Hi, we are looking into the LLM and index vor LLM extensions which are in Beta state. IT IS SUCH A COOL FEATURE and very likely the future on how users interact with their knowledge! It has settings to only give the LLM information from the RAG (index for LLM) that the user asking is actually allowed to know based on his view rights. So the integrated RAG can index the entire XWiki and users only get information for what they have the rights for - which is good and important.
BUT: One thing I noticed is, that the collections (the RAG) and their entries are visible to ALL users. So users can - if they know how to access hidden pages - navigate to the collections and search the collection and read all the information (in XWiki source code) about any pages that are inside the RAG, no matter if they have the view rights to the pages where the Index is from.
Im not that familiar about how extensions written in velocity and groovy can work with rights, I know users need to have view rights to extensions in order to use/run them, they can only be hidden - I suspect maybe the same priciple is the case for information that needs to be used by such extensions.
Is this a simple bug or is this a neccessary downside by the extension design of XWiki?
I personally think right now the only safe way would be to make multiple (but this would mean MANY) collections and then manually give rights to these collections based on if the user is allowed to see these information anyway or not - but this would probably be very tiresome and im not even sure if this would work, or maybe break the LLM / Index for the LLM application.
Does someone has a better current solution than my theory or did I maybe had a big misunderstanding?
One long term solution I can think of in theory would probably, if the RAG index entrys themself get the same rights that the pages of which they are taken during indexing. Every change in the page that would lead to reindex (or manually reindexing by admin) would lead to updating of the permissions of the entries too to prevent possible data leaks. - But im absolutely unsure if this is possible.