ensure the index_uid is valid when creating an index

This commit is contained in:
Irevoire 2022-10-22 14:47:46 +02:00 committed by Clément Renault
parent 9bb2e3c790
commit b3265a8e1f
No known key found for this signature in database
GPG Key ID: 92ADA4E935E71FA4

View File

@ -3,6 +3,7 @@ use actix_web::{web, HttpRequest, HttpResponse};
use index_scheduler::{IndexScheduler, Query}; use index_scheduler::{IndexScheduler, Query};
use log::debug; use log::debug;
use meilisearch_types::error::ResponseError; use meilisearch_types::error::ResponseError;
use meilisearch_types::index_uid::IndexUid;
use meilisearch_types::milli::{self, FieldDistribution, Index}; use meilisearch_types::milli::{self, FieldDistribution, Index};
use meilisearch_types::tasks::{KindWithContent, Status}; use meilisearch_types::tasks::{KindWithContent, Status};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
@ -95,6 +96,7 @@ pub async fn create_index(
analytics: web::Data<dyn Analytics>, analytics: web::Data<dyn Analytics>,
) -> Result<HttpResponse, ResponseError> { ) -> Result<HttpResponse, ResponseError> {
let IndexCreateRequest { primary_key, uid } = body.into_inner(); let IndexCreateRequest { primary_key, uid } = body.into_inner();
let uid = IndexUid::try_from(uid)?.into_inner();
let allow_index_creation = index_scheduler.filters().search_rules.is_index_authorized(&uid); let allow_index_creation = index_scheduler.filters().search_rules.is_index_authorized(&uid);
if allow_index_creation { if allow_index_creation {