How do I get "best match" within a Azure Search service query, if all matches are filtered out?

Question

Google offers a "did you mean..." feature that allows for alternative matches in case you misspell or confuse something in the search.

In my case, I want users to discover a "best match", even if it was excluded by the facets.

Example:

Suppose I have an online game (Warcraft like), where an individual purchases or acquires a set of powers and tools.

I want to show a list of all the things they can access, and the next items needed to grow into new categories. Categories could be health, strength, defense, etc.

Query 1:

Where can I go, or what doors can I open with the tools, experience, 
and strength I have?

Query 2:

Search for the shortest path of upgrades to get me to level 4. 
Display cost, location on map, etc.

Query 3:

There are 1,000 different ways to open this door. Some for gremlins, orcs, 
 and wizards.  What is the best way forward given the tools I own? 

Research:

I'm looking at DocumentDB and MSFT Azure search to handle these queries, but I haven't figured out

1. How to include the user's current purchase/asset history to provide meaningful yet privacy preserving, results. (don't want other users to see data from other users)

2. How to get the best match, where some facets are more important than others (a bow and arrow is worth more than a damaged million dollar weapon)

3. Shortest path to solution problem. Given the users purchase history, and a goal, what are the most effective next purchases to move on?

Answer 1

Adding an Azure Search crawler over Azure Cosmos DB (via DocumentDB API) is certainly an option for handling full-text search and misspellings - however, full-text search may not be the best fit for some of the scenarios discussed in your question.

For example, the shortest path problem and many of the example queries above may be better modeled using the Azure Cosmos DB Graph API - which will likely yield much better latency for a gaming scenario.

As for preserving privacy - is the data served through a server / middle-tier, or will the individual game clients have direct access to the database? If going through a middle-tier, you'll find it much easier to implement security on the middle-tier itself. If granting direct access to the database to downstream individual game clients, you can generate a set of temporary resource tokens using the user and permissions model - so that the downstream clients only have access to a particular resource (e.g. document or collection). You'll need to build a middle-tier to lease and refresh the temporary resource tokens - and the downstream clients will use those to access the database as opposed to a master or read-only key.