snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2024-11-22 18:17:39 +08:00
Code Issues Actions 9 Packages Projects Releases Wiki Activity

fix checking of master key as per review comment

Browse Source
This commit is contained in:
vishalsodani 2022-10-27 12:56:18 +05:30
parent f0ecacb58d
commit 9cf3ff72a3
2 changed files with 13 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
meilisearch-auth/src/lib.rs
View File

@ -173,28 +173,13 @@ impl AuthController {
pub struct AuthFilter { pub struct AuthFilter {
pub search_rules: SearchRules, pub search_rules: SearchRules,
pub allow_index_creation: bool, pub allow_index_creation: bool,
master_key_missing: bool,
} }
impl AuthFilter {
pub fn with_no_master_key() -> AuthFilter {
AuthFilter {
search_rules: SearchRules::default(),
allow_index_creation: true,
master_key_missing: true,
}
}
pub fn is_missing_master_key(&self) -> bool {
self.master_key_missing
}
}
impl Default for AuthFilter { impl Default for AuthFilter {
fn default() -> Self { fn default() -> Self {
Self { Self {
search_rules: SearchRules::default(), search_rules: SearchRules::default(),
allow_index_creation: true, allow_index_creation: true,
master_key_missing: false,
} }
} }
} }

28
meilisearch-http/src/extractors/authentication/mod.rs
View File

@ -48,22 +48,23 @@ impl<P, D> GuardedData<P, D> {
where where
P: Policy + 'static, P: Policy + 'static,
{ {
let auth_clone = auth.clone();
let master_key: Option<&String> = auth_clone.get_master_key();
match Self::authenticate(auth, String::new(), None).await? { match Self::authenticate(auth, String::new(), None).await? {
Some(filters) => match data { Some(filters) => match data {
Some(data) => { Some(data) => Ok(Self {
if filters.is_missing_master_key() { data,
Err(AuthenticationError::MissingMasterKey.into()) filters,
} else { _marker: PhantomData,
Ok(Self { }),
data,
filters,
_marker: PhantomData,
})
}
}
None => Err(AuthenticationError::IrretrievableState.into()), None => Err(AuthenticationError::IrretrievableState.into()),
}, },
None => Err(AuthenticationError::MissingAuthorizationHeader.into()), None => match master_key {
Some(_) => Err(AuthenticationError::MissingAuthorizationHeader.into()),
None => Err(AuthenticationError::MissingMasterKey.into()),
},
} }
} }
@ -177,9 +178,6 @@ pub mod policies {
token: &str, token: &str,
index: Option<&str>, index: Option<&str>,
) -> Option<AuthFilter> { ) -> Option<AuthFilter> {
if auth.get_master_key().is_none() && is_keys_action(A) {
return Some(AuthFilter::with_no_master_key());
}
// authenticate if token is the master key. // authenticate if token is the master key.
// master key can only have access to keys routes. // master key can only have access to keys routes.
// if master key is None only keys routes are inaccessible. // if master key is None only keys routes are inaccessible.