mirror of
https://github.com/meilisearch/meilisearch.git
synced 2024-11-26 03:55:07 +08:00
Hide secrets in settings and task queue
This commit is contained in:
parent
817ccc089a
commit
f82d056072
@ -920,7 +920,11 @@ impl IndexScheduler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 3.2. Dump the settings
|
// 3.2. Dump the settings
|
||||||
let settings = meilisearch_types::settings::settings(index, &rtxn)?;
|
let settings = meilisearch_types::settings::settings(
|
||||||
|
index,
|
||||||
|
&rtxn,
|
||||||
|
meilisearch_types::settings::SecretPolicy::RevealSecrets,
|
||||||
|
)?;
|
||||||
index_dumper.settings(&settings)?;
|
index_dumper.settings(&settings)?;
|
||||||
Ok(())
|
Ok(())
|
||||||
})?;
|
})?;
|
||||||
|
@ -211,6 +211,43 @@ pub struct Settings<T> {
|
|||||||
pub _kind: PhantomData<T>,
|
pub _kind: PhantomData<T>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl<T> Settings<T> {
|
||||||
|
pub fn hide_secrets(&mut self) {
|
||||||
|
let Setting::Set(embedders) = &mut self.embedders else {
|
||||||
|
return;
|
||||||
|
};
|
||||||
|
|
||||||
|
for mut embedder in embedders.values_mut() {
|
||||||
|
let Setting::Set(embedder) = &mut embedder else {
|
||||||
|
continue;
|
||||||
|
};
|
||||||
|
|
||||||
|
let Setting::Set(api_key) = &mut embedder.api_key else {
|
||||||
|
continue;
|
||||||
|
};
|
||||||
|
|
||||||
|
Self::hide_secret(api_key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
fn hide_secret(secret: &mut String) {
|
||||||
|
match secret.len() {
|
||||||
|
x if x < 10 => {
|
||||||
|
secret.replace_range(.., "XXX...");
|
||||||
|
}
|
||||||
|
x if x < 20 => {
|
||||||
|
secret.replace_range(2.., "XXXX...");
|
||||||
|
}
|
||||||
|
x if x < 30 => {
|
||||||
|
secret.replace_range(3.., "XXXXX...");
|
||||||
|
}
|
||||||
|
_x => {
|
||||||
|
secret.replace_range(5.., "XXXXXX...");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
impl Settings<Checked> {
|
impl Settings<Checked> {
|
||||||
pub fn cleared() -> Settings<Checked> {
|
pub fn cleared() -> Settings<Checked> {
|
||||||
Settings {
|
Settings {
|
||||||
@ -555,9 +592,15 @@ pub fn apply_settings_to_builder(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub enum SecretPolicy {
|
||||||
|
RevealSecrets,
|
||||||
|
HideSecrets,
|
||||||
|
}
|
||||||
|
|
||||||
pub fn settings(
|
pub fn settings(
|
||||||
index: &Index,
|
index: &Index,
|
||||||
rtxn: &crate::heed::RoTxn,
|
rtxn: &crate::heed::RoTxn,
|
||||||
|
secret_policy: SecretPolicy,
|
||||||
) -> Result<Settings<Checked>, milli::Error> {
|
) -> Result<Settings<Checked>, milli::Error> {
|
||||||
let displayed_attributes =
|
let displayed_attributes =
|
||||||
index.displayed_fields(rtxn)?.map(|fields| fields.into_iter().map(String::from).collect());
|
index.displayed_fields(rtxn)?.map(|fields| fields.into_iter().map(String::from).collect());
|
||||||
@ -643,7 +686,7 @@ pub fn settings(
|
|||||||
|
|
||||||
let search_cutoff_ms = index.search_cutoff(rtxn)?;
|
let search_cutoff_ms = index.search_cutoff(rtxn)?;
|
||||||
|
|
||||||
Ok(Settings {
|
let mut settings = Settings {
|
||||||
displayed_attributes: match displayed_attributes {
|
displayed_attributes: match displayed_attributes {
|
||||||
Some(attrs) => Setting::Set(attrs),
|
Some(attrs) => Setting::Set(attrs),
|
||||||
None => Setting::Reset,
|
None => Setting::Reset,
|
||||||
@ -674,7 +717,13 @@ pub fn settings(
|
|||||||
None => Setting::Reset,
|
None => Setting::Reset,
|
||||||
},
|
},
|
||||||
_kind: PhantomData,
|
