mirror of
https://github.com/meilisearch/meilisearch.git
synced 2024-12-02 10:05:05 +08:00
Added and modified the current API Key and Tenant Token tests
This commit is contained in:
parent
7b4b57ecc8
commit
c690c4fec4
@ -82,6 +82,11 @@ static ACCEPTED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
|
|||||||
"actions": ["search"],
|
"actions": ["search"],
|
||||||
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
||||||
}),
|
}),
|
||||||
|
json!({
|
||||||
|
"indexes": ["sal*", "prod*"],
|
||||||
|
"actions": ["search"],
|
||||||
|
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
||||||
|
}),
|
||||||
]
|
]
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -104,6 +109,11 @@ static REFUSED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
|
|||||||
"actions": ["*"],
|
"actions": ["*"],
|
||||||
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
||||||
}),
|
}),
|
||||||
|
json!({
|
||||||
|
"indexes": ["prod*", "p*"],
|
||||||
|
"actions": ["*"],
|
||||||
|
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
|
||||||
|
}),
|
||||||
json!({
|
json!({
|
||||||
"indexes": ["products"],
|
"indexes": ["products"],
|
||||||
"actions": ["search"],
|
"actions": ["search"],
|
||||||
@ -245,6 +255,10 @@ async fn search_authorized_simple_token() {
|
|||||||
"searchRules" => json!(["sales"]),
|
"searchRules" => json!(["sales"]),
|
||||||
"exp" => Value::Null
|
"exp" => Value::Null
|
||||||
},
|
},
|
||||||
|
hashmap! {
|
||||||
|
"searchRules" => json!(["sa*"]),
|
||||||
|
"exp" => Value::Null
|
||||||
|
},
|
||||||
];
|
];
|
||||||
|
|
||||||
compute_authorized_search!(tenant_tokens, {}, 5);
|
compute_authorized_search!(tenant_tokens, {}, 5);
|
||||||
@ -351,11 +365,19 @@ async fn filter_search_authorized_filter_token() {
|
|||||||
}),
|
}),
|
||||||
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
||||||
},
|
},
|
||||||
|
hashmap! {
|
||||||
|
"searchRules" => json!({
|
||||||
|
"*": {},
|
||||||
|
"sal*": {"filter": ["color = blue"]}
|
||||||
|
}),
|
||||||
|
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
||||||
|
},
|
||||||
];
|
];
|
||||||
|
|
||||||
compute_authorized_search!(tenant_tokens, "color = yellow", 1);
|
compute_authorized_search!(tenant_tokens, "color = yellow", 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Tests that those Tenant Token are incompatible with the REFUSED_KEYS defined above.
|
||||||
#[actix_rt::test]
|
#[actix_rt::test]
|
||||||
async fn error_search_token_forbidden_parent_key() {
|
async fn error_search_token_forbidden_parent_key() {
|
||||||
let tenant_tokens = vec![
|
let tenant_tokens = vec![
|
||||||
@ -383,6 +405,10 @@ async fn error_search_token_forbidden_parent_key() {
|
|||||||
"searchRules" => json!(["sales"]),
|
"searchRules" => json!(["sales"]),
|
||||||
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
||||||
},
|
},
|
||||||
|
hashmap! {
|
||||||
|
"searchRules" => json!(["sali*", "s*", "sales*"]),
|
||||||
|
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
|
||||||
|
},
|
||||||
];
|
];
|
||||||
|
|
||||||
compute_forbidden_search!(tenant_tokens, REFUSED_KEYS);
|
compute_forbidden_search!(tenant_tokens, REFUSED_KEYS);
|
||||||
|
Loading…
Reference in New Issue
Block a user