Applying security permissions to the CoveoItem during post processing
We have some items that do not own or inherit permissions in SItecore, but must have them applied dynamically during indexing,
I have been trying to add permissions to the CoveItem in the post indexing processing ags. While it seems to be working - i.e. no errors are generated when the index is run. I'm not seeing results them show up in the CES backend.
There are 2 tasks I'm trying to performt he first is to remove anonymous access to the document and the second is to add read access to multiple roles.
When I don't include code to remove anonymous access and just apply the the new access roles it will index the documents, but the access roles are not showing in the permisssions tab in the indexed documents search.
I found this link that suggests that the permissions property should not be touched. It is public so I didn't know if this is an unimplemented feature or if I'm going about things the wrong way.
Can you suggest a way without changing permissions in the SItecore tree to get these permissions added to the document?
Hi jflheureux, these specific documents are created using the SharePoint connector which is constantly refreshed. so setting permissions manually on the tree is a losing battle, and I was attempting to avoid post processing as the requirements for the index are different to the requirements for direct access. The intention was to attempt to cascade the permissions that did come through from SharePoint on the document folders, to the documents themselves.
We have a work around that processes security roles at runtime to restrict access. I know this is an unusual requirement. The confusion arose from the property being public but not annotated to instruct developers not to use it.
For anyone else with similar crazy aspirations, Coveo support have confirmed that this something that could be feasible but would require additional effort to prove out.
It's definitely not the recommended approach to applying security, and I completely understand why. If only the business logic was on he same page, I could have saved myself some time.
We are using the latest and greatest April 2015 releases of CFS and CES.