[TYPO3-Solr] Access restriction issues

[Dmitry Dulepov]

Hi!

I just ran into one access protection issue with indexed data, which I have 
no idea how to solve. May be somebody has a hint.

We have irfaq items, which are stored in a sysfolder. Neither sysfolder, 
nor irfaq items have access restrictions. There are many irfaq items there, 
some of them are displayed on normal pages, others on protected pages. We 
use categories to distinguish where to display items. There is a 
postUserFunc in "typolink.parameter" to supply a proper pid depending on 
the item category. This all works.

Also we have an Extranet section on the site, which is access-restricted 
with FE user groups. One of such pages displays irfaq entries, which 
(obviously) should be visible only to that user group.

We index irfaq entries normally (using TS setup). However the result we get 
is strange:
- the irfaq item has "r:1" as "access" field [?]
- non-logged in users cannot find the FAQ item [ok]
- any logged in user can see the FAQ item with summary in search results, 
even if he is not in the user group of the FAQ page [wrong]
- URL of the item is always empty (also in the Solr admin interface) [wrong]

I can understand why the URL is empty: Solr ext uses typolink to build the 
URL and TYPO3 will not produce any because no appropriate user is logged 
in. Should there be a hook to allow link generation without access 
restrictions? I think the URL should be always there but results should be 
filtered according to current user's group list.

It is unclear why *any* logged in user can see the result, even if he has 
no corresponding page permissions. Probably it should be handled in some 
way. Or may be I do not know how to configure it properly :(

If the Solr team can comment, it would be very helpful to me :) Such setup 
is not uncommon I think.

-- 
Dmitry Dulepov

Simplicity will save the world.