snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2024-11-30 00:55:00 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Added and modified the current API Key and Tenant Token tests

Browse Source
This commit is contained in:
Kerollmops 2023-02-08 18:19:51 +01:00 committed by Clément Renault
parent 7b4b57ecc8
commit c690c4fec4
No known key found for this signature in database
GPG Key ID: 92ADA4E935E71FA4
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
meilisearch/tests/auth/tenant_token.rs
View File

@ -82,6 +82,11 @@ static ACCEPTED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
"actions": ["search"], "actions": ["search"],
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap() "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
}), }),
json!({
"indexes": ["sal*", "prod*"],
"actions": ["search"],
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
}),
] ]
}); });
@ -104,6 +109,11 @@ static REFUSED_KEYS: Lazy<Vec<Value>> = Lazy::new(|| {
"actions": ["*"], "actions": ["*"],
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap() "expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
}), }),
json!({
"indexes": ["prod*", "p*"],
"actions": ["*"],
"expiresAt": (OffsetDateTime::now_utc() + Duration::days(1)).format(&Rfc3339).unwrap()
}),
json!({ json!({
"indexes": ["products"], "indexes": ["products"],
"actions": ["search"], "actions": ["search"],
@ -245,6 +255,10 @@ async fn search_authorized_simple_token() {
"searchRules" => json!(["sales"]), "searchRules" => json!(["sales"]),
"exp" => Value::Null "exp" => Value::Null
}, },
hashmap! {
"searchRules" => json!(["sa*"]),
"exp" => Value::Null
},
]; ];
compute_authorized_search!(tenant_tokens, {}, 5); compute_authorized_search!(tenant_tokens, {}, 5);
@ -351,11 +365,19 @@ async fn filter_search_authorized_filter_token() {
}), }),
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp()) "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
}, },
hashmap! {
"searchRules" => json!({
"*": {},
"sal*": {"filter": ["color = blue"]}
}),
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
},
]; ];
compute_authorized_search!(tenant_tokens, "color = yellow", 1); compute_authorized_search!(tenant_tokens, "color = yellow", 1);
} }
/// Tests that those Tenant Token are incompatible with the REFUSED_KEYS defined above.
#[actix_rt::test] #[actix_rt::test]
async fn error_search_token_forbidden_parent_key() { async fn error_search_token_forbidden_parent_key() {
let tenant_tokens = vec![ let tenant_tokens = vec![
@ -383,6 +405,10 @@ async fn error_search_token_forbidden_parent_key() {
"searchRules" => json!(["sales"]), "searchRules" => json!(["sales"]),
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp()) "exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
}, },
hashmap! {
"searchRules" => json!(["sali*", "s*", "sales*"]),
"exp" => json!((OffsetDateTime::now_utc() + Duration::hours(1)).unix_timestamp())
},
]; ];
compute_forbidden_search!(tenant_tokens, REFUSED_KEYS); compute_forbidden_search!(tenant_tokens, REFUSED_KEYS);