auth tests

2025-07-04 04:17:10 +02:00 · 2021-07-07 16:20:22 +02:00 · 2021-07-07 16:20:22 +02:00 · a71fa25ebe
commit a71fa25ebe
parent b4db54cb1f
7 changed files with 129 additions and 35 deletions
--- a/meilisearch-http/src/routes/mod.rs
+++ b/meilisearch-http/src/routes/mod.rs
@ -278,3 +278,97 @@ pub async fn list_keys(data: GuardedData<Admin, Data>) -> HttpResponse {
 pub async fn get_health() -> Result<HttpResponse, ResponseError> {
    Ok(HttpResponse::Ok().json(serde_json::json!({ "status": "available" })))
 }
+
+#[cfg(test)]
+mod test {
+    use super::*;
+    use crate::data::Data;
+    use crate::extractors::authentication::GuardedData;
+
+    /// A type implemented for a route that uses a authentication policy `Policy`.
+    ///
+    /// This trait is used for regression testing of route authenticaton policies.
+    trait Is<Policy, T> {}
+
+    macro_rules! impl_is_policy {
+        ($($param:ident)*) => {
+            impl<Policy, Func, $($param,)* Res> Is<Policy, (($($param,)*), Res)> for Func
+                where Func: Fn(GuardedData<Policy, Data>, $($param,)*) -> Res {}
+
+        };
+    }
+
+    impl_is_policy! {}
+    impl_is_policy! {A}
+    impl_is_policy! {A B}
+    impl_is_policy! {A B C}
+    impl_is_policy! {A B C D}
+
+    /// Emits a compile error if a route doesn't have the correct authentication policy.
+    ///
+    /// This works by trying to cast the route function into a Is<Policy, _> type, where Policy it
+    /// the authentication policy defined for the route.
+    macro_rules! test_auth_routes {
+        ($($policy:ident => { $($route:expr,)*})*) => {
+            #[test]
+            fn test_auth() {
+                $($(let _: &dyn Is<$policy, _> = &$route;)*)*
+            }
+        };
+    }
+
+    test_auth_routes! {
+        Public => {
+            indexes::search::search_with_url_query,
+            indexes::search::search_with_post,
+
+            indexes::documents::get_document,
+            indexes::documents::get_all_documents,
+        }
+        Private => {
+            get_stats,
+            get_version,
+
+            indexes::create_index,
+            indexes::list_indexes,
+            indexes::get_index_stats,
+            indexes::delete_index,
+            indexes::update_index,
+            indexes::get_index,
+
+            dump::create_dump,
+
+            indexes::settings::filterable_attributes::get,
+            indexes::settings::displayed_attributes::get,
+            indexes::settings::searchable_attributes::get,
+            indexes::settings::stop_words::get,
+            indexes::settings::synonyms::get,
+            indexes::settings::distinct_attribute::get,
+            indexes::settings::filterable_attributes::update,
+            indexes::settings::displayed_attributes::update,
+            indexes::settings::searchable_attributes::update,
+            indexes::settings::stop_words::update,
+            indexes::settings::synonyms::update,
+            indexes::settings::distinct_attribute::update,
+            indexes::settings::filterable_attributes::delete,
+            indexes::settings::displayed_attributes::delete,
+            indexes::settings::searchable_attributes::delete,
+            indexes::settings::stop_words::delete,
+            indexes::settings::synonyms::delete,
+            indexes::settings::distinct_attribute::delete,
+            indexes::settings::delete_all,
+            indexes::settings::get_all,
+            indexes::settings::update_all,
+
+            indexes::documents::clear_all_documents,
+            indexes::documents::delete_documents,
+            indexes::documents::update_documents,
+            indexes::documents::add_documents,
+            indexes::documents::delete_document,
+
+            indexes::updates::get_all_updates_status,
+            indexes::updates::get_update_status,
+        }
+        Admin => { list_keys, }
+    }
+}