Merge #3136

3136: Fix no master key error r=Kerollmops a=ManyTheFish


Fixes #3135

Co-authored-by: ManyTheFish <many@meilisearch.com>

meilisearch-http/src/extractors/authentication/mod.rs

@@ -31,11 +31,14 @@ impl<P, D> GuardedData<P, D> {
     where
         P: Policy + 'static,
     {
+        let missing_master_key = auth.get_master_key().is_none();
+
         match Self::authenticate(auth, token, index).await? {
             Some(filters) => match data {
                 Some(data) => Ok(Self { data, filters, _marker: PhantomData }),
                 None => Err(AuthenticationError::IrretrievableState.into()),
             },
+            None if missing_master_key => Err(AuthenticationError::MissingMasterKey.into()),
             None => Err(AuthenticationError::InvalidToken.into()),
         }
     }

meilisearch-http/tests/auth/api_keys.rs

@@ -1434,12 +1434,13 @@ async fn error_access_api_key_routes_no_master_key_set() {
 
     server.use_api_key("MASTER_KEY");
 
-    let expected_response = json!({"message": "The provided API key is invalid.",
+    let expected_response = json!({
-        "code": "invalid_api_key",
+        "message": "Meilisearch is running without a master key. To access this API endpoint, you must have set a master key at launch.",
+        "code": "missing_master_key",
         "type": "auth",
-        "link": "https://docs.meilisearch.com/errors#invalid_api_key"
+        "link": "https://docs.meilisearch.com/errors#missing_master_key"
     });
-    let expected_code = 403;
+    let expected_code = 401;
 
     let (response, code) = server.add_api_key(json!({})).await;