Aulafy
Courses/Advanced and secure RAG/Qdrant Multi-User and Permissions

Qdrant Multi-User and Permissions

The most dangerous failure in multi-user RAG isn't answering incorrectly: it's retrieving the right document for the wrong person. Permissions must be enforced before sending context to the model.

  • Design payloads to isolate clients, users, and documents.
  • Apply filters before retrieving chunks.
  • Avoid one collection per client when it's not necessary.

Minimum Payload

TerminalCode
{
  "tenant_id": "cliente_acme",
  "workspace_id": "legal",
  "document_id": "contrato-001",
  "page": 12,
  "visibility": "internal",
  "allowed_roles": ["admin", "legal"],
  "source": "contratos/contrato-001.pdf"
}

Filter Before Search

TerminalCode
from qdrant_client import QdrantClient, models

client = QdrantClient("http://localhost:6333")

filtro = models.Filter(
    must=[
        models.FieldCondition(
            key="tenant_id",
            match=models.MatchValue(value="cliente_acme"),
        ),
        models.FieldCondition(
            key="allowed_roles",
            match=models.MatchAny(any=["legal"]),
        ),
    ]
)

resultados = client.query_points(
    collection_name="documentos",
    query=[0.01, 0.02, 0.03],
    query_filter=filtro,
    limit=5,
)

Leak Test

TerminalCode
Caso:
- Usuario A pertenece a cliente_acme
- Usuario B pertenece a cliente_beta
- Ambos tienen una pregunta parecida

Test:
1. Indexa documentos con tenant_id distinto.
2. Pregunta como usuario A.
3. Verifica que ningún chunk de cliente_beta aparece en la traza.