From 1dc3724c1f8e5492d00cb2dbb2e6183da94c0b3e Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Mon, 4 Jul 2022 13:33:46 -0400 Subject: [PATCH 1/8] Added [...]_ALL enum members in action.rs --- meilisearch-auth/src/action.rs | 53 +++++++++++++++++++++++++--------- 1 file changed, 39 insertions(+), 14 deletions(-) diff --git a/meilisearch-auth/src/action.rs b/meilisearch-auth/src/action.rs index ef11c3a00..127fb8e1a 100644 --- a/meilisearch-auth/src/action.rs +++ b/meilisearch-auth/src/action.rs @@ -16,6 +16,8 @@ pub enum Action { DocumentsGet = actions::DOCUMENTS_GET, #[serde(rename = "documents.delete")] DocumentsDelete = actions::DOCUMENTS_DELETE, + #[serde(rename = "indexes.*")] + IndexAll = actions::INDEXES_ALL, #[serde(rename = "indexes.create")] IndexesAdd = actions::INDEXES_CREATE, #[serde(rename = "indexes.get")] @@ -24,14 +26,22 @@ pub enum Action { IndexesUpdate = actions::INDEXES_UPDATE, #[serde(rename = "indexes.delete")] IndexesDelete = actions::INDEXES_DELETE, + #[serde(rename = "tasks.*")] + TasksAll = actions::TASKS_ALL, #[serde(rename = "tasks.get")] TasksGet = actions::TASKS_GET, + #[serde(rename = "settings.*")] + SettingsAll = actions::SETTINGS_ALL, #[serde(rename = "settings.get")] SettingsGet = actions::SETTINGS_GET, #[serde(rename = "settings.update")] SettingsUpdate = actions::SETTINGS_UPDATE, + #[serde(rename = "stats.*")] + StatsAll = actions::STATS_ALL, #[serde(rename = "stats.get")] StatsGet = actions::STATS_GET, + #[serde(rename = "dumps.*")] + DumpsAll = actions::DUMPS_ALL, #[serde(rename = "dumps.create")] DumpsCreate = actions::DUMPS_CREATE, #[serde(rename = "version")] @@ -56,14 +66,19 @@ impl Action { DOCUMENTS_ADD => Some(Self::DocumentsAdd), DOCUMENTS_GET => Some(Self::DocumentsGet), DOCUMENTS_DELETE => Some(Self::DocumentsDelete), + INDEXES_ALL => Some(Self::IndexAll), INDEXES_CREATE => Some(Self::IndexesAdd), INDEXES_GET => Some(Self::IndexesGet), INDEXES_UPDATE => Some(Self::IndexesUpdate), INDEXES_DELETE => Some(Self::IndexesDelete), + TASKS_ALL => Some(Self::TasksAll), TASKS_GET => Some(Self::TasksGet), + SETTINGS_ALL => Some(Self::SettingsAll), SETTINGS_GET => Some(Self::SettingsGet), SETTINGS_UPDATE => Some(Self::SettingsUpdate), + STATS_ALL => Some(Self::StatsAll), STATS_GET => Some(Self::StatsGet), + DUMPS_ALL => Some(Self::DumpsAll), DUMPS_CREATE => Some(Self::DumpsCreate), VERSION => Some(Self::Version), KEYS_CREATE => Some(Self::KeysAdd), @@ -83,14 +98,19 @@ impl Action { Self::DocumentsAdd => DOCUMENTS_ADD, Self::DocumentsGet => DOCUMENTS_GET, Self::DocumentsDelete => DOCUMENTS_DELETE, + Self::IndexAll => INDEXES_ALL, Self::IndexesAdd => INDEXES_CREATE, Self::IndexesGet => INDEXES_GET, Self::IndexesUpdate => INDEXES_UPDATE, Self::IndexesDelete => INDEXES_DELETE, + Self::TasksAll => TASKS_ALL, Self::TasksGet => TASKS_GET, + Self::SettingsAll => SETTINGS_ALL, Self::SettingsGet => SETTINGS_GET, Self::SettingsUpdate => SETTINGS_UPDATE, + Self::StatsAll => STATS_ALL, Self::StatsGet => STATS_GET, + Self::DumpsAll => DUMPS_ALL, Self::DumpsCreate => DUMPS_CREATE, Self::Version => VERSION, Self::KeysAdd => KEYS_CREATE, @@ -108,18 +128,23 @@ pub mod actions { pub const DOCUMENTS_ADD: u8 = 3; pub const DOCUMENTS_GET: u8 = 4; pub const DOCUMENTS_DELETE: u8 = 5; - pub const INDEXES_CREATE: u8 = 6; - pub const INDEXES_GET: u8 = 7; - pub const INDEXES_UPDATE: u8 = 8; - pub const INDEXES_DELETE: u8 = 9; - pub const TASKS_GET: u8 = 10; - pub const SETTINGS_GET: u8 = 11; - pub const SETTINGS_UPDATE: u8 = 12; - pub const STATS_GET: u8 = 13; - pub const DUMPS_CREATE: u8 = 14; - pub const VERSION: u8 = 15; - pub const KEYS_CREATE: u8 = 16; - pub const KEYS_GET: u8 = 17; - pub const KEYS_UPDATE: u8 = 18; - pub const KEYS_DELETE: u8 = 19; + pub const INDEXES_ALL: u8 = 6; + pub const INDEXES_CREATE: u8 = 7; + pub const INDEXES_GET: u8 = 8; + pub const INDEXES_UPDATE: u8 = 9; + pub const INDEXES_DELETE: u8 = 10; + pub const TASKS_ALL: u8 = 11; + pub const TASKS_GET: u8 = 12; + pub const SETTINGS_ALL: u8 = 13; + pub const SETTINGS_GET: u8 = 14; + pub const SETTINGS_UPDATE: u8 = 15; + pub const STATS_ALL: u8 = 16; + pub const STATS_GET: u8 = 17; + pub const DUMPS_ALL: u8 = 18; + pub const DUMPS_CREATE: u8 = 19; + pub const VERSION: u8 = 20; + pub const KEYS_CREATE: u8 = 21; + pub const KEYS_GET: u8 = 22; + pub const KEYS_UPDATE: u8 = 23; + pub const KEYS_DELETE: u8 = 24; } From c251b527b00304c3c0691d186b26fdbdbb5c216e Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Mon, 4 Jul 2022 21:07:47 -0400 Subject: [PATCH 2/8] Add iterators over * for stats, dumps, tasks, settings, and indexes; change documents impl to prevent duplication --- meilisearch-auth/src/store.rs | 78 +++++++++++++++++++++++++++++++---- 1 file changed, 71 insertions(+), 7 deletions(-) diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index f9d6e7728..13515ca7c 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -92,13 +92,77 @@ impl HeedAuthStore { Action::into_enum_iter().collect() } else if key.actions.contains(&Action::DocumentsAll) { // if key.actions.contains.DocumentsAll add all actions related to documents. - let mut actions = key.actions.clone(); - actions.append(&mut vec![ - Action::DocumentsAdd, - Action::DocumentsGet, - Action::DocumentsDelete, - ]); - actions + key.actions.iter() + .cloned() + .filter(|action|{ // Prevents duplicate entries in the actions vector + *action != Action::DocumentsAdd && + *action != Action::DocumentsDelete && + *action != Action::DocumentsGet + }) + .chain(vec![ + Action::DocumentsAdd, + Action::DocumentsDelete, + Action::DocumentsGet + ]) + .collect() + } else if key.actions.contains(&Action::IndexesAll) { + key.actions.iter() + .cloned() + .filter(|action|{ + *action != Action::IndexesAdd && + *action != Action::IndexesGet && + *action != Action::IndexesDelete && + *action != Action::IndexesUpdate + }) + .chain(vec![ + Action::IndexesAdd, + Action::IndexesGet, + Action::IndexesDelete, + Action::IndexesUpdate + ]) + .collect() + } else if key.actions.contains(&Action::SettingsAll) { + key.actions.iter() + .cloned() + .filter(|action|{ + *action != Action::SettingsGet && + *action != Action::SettingsUpdate + }) + .chain(vec![ + Action::SettingsGet, + Action::SettingsUpdate + ]) + .collect() + } else if key.actions.contains(&Action::TasksAll) { + key.actions.iter() + .cloned() + .filter(|action|{ + *action != Action::TasksGet + }) + .chain(vec![ + Action::TasksGet + ]) + .collect() + } else if key.actions.contains(&Action::DumpsAll) { + key.actions.iter() + .cloned() + .filter(|action|{ + *action != Action::DumpsCreate + }) + .chain(vec![ + Action::DumpsCreate + ]) + .collect() + } else if key.actions.contains(&Action::StatsAll) { + key.actions.iter() + .cloned() + .filter(|action|{ + *action != Action::StatsGet + }) + .chain(vec![ + Action::StatsGet + ]) + .collect() } else { key.actions.clone() }; From be1c6f9dc47b82b16a335334e710e2d01c214f65 Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Mon, 4 Jul 2022 21:30:24 -0400 Subject: [PATCH 3/8] Update tests to include .