2021-11-08 18:31:27 +01:00
|
|
|
use std::str;
|
2022-05-25 10:32:47 +02:00
|
|
|
use uuid::Uuid;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
use actix_web::{web, HttpRequest, HttpResponse};
|
2022-01-04 14:10:30 +01:00
|
|
|
|
2022-03-02 18:22:34 +01:00
|
|
|
use meilisearch_auth::{error::AuthControllerError, Action, AuthController, Key};
|
2021-11-08 18:31:27 +01:00
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
|
use serde_json::Value;
|
2022-02-14 15:32:41 +01:00
|
|
|
use time::OffsetDateTime;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
2022-03-04 20:12:44 +01:00
|
|
|
use crate::extractors::{
|
|
|
|
|
authentication::{policies::*, GuardedData},
|
|
|
|
|
sequential_extractor::SeqHandler,
|
|
|
|
|
};
|
2022-03-02 18:22:34 +01:00
|
|
|
use meilisearch_error::{Code, ResponseError};
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
pub fn configure(cfg: &mut web::ServiceConfig) {
|
|
|
|
|
cfg.service(
|
|
|
|
|
web::resource("")
|
2022-03-04 20:12:44 +01:00
|
|
|
.route(web::post().to(SeqHandler(create_api_key)))
|
|
|
|
|
.route(web::get().to(SeqHandler(list_api_keys))),
|
2021-11-08 18:31:27 +01:00
|
|
|
)
|
|
|
|
|
.service(
|
2022-05-25 10:32:47 +02:00
|
|
|
web::resource("/{key}")
|
2022-03-04 20:12:44 +01:00
|
|
|
.route(web::get().to(SeqHandler(get_api_key)))
|
|
|
|
|
.route(web::patch().to(SeqHandler(patch_api_key)))
|
|
|
|
|
.route(web::delete().to(SeqHandler(delete_api_key))),
|
2021-11-08 18:31:27 +01:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub async fn create_api_key(
|
2022-05-25 15:25:57 +02:00
|
|
|
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_CREATE }>, AuthController>,
|
2021-11-08 18:31:27 +01:00
|
|
|
body: web::Json<Value>,
|
|
|
|
|
_req: HttpRequest,
|
|
|
|
|
) -> Result<HttpResponse, ResponseError> {
|
2022-03-02 18:22:34 +01:00
|
|
|
let v = body.into_inner();
|
|
|
|
|
let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
|
|
|
|
|
let key = auth_controller.create_key(v)?;
|
|
|
|
|
Ok(KeyView::from_key(key, &auth_controller))
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
Ok(HttpResponse::Created().json(res))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub async fn list_api_keys(
|
2022-05-25 15:25:57 +02:00
|
|
|
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>,
|
2021-11-08 18:31:27 +01:00
|
|
|
_req: HttpRequest,
|
|
|
|
|
) -> Result<HttpResponse, ResponseError> {
|
2022-03-02 18:22:34 +01:00
|
|
|
let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
|
|
|
|
|
let keys = auth_controller.list_keys()?;
|
|
|
|
|
let res: Vec<_> = keys
|
|
|
|
|
.into_iter()
|
|
|
|
|
.map(|k| KeyView::from_key(k, &auth_controller))
|
|
|
|
|
.collect();
|
|
|
|
|
Ok(res)
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
2022-01-04 14:10:30 +01:00
|
|
|
Ok(HttpResponse::Ok().json(KeyListView::from(res)))
|
2021-11-08 18:31:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub async fn get_api_key(
|
2022-05-25 15:25:57 +02:00
|
|
|
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_GET }>, AuthController>,
|
2021-11-08 18:31:27 +01:00
|
|
|
path: web::Path<AuthParam>,
|
|
|
|
|
) -> Result<HttpResponse, ResponseError> {
|
2022-05-25 10:32:47 +02:00
|
|
|
let key = path.into_inner().key;
|
|
|
|
|
|
2022-03-02 18:22:34 +01:00
|
|
|
let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
|
2022-06-01 18:06:20 +02:00
|
|
|
let uid =
|
|
|
|
|
Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
|
2022-05-25 10:32:47 +02:00
|
|
|
let key = auth_controller.get_key(uid)?;
|
|
|
|
|
|
2022-03-02 18:22:34 +01:00
|
|
|
Ok(KeyView::from_key(key, &auth_controller))
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
Ok(HttpResponse::Ok().json(res))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub async fn patch_api_key(
|
2022-05-25 15:25:57 +02:00
|
|
|
