot be seen before they were filtered.
...