* permissions for tasks, indexes, dumps, stats, and settings --- meilisearch-http/tests/auth/authorization.rs | 62 ++++++++++---------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/meilisearch-http/tests/auth/authorization.rs b/meilisearch-http/tests/auth/authorization.rs index e790d1e4a..27a22de38 100644 --- a/meilisearch-http/tests/auth/authorization.rs +++ b/meilisearch-http/tests/auth/authorization.rs @@ -15,37 +15,37 @@ pub static AUTHORIZATIONS: Lazy hashset!{"documents.get", "documents.*", "*"}, ("GET", "/indexes/products/documents/0") => hashset!{"documents.get", "documents.*", "*"}, ("DELETE", "/indexes/products/documents/0") => hashset!{"documents.delete", "documents.*", "*"}, - ("GET", "/tasks") => hashset!{"tasks.get", "*"}, - ("GET", "/tasks?indexUid=products") => hashset!{"tasks.get", "*"}, - ("GET", "/tasks/0") => hashset!{"tasks.get", "*"}, - ("PATCH", "/indexes/products/") => hashset!{"indexes.update", "*"}, - ("GET", "/indexes/products/") => hashset!{"indexes.get", "*"}, - ("DELETE", "/indexes/products/") => hashset!{"indexes.delete", "*"}, - ("POST", "/indexes") => hashset!{"indexes.create", "*"}, - ("GET", "/indexes") => hashset!{"indexes.get", "*"}, - ("GET", "/indexes/products/settings") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/displayed-attributes") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/distinct-attribute") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/filterable-attributes") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/ranking-rules") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/searchable-attributes") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/sortable-attributes") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/stop-words") => hashset!{"settings.get", "*"}, - ("GET", "/indexes/products/settings/synonyms") => hashset!{"settings.get", "*"}, - ("DELETE", "/indexes/products/settings") => hashset!{"settings.update", "*"}, - ("PATCH", "/indexes/products/settings") => hashset!{"settings.update", "*"}, - ("PATCH", "/indexes/products/settings/typo-tolerance") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/displayed-attributes") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/distinct-attribute") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/filterable-attributes") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/ranking-rules") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/searchable-attributes") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/sortable-attributes") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/stop-words") => hashset!{"settings.update", "*"}, - ("PUT", "/indexes/products/settings/synonyms") => hashset!{"settings.update", "*"}, - ("GET", "/indexes/products/stats") => hashset!{"stats.get", "*"}, - ("GET", "/stats") => hashset!{"stats.get", "*"}, - ("POST", "/dumps") => hashset!{"dumps.create", "*"}, + ("GET", "/tasks") => hashset!{"tasks.get", "tasks.*", "*"}, + ("GET", "/tasks?indexUid=products") => hashset!{"tasks.get", "tasks.*", "*"}, + ("GET", "/tasks/0") => hashset!{"tasks.get", "tasks.*", "*"}, + ("PATCH", "/indexes/products/") => hashset!{"indexes.update", "indexes.*", "*"}, + ("GET", "/indexes/products/") => hashset!{"indexes.get", "indexes.*", "*"}, + ("DELETE", "/indexes/products/") => hashset!{"indexes.delete", "indexes.*", "*"}, + ("POST", "/indexes") => hashset!{"indexes.create", "indexes.*", "*"}, + ("GET", "/indexes") => hashset!{"indexes.get", "indexes.