mrvisser/filterUserNetwork.js

## filterUserNetwork.js

/**
 * Create an ElasticSearch filter that will filter to only users that are in the current user's
 * group network. Generally speaking, it could be said that it "filters to resources whose direct
 * memberships intersect with the direct and indirect memberships of the current user." While this
 * method does not specifically filter to only user resources, it is implied as only users have
 * memberships search documents associated to them.
 *
 * @param  {String}     userId              The id of the user whose user network to create a filter for
 * @param  {String[]}   indirectGroupIds    The list of group ids to which the user has indirect access (i.e., is a member of by virtue of direct membership in another group)
 * @param  {Function}   callback            Standard callback function
 * @param  {Object}     callback.err        An error that occurred, if any
 * @param  {Object}     callback.filter     The ElasticSearch filter that will filter by user network. If unspecified, it implies the user has explicit access to *nothing*
 */
var filterUserNetwork = module.exports.filterUserNetwork = function(userId, indirectGroupIds) {
    return createHasChildQuery(
        AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS,
        createFilteredQuery(
            null,
            filterOr(

                // Include all resources (users) whose direct memberships intersect with the
                // indirect membership ids of the user performing the search
                filterTerms('direct_memberships', indirectGroupIds),

                // Additionally, include all resources (users) whose direct memberships intersect
                // with the *direct* memberships of the user performing the search
                filterTerms('direct_memberships', {
                    'type': AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS,
                    'id': getChildSearchDocumentId(AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS, userId),
                    'path': 'direct_memberships',
                    'routing': userId,
                    'cache': false
                })
            )
        )
    );
};

	/**
	* Create an ElasticSearch filter that will filter to only users that are in the current user's
	* group network. Generally speaking, it could be said that it "filters to resources whose direct
	* memberships intersect with the direct and indirect memberships of the current user." While this
	* method does not specifically filter to only user resources, it is implied as only users have
	* memberships search documents associated to them.
	*
	* @param {String} userId The id of the user whose user network to create a filter for
	* @param {String[]} indirectGroupIds The list of group ids to which the user has indirect access (i.e., is a member of by virtue of direct membership in another group)
	* @param {Function} callback Standard callback function
	* @param {Object} callback.err An error that occurred, if any
	* @param {Object} callback.filter The ElasticSearch filter that will filter by user network. If unspecified, it implies the user has explicit access to nothing
	*/
	var filterUserNetwork = module.exports.filterUserNetwork = function(userId, indirectGroupIds) {
	return createHasChildQuery(
	AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS,
	createFilteredQuery(
	null,
	filterOr(

	// Include all resources (users) whose direct memberships intersect with the
	// indirect membership ids of the user performing the search
	filterTerms('direct_memberships', indirectGroupIds),

	// Additionally, include all resources (users) whose direct memberships intersect
	// with the direct memberships of the user performing the search
	filterTerms('direct_memberships', {
	'type': AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS,
	'id': getChildSearchDocumentId(AuthzConstants.search.MAPPING_RESOURCE_MEMBERSHIPS, userId),
	'path': 'direct_memberships',
	'routing': userId,
	'cache': false
	})
	)
	)
	);
	};