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_UPDATE }>, AuthController>,
|
2021-11-08 18:31:27 +01:00
|
|
|
body: web::Json<Value>,
|
|
|
|
|
path: web::Path<AuthParam>,
|
|
|
|
|
) -> Result<HttpResponse, ResponseError> {
|
2022-05-25 10:32:47 +02:00
|
|
|
let key = path.into_inner().key;
|
2022-03-02 18:22:34 +01:00
|
|
|
let body = body.into_inner();
|
|
|
|
|
let res = tokio::task::spawn_blocking(move || -> Result<_, AuthControllerError> {
|
2022-06-01 18:06:20 +02:00
|
|
|
let uid =
|
|
|
|
|
Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
|
2022-05-25 10:32:47 +02:00
|
|
|
let key = auth_controller.update_key(uid, body)?;
|
|
|
|
|
|
2022-03-02 18:22:34 +01:00
|
|
|
Ok(KeyView::from_key(key, &auth_controller))
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
Ok(HttpResponse::Ok().json(res))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub async fn delete_api_key(
|
2022-05-25 15:25:57 +02:00
|
|
|
auth_controller: GuardedData<ActionPolicy<{ actions::KEYS_DELETE }>, AuthController>,
|
2021-11-08 18:31:27 +01:00
|
|
|
path: web::Path<AuthParam>,
|
|
|
|
|
) -> Result<HttpResponse, ResponseError> {
|
2022-05-25 10:32:47 +02:00
|
|
|
let key = path.into_inner().key;
|
|
|
|
|
tokio::task::spawn_blocking(move || {
|
2022-06-01 18:06:20 +02:00
|
|
|
let uid =
|
|
|
|
|
Uuid::parse_str(&key).or_else(|_| auth_controller.get_uid_from_encoded_key(&key))?;
|
2022-05-25 10:32:47 +02:00
|
|
|
auth_controller.delete_key(uid)
|
|
|
|
|
})
|
|
|
|
|
.await
|
|
|
|
|
.map_err(|e| ResponseError::from_msg(e.to_string(), Code::Internal))??;
|
2021-11-08 18:31:27 +01:00
|
|
|
|
2021-12-06 15:45:41 +01:00
|
|
|
Ok(HttpResponse::NoContent().finish())
|
2021-11-08 18:31:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[derive(Deserialize)]
|
|
|
|
|
pub struct AuthParam {
|
2022-05-25 10:32:47 +02:00
|
|
|
key: String,
|
2021-11-08 18:31:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[derive(Debug, Serialize)]
|
|
|
|
|
#[serde(rename_all = "camelCase")]
|
|
|
|
|
struct KeyView {
|
2022-05-25 10:32:47 +02:00
|
|
|
name: Option<String>,
|
2021-11-08 18:31:27 +01:00
|
|
|
description: Option<String>,
|
|
|
|
|
key: String,
|
2022-05-25 10:32:47 +02:00
|
|
|
uid: Uuid,
|
2021-11-08 18:31:27 +01:00
|
|
|
actions: Vec<Action>,
|
|
|
|
|
indexes: Vec<String>,
|
2022-02-14 15:32:41 +01:00
|
|
|
#[serde(serialize_with = "time::serde::rfc3339::option::serialize")]
|
|
|
|
|
expires_at: Option<OffsetDateTime>,
|
|
|
|
|
#[serde(serialize_with = "time::serde::rfc3339::serialize")]
|
|
|
|
|
created_at: OffsetDateTime,
|
|
|
|
|
#[serde(serialize_with = "time::serde::rfc3339::serialize")]
|
|
|
|
|
updated_at: OffsetDateTime,
|
2021-11-08 18:31:27 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl KeyView {
|
2022-01-12 15:35:33 +01:00
|
|
|
fn from_key(key: Key, auth: &AuthController) -> Self {
|
2022-05-25 10:32:47 +02:00
|
|
|
let generated_key = auth.generate_key(key.uid).unwrap_or_default();
|
2021-11-08 18:31:27 +01:00
|
|
|
|
|
|
|
|
KeyView {
|
2022-05-25 10:32:47 +02:00
|
|
|
name: key.name,
|
2021-11-08 18:31:27 +01:00
|
|
|
description: key.description,
|
|
|
|
|
key: generated_key,
|
2022-05-25 10:32:47 +02:00
|
|
|
uid: key.uid,
|
2021-11-08 18:31:27 +01:00
|
|
|
actions: key.actions,
|
|
|
|
|
indexes: key.indexes,
|
2022-02-14 15:32:41 +01:00
|
|
|
expires_at: key.expires_at,
|
|
|
|
|
created_at: key.created_at,
|
|
|
|
|
updated_at: key.updated_at,
|
2021-11-08 18:31:27 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-01-04 14:10:30 +01:00
|
|
|
|
|
|
|
|
#[derive(Debug, Serialize)]
|
|
|
|
|
struct KeyListView {
|
|
|
|
|
results: Vec<KeyView>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<Vec<KeyView>> for KeyListView {
|
|
|
|
|
fn from(results: Vec<KeyView>) -> Self {
|
|
|
|
|
Self { results }
|
|
|
|
|
}
|
|
|
|
|
}
|
