mirror of
https://github.com/meilisearch/meilisearch.git
synced 2025-01-18 17:08:26 +08:00
Merge #2525
2525: Auth: Provide all document related permissions for action document.* r=Kerollmops a=janithpet Added a `Action::DocumentsAll` identifier as [suggested](https://github.com/meilisearch/meilisearch/issues/2080#issuecomment-1022952486), along with the other necessary changes in `action.rs`. Inside `store.rs`, added an extra condition in `HeedAuthStore::put_api_key` to append all document related permissions if `key.actions.contains(&DocumentsAll)`. Updated the tests as [suggested](https://github.com/meilisearch/meilisearch/issues/2080#issuecomment-1022952486). I am quite new to Rust, so please let me know if I had made any mistakes; have I written the code in the most idiomatic/efficient way? I am aware that the way I append the document permissions could create duplicates in the `actions` vector, but I am not sure how fix that in a simple way (other than using other dependencies like [itertools](https://github.com/rust-itertools/itertools), for example). ## What does this PR do? Fixes #2080 ## PR checklist Please check if your PR fulfills the following requirements: - [ ] Does this PR fix an existing issue? - [ x] Have you read the contributing guidelines? - [ x] Have you made sure that the title is accurate and descriptive of the changes? Thank you so much for contributing to Meilisearch! Co-authored-by: janithPet <jpetangoda@gmail.com>
This commit is contained in:
commit
4862993482
@ -8,6 +8,8 @@ pub enum Action {
|
||||
All = actions::ALL,
|
||||
#[serde(rename = "search")]
|
||||
Search = actions::SEARCH,
|
||||
#[serde(rename = "documents.*")]
|
||||
DocumentsAll = actions::DOCUMENTS_ALL,
|
||||
#[serde(rename = "documents.add")]
|
||||
DocumentsAdd = actions::DOCUMENTS_ADD,
|
||||
#[serde(rename = "documents.get")]
|
||||
@ -50,6 +52,7 @@ impl Action {
|
||||
match repr {
|
||||
ALL => Some(Self::All),
|
||||
SEARCH => Some(Self::Search),
|
||||
DOCUMENTS_ALL => Some(Self::DocumentsAll),
|
||||
DOCUMENTS_ADD => Some(Self::DocumentsAdd),
|
||||
DOCUMENTS_GET => Some(Self::DocumentsGet),
|
||||
DOCUMENTS_DELETE => Some(Self::DocumentsDelete),
|
||||
@ -76,6 +79,7 @@ impl Action {
|
||||
match self {
|
||||
Self::All => ALL,
|
||||
Self::Search => SEARCH,
|
||||
Self::DocumentsAll => DOCUMENTS_ALL,
|
||||
Self::DocumentsAdd => DOCUMENTS_ADD,
|
||||
Self::DocumentsGet => DOCUMENTS_GET,
|
||||
Self::DocumentsDelete => DOCUMENTS_DELETE,
|
||||
@ -100,18 +104,19 @@ impl Action {
|
||||
pub mod actions {
|
||||
pub(crate) const ALL: u8 = 0;
|
||||
pub const SEARCH: u8 = 1;
|
||||
pub const DOCUMENTS_ADD: u8 = 2;
|
||||
pub const DOCUMENTS_GET: u8 = 3;
|
||||
pub const DOCUMENTS_DELETE: u8 = 4;
|
||||
pub const INDEXES_CREATE: u8 = 5;
|
||||
pub const INDEXES_GET: u8 = 6;
|
||||
pub const INDEXES_UPDATE: u8 = 7;
|
||||
pub const INDEXES_DELETE: u8 = 8;
|
||||
pub const TASKS_GET: u8 = 9;
|
||||
pub const SETTINGS_GET: u8 = 10;
|
||||
pub const SETTINGS_UPDATE: u8 = 11;
|
||||
pub const STATS_GET: u8 = 12;
|
||||
pub const DUMPS_CREATE: u8 = 13;
|
||||
pub const DOCUMENTS_ALL: u8 = 2;
|
||||
pub const DOCUMENTS_ADD: u8 = 3;
|
||||
pub const DOCUMENTS_GET: u8 = 4;
|
||||
pub const DOCUMENTS_DELETE: u8 = 5;
|
||||
pub const INDEXES_CREATE: u8 = 6;
|
||||
pub const INDEXES_GET: u8 = 7;
|
||||
pub const INDEXES_UPDATE: u8 = 8;
|
||||
pub const INDEXES_DELETE: u8 = 9;
|
||||
pub const TASKS_GET: u8 = 10;
|
||||
pub const SETTINGS_GET: u8 = 11;
|
||||
pub const SETTINGS_UPDATE: u8 = 12;
|
||||
pub const STATS_GET: u8 = 13;
|
||||
pub const DUMPS_CREATE: u8 = 14;
|
||||
pub const VERSION: u8 = 15;
|
||||
pub const KEYS_CREATE: u8 = 16;
|
||||
pub const KEYS_GET: u8 = 17;
|
||||
|
@ -90,6 +90,15 @@ impl HeedAuthStore {
|
||||
let actions = if key.actions.contains(&Action::All) {
|
||||
// if key.actions contains All, we iterate over all actions.
|
||||
Action::into_enum_iter().collect()
|
||||
} else if key.actions.contains(&Action::DocumentsAll) {
|
||||
// if key.actions.contains.DocumentsAll add all actions related to documents.
|
||||
let mut actions = key.actions.clone();
|
||||
actions.append(&mut vec![
|
||||
Action::DocumentsAdd,
|
||||
Action::DocumentsGet,
|
||||
Action::DocumentsDelete,
|
||||
]);
|
||||
actions
|
||||
} else {
|
||||
key.actions.clone()
|
||||
};
|
||||
|
@ -11,10 +11,10 @@ pub static AUTHORIZATIONS: Lazy<HashMap<(&'static str, &'static str), HashSet<&'
|
||||
hashmap! {
|
||||
("POST", "/indexes/products/search") => hashset!{"search", "*"},
|
||||
("GET", "/indexes/products/search") => hashset!{"search", "*"},
|
||||
("POST", "/indexes/products/documents") => hashset!{"documents.add", "*"},
|
||||
("GET", "/indexes/products/documents") => hashset!{"documents.get", "*"},
|
||||
("GET", "/indexes/products/documents/0") => hashset!{"documents.get", "*"},
|
||||
("DELETE", "/indexes/products/documents/0") => hashset!{"documents.delete", "*"},
|
||||
("POST", "/indexes/products/documents") => hashset!{"documents.add", "documents.*", "*"},
|
||||
("GET", "/indexes/products/documents") => hashset!{"documents.get", "documents.*", "*"},
|
||||
("GET", "/indexes/products/documents/0") => hashset!{"documents.get", "documents.*", "*"},
|
||||
("DELETE", "/indexes/products/documents/0") => hashset!{"documents.delete", "documents.*", "*"},
|
||||
("GET", "/tasks") => hashset!{"tasks.get", "*"},
|
||||
("GET", "/tasks?indexUid=products") => hashset!{"tasks.get", "*"},
|
||||
("GET", "/tasks/0") => hashset!{"tasks.get", "*"},
|
||||
|
Loading…
Reference in New Issue
Block a user