Merge #2525

2525: Auth: Provide all document related permissions for action document.* r=Kerollmops a=janithpet

Added a `Action::DocumentsAll` identifier as [suggested](https://github.com/meilisearch/meilisearch/issues/2080#issuecomment-1022952486), along with the other necessary changes in `action.rs`. 

Inside `store.rs`, added an extra condition in `HeedAuthStore::put_api_key` to append all document related permissions if `key.actions.contains(&DocumentsAll)`.

Updated the tests as [suggested](https://github.com/meilisearch/meilisearch/issues/2080#issuecomment-1022952486).

I am quite new to Rust, so please let me know if I had made any mistakes; have I written the code in the most idiomatic/efficient way? I am aware that the way I append the document permissions could create duplicates in the `actions` vector, but I am not sure how fix that in a simple way (other than using other dependencies like [itertools](https://github.com/rust-itertools/itertools), for example).

## What does this PR do?
Fixes #2080 

## PR checklist
Please check if your PR fulfills the following requirements:
- [ ] Does this PR fix an existing issue?
- [ x] Have you read the contributing guidelines?
- [ x] Have you made sure that the title is accurate and descriptive of the changes?

Thank you so much for contributing to Meilisearch!


Co-authored-by: janithPet <jpetangoda@gmail.com>

meilisearch-auth/src/action.rs

@@ -8,6 +8,8 @@ pub enum Action {
     All = actions::ALL,
     #[serde(rename = "search")]
     Search = actions::SEARCH,
+    #[serde(rename = "documents.*")]
+    DocumentsAll = actions::DOCUMENTS_ALL,
     #[serde(rename = "documents.add")]
     DocumentsAdd = actions::DOCUMENTS_ADD,
     #[serde(rename = "documents.get")]
@@ -50,6 +52,7 @@ impl Action {
         match repr {
             ALL => Some(Self::All),
             SEARCH => Some(Self::Search),
+            DOCUMENTS_ALL => Some(Self::DocumentsAll),
             DOCUMENTS_ADD => Some(Self::DocumentsAdd),
             DOCUMENTS_GET => Some(Self::DocumentsGet),
             DOCUMENTS_DELETE => Some(Self::DocumentsDelete),
@@ -76,6 +79,7 @@ impl Action {
         match self {
             Self::All => ALL,
             Self::Search => SEARCH,
+            Self::DocumentsAll => DOCUMENTS_ALL,
             Self::DocumentsAdd => DOCUMENTS_ADD,
             Self::DocumentsGet => DOCUMENTS_GET,
             Self::DocumentsDelete => DOCUMENTS_DELETE,
@@ -100,18 +104,19 @@ impl Action {
 pub mod actions {
     pub(crate) const ALL: u8 = 0;
     pub const SEARCH: u8 = 1;
-    pub const DOCUMENTS_ADD: u8 = 2;
-    pub const DOCUMENTS_GET: u8 = 3;
-    pub const DOCUMENTS_DELETE: u8 = 4;
-    pub const INDEXES_CREATE: u8 = 5;
-    pub const INDEXES_GET: u8 = 6;
-    pub const INDEXES_UPDATE: u8 = 7;
-    pub const INDEXES_DELETE: u8 = 8;
-    pub const TASKS_GET: u8 = 9;
-    pub const SETTINGS_GET: u8 = 10;
-    pub const SETTINGS_UPDATE: u8 = 11;
-    pub const STATS_GET: u8 = 12;
-    pub const DUMPS_CREATE: u8 = 13;
+    pub const DOCUMENTS_ALL: u8 = 2;
+    pub const DOCUMENTS_ADD: u8 = 3;
+    pub const DOCUMENTS_GET: u8 = 4;
+    pub const DOCUMENTS_DELETE: u8 = 5;
+    pub const INDEXES_CREATE: u8 = 6;
+    pub const INDEXES_GET: u8 = 7;
+    pub const INDEXES_UPDATE: u8 = 8;
+    pub const INDEXES_DELETE: u8 = 9;
+    pub const TASKS_GET: u8 = 10;
+    pub const SETTINGS_GET: u8 = 11;
+    pub const SETTINGS_UPDATE: u8 = 12;
+    pub const STATS_GET: u8 = 13;
+    pub const DUMPS_CREATE: u8 = 14;
     pub const VERSION: u8 = 15;
     pub const KEYS_CREATE: u8 = 16;
     pub const KEYS_GET: u8 = 17;

meilisearch-auth/src/store.rs

@@ -90,6 +90,15 @@ impl HeedAuthStore {
         let actions = if key.actions.contains(&Action::All) {
             // if key.actions contains All, we iterate over all actions.
             Action::into_enum_iter().collect()
+        } else if key.actions.contains(&Action::DocumentsAll) {
+            // if key.actions.contains.DocumentsAll add all actions related to documents.
+            let mut actions = key.actions.clone();
+            actions.append(&mut vec![
+                Action::DocumentsAdd,
+                Action::DocumentsGet,
+                Action::DocumentsDelete,
+            ]);
+            actions
         } else {
             key.actions.clone()
         };

meilisearch-http/tests/auth/authorization.rs

@@ -11,10 +11,10 @@ pub static AUTHORIZATIONS: Lazy<HashMap<(&'static str, &'static str), HashSet<&'
         hashmap! {
             ("POST",    "/indexes/products/search") =>                         hashset!{"search", "*"},
             ("GET",     "/indexes/products/search") =>                         hashset!{"search", "*"},
-            ("POST",    "/indexes/products/documents") =>                      hashset!{"documents.add", "*"},
-            ("GET",     "/indexes/products/documents") =>                      hashset!{"documents.get", "*"},
-            ("GET",     "/indexes/products/documents/0") =>                    hashset!{"documents.get", "*"},
-            ("DELETE",  "/indexes/products/documents/0") =>                    hashset!{"documents.delete", "*"},
+            ("POST",    "/indexes/products/documents") =>                      hashset!{"documents.add", "documents.*", "*"},
+            ("GET",     "/indexes/products/documents") =>                      hashset!{"documents.get", "documents.*", "*"},
+            ("GET",     "/indexes/products/documents/0") =>                    hashset!{"documents.get", "documents.*", "*"},
+            ("DELETE",  "/indexes/products/documents/0") =>                    hashset!{"documents.delete", "documents.*", "*"},
             ("GET",     "/tasks") =>                                           hashset!{"tasks.get", "*"},
             ("GET",     "/tasks?indexUid=products") =>                         hashset!{"tasks.get", "*"},
             ("GET",     "/tasks/0") =>                                         hashset!{"tasks.get", "*"},