2475: feat(auth): Paginate API keys listing r=irevoire a=ManyTheFish

- [x] Update tests
- [x] Use Pagination helpers to paginate API keys (thanks to `@irevoire)`

fixes #2442


Co-authored-by: ManyTheFish <many@meilisearch.com>
This commit is contained in:
bors[bot] 2022-06-07 15:42:02 +00:00 committed by GitHub
commit 1968950b0f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 54 additions and 59 deletions

View File

@ -1,18 +1,19 @@
use std::str; use std::str;
use uuid::Uuid;
use actix_web::{web, HttpRequest, HttpResponse}; use actix_web::{web, HttpRequest, HttpResponse};
use meilisearch_auth::{error::AuthControllerError, Action, AuthController, Key};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::Value; use serde_json::Value;
use time::OffsetDateTime; use time::OffsetDateTime;
use uuid::Uuid;
use meilisearch_auth::{error::AuthControllerError, Action, AuthController, Key};
use meilisearch_error::{Code, ResponseError};
use crate::extractors::{ use crate::extractors::{
authentication::{policies::*, GuardedData}, authentication::{policies::*, GuardedData},
sequential_extractor::SeqHandler, sequential_extractor::SeqHandler,
}; };
use meilisearch_error::{Code, ResponseError}; use crate::routes::Pagination;
pub fn configure(cfg: &mut web::ServiceConfig) { pub fn configure(cfg: &mut web::ServiceConfig) {
cfg.service( cfg.service(
@ -46,20 +47,21 @@ pub async fn create_api_key(
pub async fn list_api_keys( pub async fn list_api_keys(
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>, auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>,
_req: HttpRequest, paginate: web::Query<Pagination>,
) -> Result<HttpResponse, ResponseError> { ) -> Result<HttpResponse, ResponseError> {
let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> { let page_view = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
let keys = auth_controller.list_keys()?; let keys = auth_controller.list_keys()?;
let res: Vec<_> = keys let page_view = paginate.auto_paginate_sized(
.into_iter() keys.into_iter()
.map(|k| KeyView::from_key(k, &auth_controller)) .map(|k| KeyView::from_key(k, &auth_controller)),
.collect(); );
Ok(res)
Ok(page_view)
}) })
.await .await
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??; .map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
Ok(HttpResponse::Ok().json(KeyListView::from(res))) Ok(HttpResponse::Ok().json(page_view))
} }
pub async fn get_api_key( pub async fn get_api_key(
@ -156,14 +158,3 @@ impl KeyView {
} }
} }
} }
#[derive(Debug, Serialize)]
struct KeyListView {
results: Vec<KeyView>,
}
impl From<Vec<KeyView>> for KeyListView {
fn from(results: Vec<KeyView>) -> Self {
Self { results }
}
}

View File

@ -673,42 +673,46 @@ async fn list_api_keys() {
assert_eq!(200, code, "{:?}", &response); assert_eq!(200, code, "{:?}", &response);
let expected_response = json!({ "results": let expected_response = json!({ "results":
[ [
{ {
"description": "Indexing API key", "description": "Indexing API key",
"indexes": ["products"], "indexes": ["products"],
"actions": [ "actions": [
"search", "search",
"documents.add", "documents.add",
"documents.get", "documents.get",
"documents.delete", "documents.delete",
"indexes.create", "indexes.create",
"indexes.get", "indexes.get",
"indexes.update", "indexes.update",
"indexes.delete", "indexes.delete",
"tasks.get", "tasks.get",
"settings.get", "settings.get",
"settings.update", "settings.update",
"stats.get", "stats.get",
"dumps.create", "dumps.create",
], ],
"expiresAt": "2050-11-13T00:00:00Z" "expiresAt": "2050-11-13T00:00:00Z"
}, },
{ {
"name": "Default Search API Key", "name": "Default Search API Key",
"description": "Use it to search from the frontend", "description": "Use it to search from the frontend",
"indexes": ["*"], "indexes": ["*"],
"actions": ["search"], "actions": ["search"],
"expiresAt": serde_json::Value::Null, "expiresAt": serde_json::Value::Null,
}, },
{ {
"name": "Default Admin API Key", "name": "Default Admin API Key",
"description": "Use it for anything that is not a search operation. Caution! Do not expose it on a public frontend", "description": "Use it for anything that is not a search operation. Caution! Do not expose it on a public frontend",
"indexes": ["*"], "indexes": ["*"],
"actions": ["*"], "actions": ["*"],
"expiresAt": serde_json::Value::Null, "expiresAt": serde_json::Value::Null,
} }
]}); ],
"limit": 20,
"offset": 0,
"total": 3,
});
assert_json_include!(actual: response, expected: expected_response); assert_json_include!(actual: response, expected: expected_response);
} }