ingest: raise visibility of ingest plugin documentation (#35048)
* move the set security user processor to the main documentation * link to plugin processors part of #33188
This commit is contained in:
Jake Landis
GitHub
parent
a95f05780d
commit
c2766b65cf
|
|
@ -764,6 +764,12 @@ A node will not start if either of these plugins are not available.
|
|||
The <<ingest-stats,node stats API>> can be used to fetch ingest usage statistics, globally and on a per
|
||||
pipeline basis. Useful to find out which pipelines are used the most or spent the most time on preprocessing.
|
||||
|
||||
[float]
|
||||
=== Ingest Processor Plugins
|
||||
|
||||
Additional ingest processors can be implemented and installed as Elasticsearch {plugins}/intro.html[plugins].
|
||||
See {plugins}/ingest.html[Ingest plugins] for information about the available ingest plugins.
|
||||
|
||||
[[append-processor]]
|
||||
=== Append Processor
|
||||
Appends one or more values to an existing array if the field already exists and it is an array.
|
||||
|
|
@ -2440,6 +2446,43 @@ include::ingest-node-common-processor.asciidoc[]
|
|||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
|
||||
|
||||
[[ingest-node-set-security-user-processor]]
|
||||
=== Set Security User Processor
|
||||
Sets user-related details (such as `username`, `roles`, `email`, `full_name`
|
||||
and `metadata` ) from the current
|
||||
authenticated user to the current document by pre-processing the ingest.
|
||||
|
||||
IMPORTANT: Requires an authenticated user for the index request.
|
||||
|
||||
[[set-security-user-options]]
|
||||
.Set Security User Options
|
||||
[options="header"]
|
||||
|======
|
||||
| Name | Required | Default | Description
|
||||
| `field` | yes | - | The field to store the user information into.
|
||||
| `properties` | no | [`username`, `roles`, `email`, `full_name`, `metadata`] | Controls what user related properties are added to the `field`.
|
||||
include::ingest-node-common-processor.asciidoc[]
|
||||
|======
|
||||
|
||||
The following example adds all user details for the current authenticated user
|
||||
to the `user` field for all documents that are processed by this pipeline:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
{
|
||||
"processors" : [
|
||||
{
|
||||
"set_security_user": {
|
||||
"field": "user"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
|
||||
|
||||
[[split-processor]]
|
||||
=== Split Processor
|
||||
Splits a field into an array using a separator character. Only works on string fields.
|
||||
|
|
|
|||
|
|
@ -9,53 +9,18 @@ To guarantee that a user reads only their own documents, it makes sense to set u
|
|||
document level security. In this scenario, each document must have the username
|
||||
or role name associated with it, so that this information can be used by the
|
||||
role query for document level security. This is a situation where the
|
||||
`set_security_user` ingest processor can help.
|
||||
{ref}/ingest-node-set-security-user-processor.html[Set Security User Processor] ingest processor can help.
|
||||
|
||||
NOTE: Document level security doesn't apply to write APIs. You must use unique
|
||||
ids for each user that uses the same index, otherwise they might overwrite other
|
||||
users' documents. The ingest processor just adds properties for the current
|
||||
authenticated user to the documents that are being indexed.
|
||||
|
||||
The `set_security_user` processor attaches user-related details (such as
|
||||
The {ref}/ingest-node-set-security-user-processor.html[set security user processor] attaches user-related details (such as
|
||||
`username`, `roles`, `email`, `full_name` and `metadata` ) from the current
|
||||
authenticated user to the current document by pre-processing the ingest. When
|
||||
you index data with an ingest pipeline, user details are automatically attached
|
||||
to the document. For example:
|
||||
to the document.
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
PUT shared-logs/log/1?pipeline=my_pipeline_id
|
||||
{
|
||||
...
|
||||
}
|
||||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
For more information see {ref}/ingest.html[Ingest node] and {ref}/ingest-node-set-security-user-processor.html[Set security user processor].
|
||||
|
||||
For more information about setting up a pipeline and other processors, see
|
||||
{ref}/ingest.html[ingest node].
|
||||
|
||||
[[set-security-user-options]]
|
||||
.Set Security User Options
|
||||
[options="header"]
|
||||
|======
|
||||
| Name | Required | Default | Description
|
||||
| `field` | yes | - | The field to store the user information into.
|
||||
| `properties` | no | [`username`, `roles`, `email`, `full_name`, `metadata`] | Controls what user related properties are added to the `field`.
|
||||
|======
|
||||
|
||||
The following example adds all user details for the current authenticated user
|
||||
to the `user` field for all documents that are processed by this pipeline:
|
||||
|
||||
[source,js]
|
||||
--------------------------------------------------
|
||||
{
|
||||
"processors" : [
|
||||
{
|
||||
"set_security_user": {
|
||||
"field": "user"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
--------------------------------------------------
|
||||
// NOTCONSOLE
|
||||
Loading…
Reference in New Issue