Goal: Deliver detailed architectural documentation
Handling access control
- With each indexed record we store list of groups that are allowed to read a document and list of groups that are denied from reading the doc;
- With each search a list of user’s roles is provided that we match with every document
Handling hit landing page
- Not in the domain of the Corteza Discovery, we store the destination URL with every indexed document and we redirect user to it.
Corteza Discovery Architecture overview
- Each indexing policy is configured to index a subset (or all) module fields.
- Record values in these fields are indexed and published accordingly.
- We are relying on internal RBAC mechanisms to protect the records and their values.
New system-level roles:
- Public indexer. Meant for users that are not logged-in.
- Protected indexer. Meant for foreign systems that are under some kind of access control.
- Private indexer. Used by known, authenticated users to do cross-system searches.
Indexed records can then be stored in 1 or 3 different ES indexes. When search is performed only one of the indexes is used depending on current security context.
Corteza can be configured in a way that it does allow the use of certain index policy.
Different levels of indexing policies.
Corteza Discovery pages:
– Corteza Discovery – UI Prototype
– Corteza Discovery – Detailed Architecture
– Corteza Discovery – Corteza Accessibility Improvements
– Corteza Discovery – Proof of Concept Development