fix checking of master key as per review comment

2024-11-22 18:17:39 +08:00 · 2022-10-27 12:56:18 +05:30 · 2022-10-27 12:56:18 +05:30 · 9cf3ff72a3
commit 9cf3ff72a3
parent f0ecacb58d
2 changed files with 13 additions and 30 deletions
--- a/meilisearch-auth/src/lib.rs
+++ b/meilisearch-auth/src/lib.rs
@ -173,28 +173,13 @@ impl AuthController {
 pub struct AuthFilter {
    pub search_rules: SearchRules,
    pub allow_index_creation: bool,
-    master_key_missing: bool,
 }

-impl AuthFilter {
-    pub fn with_no_master_key() -> AuthFilter {
-        AuthFilter {
-            search_rules: SearchRules::default(),
-            allow_index_creation: true,
-            master_key_missing: true,
-        }
-    }
-
-    pub fn is_missing_master_key(&self) -> bool {
-        self.master_key_missing
-    }
-}
 impl Default for AuthFilter {
    fn default() -> Self {
        Self {
            search_rules: SearchRules::default(),
            allow_index_creation: true,
-            master_key_missing: false,
        }
    }
 }
--- a/meilisearch-http/src/extractors/authentication/mod.rs
+++ b/meilisearch-http/src/extractors/authentication/mod.rs
@ -48,22 +48,23 @@ impl<P, D> GuardedData<P, D> {
    where
        P: Policy + 'static,
    {
+        let auth_clone = auth.clone();
+        let master_key: Option<&String> = auth_clone.get_master_key();
+
        match Self::authenticate(auth, String::new(), None).await? {
            Some(filters) => match data {
-                Some(data) => {
-                    if filters.is_missing_master_key() {
-                        Err(AuthenticationError::MissingMasterKey.into())
-                    } else {
-                        Ok(Self {
-                            data,
-                            filters,
-                            _marker: PhantomData,
-                        })
-                    }
-                }
+                Some(data) => Ok(Self {
+                    data,
+                    filters,
+                    _marker: PhantomData,
+                }),
+
                None => Err(AuthenticationError::IrretrievableState.into()),
            },
-            None => Err(AuthenticationError::MissingAuthorizationHeader.into()),
+            None => match master_key {
+                Some(_) => Err(AuthenticationError::MissingAuthorizationHeader.into()),
+                None => Err(AuthenticationError::MissingMasterKey.into()),
+            },
        }
    }

@ -177,9 +178,6 @@ pub mod policies {
            token: &str,
            index: Option<&str>,
        ) -> Option<AuthFilter> {
-            if auth.get_master_key().is_none() && is_keys_action(A) {
-                return Some(AuthFilter::with_no_master_key());
-            }
            // authenticate if token is the master key.
            // master key can only have access to keys routes.
            // if master key is None only keys routes are inaccessible.