mirror of
https://github.com/meilisearch/meilisearch.git
synced 2024-11-23 10:37:41 +08:00
allow api key in header when no master-key is set; fix #515
This commit is contained in:
parent
ef3bcd65ab
commit
8204d961de
@ -20,6 +20,10 @@ impl RequestExt for Request<Data> {
|
||||
fn is_allowed(&self, acl: ACL) -> SResult<()> {
|
||||
let user_api_key = self.header("X-Meili-API-Key");
|
||||
|
||||
if self.state().api_keys.master.is_none() {
|
||||
return Ok(())
|
||||
}
|
||||
|
||||
match acl {
|
||||
ACL::Admin => {
|
||||
if user_api_key == self.state().api_keys.master.as_deref() {
|
||||
|
Loading…
Reference in New Issue
Block a user