*", "*"}, + ("GET", "/indexes/products/settings") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/displayed-attributes") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/distinct-attribute") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/filterable-attributes") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/ranking-rules") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/searchable-attributes") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/sortable-attributes") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/stop-words") => hashset!{"settings.get", "settings.*", "*"}, + ("GET", "/indexes/products/settings/synonyms") => hashset!{"settings.get", "settings.*", "*"}, + ("DELETE", "/indexes/products/settings") => hashset!{"settings.update", "settings.*", "*"}, + ("PATCH", "/indexes/products/settings") => hashset!{"settings.update", "settings.*", "*"}, + ("PATCH", "/indexes/products/settings/typo-tolerance") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/displayed-attributes") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/distinct-attribute") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/filterable-attributes") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/ranking-rules") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/searchable-attributes") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/sortable-attributes") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/stop-words") => hashset!{"settings.update", "settings.*", "*"}, + ("PUT", "/indexes/products/settings/synonyms") => hashset!{"settings.update", "settings.*", "*"}, + ("GET", "/indexes/products/stats") => hashset!{"stats.get", "stats.*", "*"}, + ("GET", "/stats") => hashset!{"stats.get", "stats.*", "*"}, + ("POST", "/dumps") => hashset!{"dumps.create", "dumps.*", "*"}, ("GET", "/version") => hashset!{"version", "*"}, ("PATCH", "/keys/mykey/") => hashset!{"keys.update", "*"}, ("GET", "/keys/mykey/") => hashset!{"keys.get", "*"}, From 63e1fb4f96b31024b595efbed89ba6620a747323 Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Mon, 4 Jul 2022 21:49:40 -0400 Subject: [PATCH 4/8] Run the code formatter --- meilisearch-auth/src/action.rs | 6 +- meilisearch-auth/src/store.rs | 123 +++++++++++++++------------------ 2 files changed, 60 insertions(+), 69 deletions(-) diff --git a/meilisearch-auth/src/action.rs b/meilisearch-auth/src/action.rs index 127fb8e1a..cecc919aa 100644 --- a/meilisearch-auth/src/action.rs +++ b/meilisearch-auth/src/action.rs @@ -17,7 +17,7 @@ pub enum Action { #[serde(rename = "documents.delete")] DocumentsDelete = actions::DOCUMENTS_DELETE, #[serde(rename = "indexes.*")] - IndexAll = actions::INDEXES_ALL, + IndexesAll = actions::INDEXES_ALL, #[serde(rename = "indexes.create")] IndexesAdd = actions::INDEXES_CREATE, #[serde(rename = "indexes.get")] @@ -66,7 +66,7 @@ impl Action { DOCUMENTS_ADD => Some(Self::DocumentsAdd), DOCUMENTS_GET => Some(Self::DocumentsGet), DOCUMENTS_DELETE => Some(Self::DocumentsDelete), - INDEXES_ALL => Some(Self::IndexAll), + INDEXES_ALL => Some(Self::IndexesAll), INDEXES_CREATE => Some(Self::IndexesAdd), INDEXES_GET => Some(Self::IndexesGet), INDEXES_UPDATE => Some(Self::IndexesUpdate), @@ -98,7 +98,7 @@ impl Action { Self::DocumentsAdd => DOCUMENTS_ADD, Self::DocumentsGet => DOCUMENTS_GET, Self::DocumentsDelete => DOCUMENTS_DELETE, - Self::IndexAll => INDEXES_ALL, + Self::IndexesAll => INDEXES_ALL, Self::IndexesAdd => INDEXES_CREATE, Self::IndexesGet => INDEXES_GET, Self::IndexesUpdate => INDEXES_UPDATE, diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 