searchengines-web/MeiliSearch
searchengines-web
/
MeiliSearch
mirror of https://github.com/meilisearch/MeiliSearch
1
0
Fork 0
Code Issues Releases Wiki Activity

allow api key in header when no master-key is set; fix #515

This commit is contained in:
qdequele 2020-03-10 15:40:44 +01:00
parent ef3bcd65ab
commit 8204d961de
No known key found for this signature in database
GPG Key ID: B3F0A000EBF11745
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meilisearch-http/src/helpers/tide.rs
View File

@ -20,6 +20,10 @@ impl RequestExt for Request<Data> {
fn is_allowed(&self, acl: ACL) -> SResult<()> {
let user_api_key = self.header("X-Meili-API-Key");
if self.state().api_keys.master.is_none() {
return Ok(())
}
match acl {
ACL::Admin => {
if user_api_key == self.state().api_keys.master.as_deref() {