[katello-devel] search over rest api - interface design
Lukas Zapletal
lzap at redhat.com
Mon Jul 18 09:31:50 UTC 2011
On 07/18/2011 10:43 AM, Amos Benari wrote:
> Yep, I thought it's an interesting idea too, and captured the discussion
> here:http://scopedsearch.wordpress.com/2011/07/17/scoped-search-vs-lucene/
> Thanks,
Sorry for the topic diversion. I don't think its time for discussion
about scoped_search architecture.
If we need fulltext in future it could be nicely integrated in
scoped_search somehow. My guess is we only need it in Pulp (packages
metadata), so we could build something dedicated to it in MongoDB on the
Pulp side.
One more idea - we should be aware about permissions for the results. I
mean when user search for systems by name, we should only present those
which user has permission for.
Frankly I would like the 3rd option the most (Use SQL or mongodb-Jason
as an interface). It looks like the most "clean" way. What really the
security considerations are in this case? Because my assumptions are:
- backend engines trust Katello
- communication is secure
- search is read only
Therefore backend engines could expose such a SQL/MongoDB bridge under
some read-only account and only accessible via OAuth. I don't see any
issues with this approach. The only drawback is exposing of internal
data structure which can change in future. Like everything else after all.
--
Later,
Lukas Zapletal | E32E400A
RHN Satellite Engineering
Red Hat Czech s.r.o. Brno
More information about the katello-devel
mailing list