Gravatar for bciancio@trident-it.com

Question by bciancio, May 25, 2017 7:22 PM

Salesforce - Altering Search Results Before They Are Displayed in a Search Interface

Currently:

We created a custom search page and added a Search Interface. Once we went to that page we did the initial generation of the search interface code and have been modifying this search to meet our requirements.

Business Requirement:

We need the ability to take the results that we get back from Coveo and that display after a search and restrict which results display. Salesforce standard permissions are not able to be leveraged in order to restrict access to records.

Question:

How might we go about altering the search results returned from performing the search prior to those results displaying?

Note:

This request is listed in the documentation here. However, this specific request is Salesforce specific.

Thanks for your time!

Gravatar for gminero@coveo.com

Comment by gminero, May 25, 2017 8:11 PM

what criteria will you be using to determine what is displayed and what not? are you using lightning communities or is this in a visualforce page?

2 Replies
Gravatar for gminero@coveo.com

Answer by gminero, May 25, 2017 9:01 PM

I would suggest creating an apex class to send the context to the interface as mentioned here: https://developers.coveo.com/display/public/SalesforceV2/Send+Apex+Context+to+a+JavaScript+Search+Interface

I hope this addresses your needs.

Gravatar for jpdery@coveo.com

Answer by jpdery, May 26, 2017 8:27 PM

Since you are dealing with security (sensitive data?) I would expand on @gminero `s answer. Keep the apex class approach, but instead of using it client-side (javascript), use it server/apex/searchToken-side.

https://developers.coveo.com/display/public/SalesforceV2/JsSearch+Visualforce+Component#JsSearchVisualforceComponent-filter

This adds a query expression (or filter) inside the search token generated for the current page. This filter is executed on every query. Since it is included in the cryptographically signed JWT token, client code cannot tamper with this.

VF code:

<CoveoV2:JsSaerch filter='{!accessTypeFilter}/>

Apex (I dont know what I am doing here, but you do):

public string accessTypeFilter='';

//constructor public myClass(){

if(...) accessTypeFilter='internal'

else accessTypeFilter='public'

}

Ask a question