Add FAQ sectino

Signed-off-by: Peter Nied <[email protected]>

server/src/main/java/org/opensearch/action/ResourceRequest.java

@@ -5,34 +5,36 @@
 import java.util.Map;
 import java.util.regex.Pattern;
 
-import org.opensearch.common.ValidationException;
 import org.opensearch.common.annotation.ExperimentalApi;
 
 /**
  * TODO: This validation should be associated with REST requests to ensure the parameter is from the URL
+ * Note; this should work well in RestHandlers
  * 
  * Context: If all of the resource information is in the URL, caching which can include responses or authorization are trivial
  */
 @ExperimentalApi
 public interface ResourceRequest {
 
-    static final Pattern ALLOWED_KEY_PATTERN = Pattern.compile("[a-zA-Z_-]+");
-    static final Pattern ALLOWED_VALUE_PATTERN = Pattern.compile("[a-zA-Z_-]+");
+    static final Pattern ALLOWED_RESOURCE_NAME_PATTERN = Pattern.compile("[a-zA-Z_-]+");
+    /** 
+     * Don't allow wildcard patterns
+     * this has large impact to perf and cachability */
+    static final Pattern ALLOWED_RESOURCE_ID_PATTERN = Pattern.compile("[a-zA-Z_-]+");
 
     /**
-     * Extracts resource key value pairs from the request parameters
-     * Note; these resource must be part of the 
+     * Validates the resource type and id pairs are in an allowed format
      */
-    Map<String, String> getResourceIds();
+    Map<String, String> getResourceTypeAndIds();
 
     public static ActionRequestValidationException validResourceIds(final ResourceRequest resourceRequest, final ActionRequestValidationException validationException) {
-        resourceRequest.getResourceIds().entrySet().forEach(entry -> {
-            if (!ALLOWED_KEY_PATTERN.matcher(entry.getKey()).matches()) {
-                addValidationError("Unsupported resource key is not supported; key: " + entry.getKey() + " value: "  + entry.getValue() + " allowed pattern " + ALLOWED_VALUE_PATTERN.pattern(), validationException);
+        resourceRequest.getResourceTypeAndIds().entrySet().forEach(entry -> {
+            if (!ALLOWED_RESOURCE_NAME_PATTERN.matcher(entry.getKey()).matches()) {
+                addValidationError("Unsupported resource key is not supported; key: " + entry.getKey() + " value: "  + entry.getValue() + " allowed pattern " + ALLOWED_RESOURCE_NAME_PATTERN.pattern(), validationException);
             }
 
-            if (!ALLOWED_VALUE_PATTERN.matcher(entry.getKey()).matches()) {
-                addValidationError("Unsupported resource value is not supported; key: " + entry.getKey() + " value: "  + entry.getValue() + " allowed pattern " + ALLOWED_VALUE_PATTERN.pattern(), validationException);
+            if (!ALLOWED_RESOURCE_ID_PATTERN.matcher(entry.getKey()).matches()) {
+                addValidationError("Unsupported resource value is not supported; key: " + entry.getKey() + " value: "  + entry.getValue() + " allowed pattern " + ALLOWED_RESOURCE_ID_PATTERN.pattern(), validationException);
             }
         });
 

server/src/main/java/org/opensearch/action/search/ViewSearchRequest.java

@@ -107,7 +107,7 @@ public String toString() {
     }
 
     @Override
-    public Map<String, String> getResourceIds() {
+    public Map<String, String> getResourceTypeAndIds() {
         return Map.of(RestViewAction.VIEW_ID, view.name);
     }
 }

server/src/main/java/org/opensearch/index/view/views-design.md

@@ -30,6 +30,11 @@ sequenceDiagram
     HTTP_Request-->>Client: Return
 ```
 
+### Frequently Asked Questions
+
+#### How do views work with fine grain access control of index data?
+
+#### What happens with existing DLS and FLS rules and searches on views? 
 
 ### Local Testing