13515ca7c..06bb87275 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -92,77 +92,68 @@ impl HeedAuthStore { Action::into_enum_iter().collect() } else if key.actions.contains(&Action::DocumentsAll) { // if key.actions.contains.DocumentsAll add all actions related to documents. - key.actions.iter() - .cloned() - .filter(|action|{ // Prevents duplicate entries in the actions vector - *action != Action::DocumentsAdd && - *action != Action::DocumentsDelete && - *action != Action::DocumentsGet - }) - .chain(vec![ - Action::DocumentsAdd, - Action::DocumentsDelete, - Action::DocumentsGet - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| { + // Prevents duplicate entries in the actions vector + *action != Action::DocumentsAdd + && *action != Action::DocumentsDelete + && *action != Action::DocumentsGet + }) + .chain(vec![ + Action::DocumentsAdd, + Action::DocumentsDelete, + Action::DocumentsGet, + ]) + .collect() } else if key.actions.contains(&Action::IndexesAll) { - key.actions.iter() - .cloned() - .filter(|action|{ - *action != Action::IndexesAdd && - *action != Action::IndexesGet && - *action != Action::IndexesDelete && - *action != Action::IndexesUpdate - }) - .chain(vec![ - Action::IndexesAdd, - Action::IndexesGet, - Action::IndexesDelete, - Action::IndexesUpdate - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| { + *action != Action::IndexesAdd + && *action != Action::IndexesGet + && *action != Action::IndexesDelete + && *action != Action::IndexesUpdate + }) + .chain(vec![ + Action::IndexesAdd, + Action::IndexesGet, + Action::IndexesDelete, + Action::IndexesUpdate, + ]) + .collect() } else if key.actions.contains(&Action::SettingsAll) { - key.actions.iter() - .cloned() - .filter(|action|{ - *action != Action::SettingsGet && - *action != Action::SettingsUpdate - }) - .chain(vec![ - Action::SettingsGet, - Action::SettingsUpdate - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| { + *action != Action::SettingsGet && *action != Action::SettingsUpdate + }) + .chain(vec![Action::SettingsGet, Action::SettingsUpdate]) + .collect() } else if key.actions.contains(&Action::TasksAll) { - key.actions.iter() - .cloned() - .filter(|action|{ - *action != Action::TasksGet - }) - .chain(vec![ - Action::TasksGet - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| *action != Action::TasksGet) + .chain(vec![Action::TasksGet]) + .collect() } else if key.actions.contains(&Action::DumpsAll) { - key.actions.iter() - .cloned() - .filter(|action|{ - *action != Action::DumpsCreate - }) - .chain(vec![ - Action::DumpsCreate - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| *action != Action::DumpsCreate) + .chain(vec![Action::DumpsCreate]) + .collect() } else if key.actions.contains(&Action::StatsAll) { - key.actions.iter() - .cloned() - .filter(|action|{ - *action != Action::StatsGet - }) - .chain(vec![ - Action::StatsGet - ]) - .collect() + key.actions + .iter() + .cloned() + .filter(|action| *action != Action::StatsGet) + .chain(vec![Action::StatsGet]) + .collect() } else { key.actions.clone() }; From 5d80ff41a29feebbe03069d00616af1c5c7b1b17 Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Tue, 5 Jul 2022 21:06:58 -0400 Subject: [PATCH 5/8] Clean up put_key impl --- meilisearch-auth/src/action.rs | 3 +- meilisearch-auth/src/store.rs | 86 +++++++--------------------------- 2 files changed, 18 insertions(+), 71 deletions(-) diff --git a/meilisearch-auth/src/action.rs b/meilisearch-auth/src/action.rs index cecc919aa..94a15eb9d 100644 --- a/meilisearch-auth/src/action.rs +++ b/meilisearch-auth/src/action.rs @@ -1,7 +1,8 @@ use enum_iterator::IntoEnumIterator; use serde::{Deserialize, Serialize}; +use std::hash::Hash; -#[derive(IntoEnumIterator, Copy, Clone, Serialize, Deserialize, Debug, Eq, PartialEq)] +#[derive(IntoEnumIterator, Copy, Clone, Serialize, Deserialize, Debug, Eq, PartialEq, Hash)] #[repr(u8)] pub enum Action { #[serde(rename = "*")] diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 06bb87275..8697afc38 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -7,6 +7,7 @@ use std::ops::Deref; use std::path::Path; use std::str; use std::sync::Arc; +use std::collections::HashSet; use enum_iterator::IntoEnumIterator; use hmac::{Hmac, Mac}; @@ -87,76 +88,21 @@ impl HeedAuthStore { // create inverted database. let db = self.action_keyid_index_expiration; - let actions = if key.actions.contains(&Action::All) { - // if key.actions contains All, we iterate over all actions. - Action::into_enum_iter().collect() - } else if key.actions.contains(&Action::DocumentsAll) { - // if key.actions.contains.DocumentsAll add all actions related to documents. - key.actions - .iter() - .cloned() - .filter(|action| { - // Prevents duplicate entries in the actions vector - *action != Action::DocumentsAdd - && *action != Action::DocumentsDelete - && *action != Action::DocumentsGet - }) - .chain(vec![ - Action::DocumentsAdd, - Action::DocumentsDelete, - Action::DocumentsGet, - ]) - .collect() - } else if key.actions.contains(&Action::IndexesAll) { - key.actions - .iter() - .cloned() - .filter(|action| { - *action != Action::IndexesAdd - && *action != Action::IndexesGet - && *action != Action::IndexesDelete - && *action != Action::IndexesUpdate - }) - .chain(vec![ - Action::IndexesAdd, - Action::IndexesGet, - Action::IndexesDelete, - Action::IndexesUpdate, - ]) - .collect() - } else if key.actions.contains(&Action::SettingsAll) { - key.actions - .iter() - .cloned() - .filter(|action| { - *action != Action::SettingsGet && *action != Action::SettingsUpdate - }) - .chain(vec![Action::SettingsGet, Action::SettingsUpdate]) - .collect() - } else if key.actions.contains(&Action::TasksAll) { - key.actions - .iter() - .cloned() - .filter(|action| *action != Action::TasksGet) - .chain(vec![Action::TasksGet]) - .collect() - } else if key.actions.contains(&Action::DumpsAll) { - key.actions - .iter() - .cloned() - .filter(|action| *action != Action::DumpsCreate) - .chain(vec![Action::DumpsCreate]) - .collect() - } else if key.actions.contains(&Action::StatsAll) { - key.actions - .iter() - .cloned() - .filter(|action| *action != Action::StatsGet) - .chain(vec![Action::StatsGet]) - .collect() - } else { - key.actions.clone() - }; + let mut actions = HashSet::new(); + for action in &key.actions { + match action { + Action::All => actions.extend(Action::into_enum_iter()), + Action::DocumentsAll => { actions.extend([Action::DocumentsGet, Action::DocumentsDelete, Action::DocumentsGet].iter()); }, + Action::IndexesAll => { actions.extend([Action::IndexesAdd, Action::IndexesDelete, Action::IndexesUpdate, Action::IndexesUpdate].iter()); }, + Action::SettingsAll => { actions.extend([Action::SettingsGet, Action::SettingsUpdate].iter()); }, + Action::DumpsAll => { actions.insert(Action::DumpsCreate); }, + Action::TasksAll => { actions.insert(Action::TasksGet); }, + Action::StatsAll => { actions.insert(Action::StatsGet); }, + other => { actions.insert(*other); } + } + } + + let actions = actions.iter().collect::>(); let no_index_restriction = key.indexes.contains(&StarOr::Star); for action in actions { From 23f02f241e4531d9dcc12eebd8b1e77f757aa33e Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Tue, 5 Jul 2022 21:08:19 -0400 Subject: [PATCH 6/8] Run the code formatter --- meilisearch-auth/src/store.rs | 45 ++++++++++++++++++++++++++++------- 1 file changed, 37 insertions(+), 8 deletions(-) diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 8697afc38..9b9cf41e0 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -1,5 +1,6 @@ use std::borrow::Cow; use std::cmp::Reverse; +use std::collections::HashSet; use std::convert::TryFrom; use std::convert::TryInto; use std::fs::create_dir_all; @@ -7,7 +8,6 @@ use std::ops::Deref; use std::path::Path; use std::str; use std::sync::Arc; -use std::collections::HashSet; use enum_iterator::IntoEnumIterator; use hmac::{Hmac, Mac}; @@ -92,13 +92,42 @@ impl HeedAuthStore { for action in &key.actions { match action { Action::All => actions.extend(Action::into_enum_iter()), - Action::DocumentsAll => { actions.extend([Action::DocumentsGet, Action::DocumentsDelete, Action::DocumentsGet].iter()); }, - Action::IndexesAll => { actions.extend([Action::IndexesAdd, Action::IndexesDelete, Action::IndexesUpdate, Action::IndexesUpdate].iter()); }, - Action::SettingsAll => { actions.extend([Action::SettingsGet, Action::SettingsUpdate].iter()); }, - Action::DumpsAll => { actions.insert(Action::DumpsCreate); }, - Action::TasksAll => { actions.insert(Action::TasksGet); }, - Action::StatsAll => { actions.insert(Action::StatsGet); }, - other => { actions.insert(*other); } + Action::DocumentsAll => { + actions.extend( + [ + Action::DocumentsGet, + Action::DocumentsDelete, + Action::DocumentsGet, + ] + .iter(), + ); + } + Action::IndexesAll => { + actions.extend( + [ + Action::IndexesAdd, + Action::IndexesDelete, + Action::IndexesUpdate, + Action::IndexesUpdate, + ] + .iter(), + ); + } + Action::SettingsAll => { + actions.extend([Action::SettingsGet, Action::SettingsUpdate].iter()); + } + Action::DumpsAll => { + actions.insert(Action::DumpsCreate); + } + Action::TasksAll => { + actions.insert(Action::TasksGet); + } + Action::StatsAll => { + actions.insert(Action::StatsGet); + } + other => { + actions.insert(*other); + } } } From fb9b298645e31bf9d38fdb81bf79771c3c19e972 Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Tue, 5 Jul 2022 21:52:50 -0400 Subject: [PATCH 7/8] Leave actions as HashSet --- meilisearch-auth/src/store.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 9b9cf41e0..3a32b9f20 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -131,8 +131,6 @@ impl HeedAuthStore { } } - let actions = actions.iter().collect::>(); - let no_index_restriction = key.indexes.contains(&StarOr::Star); for action in actions { if no_index_restriction { From 074a6a0ccee60dc5c995cddb97e1581d7cf2959c Mon Sep 17 00:00:00 2001 From: Phillip Davis Date: Wed, 6 Jul 2022 22:24:46 -0400 Subject: [PATCH 8/8] Fix typos in HeadAuthStore::put_api_key --- meilisearch-auth/src/store.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meilisearch-auth/src/store.rs b/meilisearch-auth/src/store.rs index 3a32b9f20..f21382068 100644 --- a/meilisearch-auth/src/store.rs +++ b/meilisearch-auth/src/store.rs @@ -97,7 +97,7 @@ impl HeedAuthStore { [ Action::DocumentsGet, Action::DocumentsDelete, - Action::DocumentsGet, + Action::DocumentsAdd, ] .iter(), ); @@ -107,7 +107,7 @@ impl HeedAuthStore { [ Action::IndexesAdd, Action::IndexesDelete, - Action::IndexesUpdate, + Action::IndexesGet, Action::IndexesUpdate, ] .iter(),