mirror of
https://github.com/meilisearch/meilisearch.git
synced 2024-11-26 20:15:07 +08:00
allow api key in header when no master-key is set; fix #515
This commit is contained in:
parent
ef3bcd65ab
commit
8204d961de
@ -20,6 +20,10 @@ impl RequestExt for Request<Data> {
|
|||||||
fn is_allowed(&self, acl: ACL) -> SResult<()> {
|
fn is_allowed(&self, acl: ACL) -> SResult<()> {
|
||||||
let user_api_key = self.header("X-Meili-API-Key");
|
let user_api_key = self.header("X-Meili-API-Key");
|
||||||
|
|
||||||
|
if self.state().api_keys.master.is_none() {
|
||||||
|
return Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
match acl {
|
match acl {
|
||||||
ACL::Admin => {
|
ACL::Admin => {
|
||||||
if user_api_key == self.state().api_keys.master.as_deref() {
|
if user_api_key == self.state().api_keys.master.as_deref() {
|
||||||
|
Loading…
Reference in New Issue
Block a user