_kind: PhantomData,
|
||||||
})
|
};
|
||||||
|
|
||||||
|
if let SecretPolicy::HideSecrets = secret_policy {
|
||||||
|
settings.hide_secrets()
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(settings)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Clone, PartialEq, Eq, Deserr)]
|
#[derive(Debug, Clone, PartialEq, Eq, Deserr)]
|
||||||
|
@ -86,7 +86,8 @@ impl From<Details> for DetailsView {
|
|||||||
..DetailsView::default()
|
..DetailsView::default()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Details::SettingsUpdate { settings } => {
|
Details::SettingsUpdate { mut settings } => {
|
||||||
|
settings.hide_secrets();
|
||||||
DetailsView { settings: Some(settings), ..DetailsView::default() }
|
DetailsView { settings: Some(settings), ..DetailsView::default() }
|
||||||
}
|
}
|
||||||
Details::IndexInfo { primary_key } => {
|
Details::IndexInfo { primary_key } => {
|
||||||
|
@ -7,7 +7,7 @@ use meilisearch_types::error::ResponseError;
|
|||||||
use meilisearch_types::facet_values_sort::FacetValuesSort;
|
use meilisearch_types::facet_values_sort::FacetValuesSort;
|
||||||
use meilisearch_types::index_uid::IndexUid;
|
use meilisearch_types::index_uid::IndexUid;
|
||||||
use meilisearch_types::milli::update::Setting;
|
use meilisearch_types::milli::update::Setting;
|
||||||
use meilisearch_types::settings::{settings, RankingRuleView, Settings, Unchecked};
|
use meilisearch_types::settings::{settings, RankingRuleView, SecretPolicy, Settings, Unchecked};
|
||||||
use meilisearch_types::tasks::KindWithContent;
|
use meilisearch_types::tasks::KindWithContent;
|
||||||
use serde_json::json;
|
use serde_json::json;
|
||||||
use tracing::debug;
|
use tracing::debug;
|
||||||
@ -134,7 +134,7 @@ macro_rules! make_setting_route {
|
|||||||
|
|
||||||
let index = index_scheduler.index(&index_uid)?;
|
let index = index_scheduler.index(&index_uid)?;
|
||||||
let rtxn = index.read_txn()?;
|
let rtxn = index.read_txn()?;
|
||||||
let settings = settings(&index, &rtxn)?;
|
let settings = settings(&index, &rtxn, meilisearch_types::settings::SecretPolicy::HideSecrets)?;
|
||||||
|
|
||||||
debug!(returns = ?settings, "Update settings");
|
debug!(returns = ?settings, "Update settings");
|
||||||
let mut json = serde_json::json!(&settings);
|
let mut json = serde_json::json!(&settings);
|
||||||
@ -819,7 +819,7 @@ pub async fn get_all(
|
|||||||
|
|
||||||
let index = index_scheduler.index(&index_uid)?;
|
let index = index_scheduler.index(&index_uid)?;
|
||||||
let rtxn = index.read_txn()?;
|
let rtxn = index.read_txn()?;
|
||||||
let new_settings = settings(&index, &rtxn)?;
|
let new_settings = settings(&index, &rtxn, SecretPolicy::HideSecrets)?;
|
||||||
debug!(returns = ?new_settings, "Get all settings");
|
debug!(returns = ?new_settings, "Get all settings");
|
||||||
Ok(HttpResponse::Ok().json(new_settings))
|
Ok(HttpResponse::Ok().json(new_settings))
|
||||||
}
|
}
|
||||||
|
@ -291,7 +291,11 @@ fn export_a_dump(
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 4.2. Dump the settings
|
// 4.2. Dump the settings
|
||||||
let settings = meilisearch_types::settings::settings(&index, &rtxn)?;
|
let settings = meilisearch_types::settings::settings(
|
||||||
|
&index,
|
||||||
|
&rtxn,
|
||||||
|
meilisearch_types::settings::SecretPolicy::RevealSecrets,
|
||||||
|
)?;
|
||||||
index_dumper.settings(&settings)?;
|
index_dumper.settings(&settings)?;
|
||||||
count += 1;
|
count += 1;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user