Making Elasticsearch the default search engine was one of the major enhancements introduced in the Nuxeo Platform 6.0. Needless to say, forward compatibility is a major concern for us. So we integrated Elasticsearch in a non-disruptive way so that the migration path for our customers requires only minimum effort and no additional skills. From a technical point of view this means that we plugged the search engine to our query interface. Nuxeo queries are translated to Elasticsearch queries, the permission filters being added in the process.
This approach comes with many advantages but what if you already have the knowledge, the technical skills and maybe even existing pieces of software built on top of Elasticsearch. Then you most likely want to leverage those and be given the possibility to query your cluster directly. Today you can’t really do that because it requires you to build your own permission checks in order to enforce the permissions set in the Nuxeo Platform. That’s why we came up with the idea of adding an API passthrough.
To explain it simply, the Nuxeo Platform provides an API endpoint which forwards queries to Elasticsearch while applying the permission filters. Thus you get the best of both worlds - the ability to use the full extent of Elasticsearch query DSL, or even better, use Elasticsearch clients (JS, Python …) without having to worry about user permissions!
Sample architecture for a web app
Let’s illustrate how you can use this new API! We built a simple search UI](https://github.com/guirenard/nuxeo-elasticsearch-passthrough-demo) using the Elasticsearch jQuery client, semantic-ui and mustache. It shows several features of Elasticsearch such as fuzzy queries and result highlighting.
Custom search UI
The only difference with a regular application built directly on top of Elasticsearch is that the JavaScript client object is configured to communicate with a Nuxeo instance instead of an Elasticsearch cluster. Nothing more! You now have access to a secure search service with built-in permission checks!
Here’s a sample JS client configuration:
esClient = new $.es.Client({
hosts: {
protocol: window.location.protocol,
host: window.location.hostname,
port: window.location.port,
path: '/nuxeo/site/es',
headers: {
'Content-Type' : 'application/json',
'Authorization': 'Basic ' +
btoa('Administrator:Administrator')
}
}
});
Some Useful Features of Elasticsearch
Highlighting
For each search result, Elasticsearch returns a short fragment of text from the original document where the keywords are highlighted. This way users can quickly assess whether or not a search result is relevant.
Highlighting example
Fuzzy Queries
Fuzziness is quite useful when you search for something without knowing the exact spelling. This type of query will not only try to match the given keywords or phrase but also similar terms within a maximum edit distance which is more or less the number of different characters. In the example below I misspelled “cloud computing” with “clod comptin” on purpose but still get the same results as I would have with the correct spelling.
Fuzzy query example
You can get a better idea of how powerful Elasticsearch is by having a look at their documentation. This new passthrough API really opens great perspectives and brings applications built with the Nuxeo Platform one step closer to providing a Google-like search experience without any compromise on data and content security. Until the release of the next Fast Track - Nuxeo Platform 7.3, you can try the API with a snapshot distribution.
Let us know what you think about it!