[Vtigercrm-developers] Email marketing scenario
Alan Bell
alan.bell at libertus.co.uk
Thu Aug 18 09:08:21 GMT 2016
On 15/08/16 08:57, IT-Solutions4You wrote:
> Hi Alan
>
> > it runs on the various events, create/save/delete and updates the
> > corresponding document in the full text server. The full text server
> > basically gets given the column_values array as key value pairs.
>
> I have question:
> Do you check fields permission during search? And what about
> deactivate/activate custom fields using layout editor. I think custom
> fields can be also deleted.
no - so that does mean people can find results based on keywords in
fields they are not allowed to see. However, all we show the user is the
label for the entity, or in the full page search we show the entities
through standard list views so fields the user isn't allowed to see
shouldn't show up. There are some other edge cases, like deleting or
deactivating a field doesn't cause the index to update, so at that point
you might be able to search for fields that are no longer on the
document and will remain in the index until the document is edited or
the index is rebuilt.
>
> IMHO search has to be done on the fly not from stored data. What do
> you think ?
well ultimately it has to be done using an index of some form, or you
are doing a brute force search which doesn't scale. The question is how
the index is maintained and whether there is any possibility of the
index becoming out of sync with the data. That is why we have things
being indexed on event handlers, to try and keep the index as live as
possible. It isn't perfect, but it does scale and doesn't impact the
performance for other users like the 5.4 search did.
Alan.
More information about the vtigercrm-developers
mailing list