From 8204d961def107bd0a8838662291eebe53b23406 Mon Sep 17 00:00:00 2001
From: qdequele <quentin@dequelen.me>
Date: Tue, 10 Mar 2020 15:40:44 +0100
Subject: [PATCH] allow api key in header when no master-key is set; fix #515

---
 meilisearch-http/src/helpers/tide.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meilisearch-http/src/helpers/tide.rs b/meilisearch-http/src/helpers/tide.rs
index 33a6028b1..f474372f0 100644
--- a/meilisearch-http/src/helpers/tide.rs
+++ b/meilisearch-http/src/helpers/tide.rs
@@ -20,6 +20,10 @@ impl RequestExt for Request<Data> {
     fn is_allowed(&self, acl: ACL) -> SResult<()> {
         let user_api_key = self.header("X-Meili-API-Key");
 
+        if self.state().api_keys.master.is_none() {
+            return Ok(())
+        }
+
         match acl {
             ACL::Admin => {
                 if user_api_key == self.state().api_keys.master.as_deref() {