Merge #2922

2922: Add new error when using /keys without masterkey set r=ManyTheFish a=vishalsodani

# Pull Request

## Related issue
Fixes #2918 


Please check if your PR fulfills the following requirements:
- [x] Does this PR fix an existing issue, or have you listed the changes applied in the PR description (and why they are needed)?
- [x] Have you read the contributing guidelines?
- [x] Have you made sure that the title is accurate and descriptive of the changes?




Co-authored-by: vishalsodani <vishalsodani@rediffmail.com>

meilisearch-http/src/extractors/authentication/error.rs

@@ -9,6 +9,8 @@ pub enum AuthenticationError {
     // Triggered on configuration error.
     #[error("An internal error has occurred. `Irretrievable state`.")]
     IrretrievableState,
+    #[error("Meilisearch is running without a master key. To access this API endpoint, you must have set a master key at launch.")]
+    MissingMasterKey,
 }
 
 impl ErrorCode for AuthenticationError {
@@ -17,6 +19,7 @@ impl ErrorCode for AuthenticationError {
             AuthenticationError::MissingAuthorizationHeader => Code::MissingAuthorizationHeader,
             AuthenticationError::InvalidToken => Code::InvalidToken,
             AuthenticationError::IrretrievableState => Code::Internal,
+            AuthenticationError::MissingMasterKey => Code::MissingMasterKey,
         }
     }
 }

meilisearch-http/src/extractors/authentication/mod.rs

@@ -48,6 +48,8 @@ impl<P, D> GuardedData<P, D> {
     where
         P: Policy + 'static,
     {
+        let missing_master_key = auth.get_master_key().is_none();
+
         match Self::authenticate(auth, String::new(), None).await? {
             Some(filters) => match data {
                 Some(data) => Ok(Self {
@@ -55,8 +57,10 @@ impl<P, D> GuardedData<P, D> {
                     filters,
                     _marker: PhantomData,
                 }),
+
                 None => Err(AuthenticationError::IrretrievableState.into()),
             },
+            None if missing_master_key => Err(AuthenticationError::MissingMasterKey.into()),
             None => Err(AuthenticationError::MissingAuthorizationHeader.into()),
         }
     }

meilisearch-http/tests/auth/api_keys.rs

@@ -1403,10 +1403,10 @@ async fn error_access_api_key_routes_no_master_key_set() {
     let mut server = Server::new().await;
 
     let expected_response = json!({
-        "message": "The Authorization header is missing. It must use the bearer authorization method.",
+        "message": "Meilisearch is running without a master key. To access this API endpoint, you must have set a master key at launch.",
-        "code": "missing_authorization_header",
+        "code": "missing_master_key",
         "type": "auth",
-        "link": "https://docs.meilisearch.com/errors#missing_authorization_header"
+        "link": "https://docs.meilisearch.com/errors#missing_master_key"
     });
     let expected_code = 401;
 

meilisearch-types/src/error.rs

@@ -144,6 +144,7 @@ pub enum Code {
     InvalidStore,
     InvalidToken,
     MissingAuthorizationHeader,
+    MissingMasterKey,
     NoSpaceLeftOnDevice,
     DumpNotFound,
     TaskNotFound,
@@ -231,6 +232,9 @@ impl Code {
             MissingAuthorizationHeader => {
                 ErrCode::authentication("missing_authorization_header", StatusCode::UNAUTHORIZED)
             }
+            MissingMasterKey => {
+                ErrCode::authentication("missing_master_key", StatusCode::UNAUTHORIZED)
+            }
             TaskNotFound => ErrCode::invalid("task_not_found", StatusCode::NOT_FOUND),
             DumpNotFound => ErrCode::invalid("dump_not_found", StatusCode::NOT_FOUND),
             NoSpaceLeftOnDevice => {