Fix(auth): Forbid index creation on alternates routes

Forbid index creation on alternates routes when the action `index.create` is not given fix #2024
2025-07-04 20:37:15 +02:00 · 2021-12-15 14:52:33 +01:00 · 2021-12-15 14:52:33 +01:00 · a845cd8880
commit a845cd8880
parent 845d3114ea
11 changed files with 213 additions and 23 deletions
--- a/meilisearch-http/tests/common/server.rs
+++ b/meilisearch-http/tests/common/server.rs
@ -50,6 +50,33 @@ impl Server {
        }
    }

+    pub async fn new_auth() -> Self {
+        let dir = TempDir::new().unwrap();
+
+        if cfg!(windows) {
+            std::env::set_var("TMP", TEST_TEMP_DIR.path());
+        } else {
+            std::env::set_var("TMPDIR", TEST_TEMP_DIR.path());
+        }
+
+        let mut options = default_settings(dir.path());
+        options.master_key = Some("MASTER_KEY".to_string());
+
+        let meilisearch = setup_meilisearch(&options).unwrap();
+        let auth = AuthController::new(&options.db_path, &options.master_key).unwrap();
+        let service = Service {
+            meilisearch,
+            auth,
+            options,
+            api_key: None,
+        };
+
+        Server {
+            service,
+            _dir: Some(dir),
+        }
+    }
+
    pub async fn new_with_options(options: Opt) -> Self {
        let meilisearch = setup_meilisearch(&options).unwrap();
        let auth = AuthController::new(&options.db_path, &options.master_key).unwrap();