diff --git a/meilisearch-auth/src/action.rs b/meilisearch-auth/src/action.rs index fab5263ec..ef11c3a00 100644 --- a/meilisearch-auth/src/action.rs +++ b/meilisearch-auth/src/action.rs @@ -8,6 +8,8 @@ pub enum Action { All = actions::ALL, #[serde(rename = "search")] Search = actions::SEARCH, + #[serde(rename = "documents.*")] + DocumentsAll = actions::DOCUMENTS_ALL, #[serde(rename = "documents.add")] DocumentsAdd = actions::DOCUMENTS_ADD, #[serde(rename = "documents.get")] @@ -50,6 +52,7 @@ impl Action { match repr { ALL => Some(Self::All), SEARCH => Some(Self::Search), + DOCUMENTS_ALL => Some(Self::DocumentsAll), DOCUMENTS_ADD => Some(Self::DocumentsAdd), DOCUMENTS_GET => Some(Self::DocumentsGet), DOCUMENTS_DELETE => Some(Self::DocumentsDelete), @@ -76,6 +79,7 @@ impl Action { match self { Self::All => ALL, Self::Search => SEARCH, + Self::DocumentsAll => DOCUMENTS_ALL, Self::DocumentsAdd => DOCUMENTS_ADD, Self::DocumentsGet => DOCUMENTS_GET, Self::DocumentsDelete => DOCUMENTS_DELETE, @@ -100,18 +104,19 @@ impl Action { pub mod actions { pub(crate) const ALL: u8 = 0; pub const SEARCH: u8 = 1; - pub const DOCUMENTS_ADD: u8 = 2; - pub const DOCUMENTS_GET: u8 = 3; - pub const DOCUMENTS_DELETE: u8 = 4; - pub const INDEXES_CREATE: u8 = 5; - pub const INDEXES_GET: u8 = 6; - pub const INDEXES_UPDATE: u8 = 7; - pub const INDEXES_DELETE: u8 = 8; - pub const TASKS_GET: u8 = 9; - pub const SETTINGS_GET: u8 = 10; - pub const SETTINGS_UPDATE: u8 = 11; - pub const STATS_GET: u8 = 12; - pub const DUMPS_CREATE: u8 = 13; + pub const DOCUMENTS_ALL: u8 = 2; + pub const DOCUMENTS_ADD: u8 = 3; + pub const DOCUMENTS_GET: u8 = 4; + pub const DOCUMENTS_DELETE: u8 = 5; + pub const INDEXES_CREATE: u8 = 6; + pub const INDEXES_GET: u8 = 7; + pub const INDEXES_UPDATE: u8 = 8; + pub const INDEXES_DELETE: u8 = 9; + pub const TASKS_GET: u8 = 10; + pub const SETTINGS_GET: u8 = 11; + pub const SETTINGS_UPDATE: u8 = 12; + pub const STATS_GET: u8 = 13; + pub const DUMPS_CREATE: u8 = 14; pub const VERSION: u8 = 15; pub const KEYS_CREATE: u8 = 16; pub const KEYS_GET: u8 = 17; diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 0355c4579..f9d6e7728 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -90,6 +90,15 @@ impl HeedAuthStore { let actions = if key.actions.contains(&Action::All) { // if key.actions contains All, we iterate over all actions. Action::into_enum_iter().collect() + } else if key.actions.contains(&Action::DocumentsAll) { + // if key.actions.contains.DocumentsAll add all actions related to documents. + let mut actions = key.actions.clone(); + actions.append(&mut vec![ + Action::DocumentsAdd, + Action::DocumentsGet, + Action::DocumentsDelete, + ]); + actions } else { key.actions.clone() }; diff --git a/meilisearch-http/tests/auth/authorization.rs b/meilisearch-http/tests/auth/authorization.rs index e5826a675..e790d1e4a 100644 --- a/meilisearch-http/tests/auth/authorization.rs +++ b/meilisearch-http/tests/auth/authorization.rs @@ -11,10 +11,10 @@ pub static AUTHORIZATIONS: Lazy hashset!{"search", "*"}, ("GET", "/indexes/products/search") => hashset!{"search", "*"}, - ("POST", "/indexes/products/documents") => hashset!{"documents.add", "*"}, - ("GET", "/indexes/products/documents") => hashset!{"documents.get", "*"}, - ("GET", "/indexes/products/documents/0") => hashset!{"documents.get", "*"}, - ("DELETE", "/indexes/products/documents/0") => hashset!{"documents.delete", "*"}, + ("POST", "/indexes/products/documents") => hashset!{"documents.add", "documents.*", "*"}, + ("GET", "/indexes/products/documents") => hashset!{"documents.get", "documents.*", "*"}, + ("GET", "/indexes/products/documents/0") => hashset!{"documents.get", "documents.*", "*"}, + ("DELETE", "/indexes/products/documents/0") => hashset!{"documents.delete", "documents.*", "*"}, ("GET", "/tasks") => hashset!{"tasks.get", "*"}, ("GET", "/tasks?indexUid=products") => hashset!{"tasks.get", "*"}, ("GET", "/tasks/0") => hashset!{"tasks.get", "*"},