Merge #2096

2096: feat(auth): Tenant token r=Kerollmops a=ManyTheFish Make meilisearch support JWT authentication signed with meilisearch API keys using HS256, HS384 or HS512 algorithms. Related spec: [specifications#89](https://github.com/meilisearch/specifications/pull/89) [rendered](https://github.com/meilisearch/specifications/blob/scoped-api-keys/text/0089-tenant-tokens.md) Fix #1991 Co-authored-by: ManyTheFish <many@meilisearch.com>
2025-07-03 20:07:09 +02:00 · 2022-01-27 10:38:41 +00:00 · 2022-01-27 10:38:41 +00:00 · 622c15e825
commit 622c15e825
parent 054598734a 7ca647f0d0
15 changed files with 980 additions and 109 deletions
--- a/meilisearch-lib/src/index_controller/mod.rs
+++ b/meilisearch-lib/src/index_controller/mod.rs
@ -1,3 +1,4 @@
+use meilisearch_auth::SearchRules;
 use std::collections::BTreeMap;
 use std::fmt;
 use std::io::Cursor;
@ -559,17 +560,14 @@ where
        Ok(stats)
    }

-    pub async fn get_all_stats(&self, index_filter: &Option<Vec<String>>) -> Result<Stats> {
+    pub async fn get_all_stats(&self, search_rules: &SearchRules) -> Result<Stats> {
        let mut last_task: Option<DateTime<_>> = None;
        let mut indexes = BTreeMap::new();
        let mut database_size = 0;
        let processing_task = self.task_store.get_processing_task().await?;

        for (index_uid, index) in self.index_resolver.list().await? {
-            if index_filter
-                .as_ref()
-                .map_or(false, |filter| !filter.contains(&index_uid))
-            {
+            if !search_rules.is_index_authorized(&index_uid) {
                continue;
            }