Use the IndexUid and StarOr in meilisearch_auth::Key

Move `meilisearch_http::routes::StarOr` to `meilisearch_types::star_or` Fixes #2158
2025-07-03 03:47:02 +02:00 · 2022-06-06 12:45:52 +02:00 · 2022-06-06 12:45:52 +02:00 · b8745420da
commit b8745420da
parent 36cb09eb25
11 changed files with 190 additions and 36 deletions
--- a/meilisearch-auth/src/key.rs
+++ b/meilisearch-auth/src/key.rs
@ -2,6 +2,8 @@ use crate::action::Action;
 use crate::error::{AuthControllerError, Result};
 use crate::store::KeyId;

+use meilisearch_types::index_uid::IndexUid;
+use meilisearch_types::star_or::StarOr;
 use serde::{Deserialize, Serialize};
 use serde_json::{from_value, Value};
 use time::format_description::well_known::Rfc3339;
@ -17,7 +19,7 @@ pub struct Key {
    pub name: Option<String>,
    pub uid: KeyId,
    pub actions: Vec<Action>,
-    pub indexes: Vec<String>,
+    pub indexes: Vec<StarOr<IndexUid>>,
    #[serde(with = "time::serde::rfc3339::option")]
    pub expires_at: Option<OffsetDateTime>,
    #[serde(with = "time::serde::rfc3339")]
@ -136,7 +138,7 @@ impl Key {
            description: Some("Use it for anything that is not a search operation. Caution! Do not expose it on a public frontend".to_string()),
            uid,
            actions: vec![Action::All],
-            indexes: vec!["*".to_string()],
+            indexes: vec![StarOr::Star],
            expires_at: None,
            created_at: now,
            updated_at: now,
@ -151,7 +153,7 @@ impl Key {
            description: Some("Use it to search from the frontend".to_string()),
            uid,
            actions: vec![Action::Search],
-            indexes: vec!["*".to_string()],
+            indexes: vec![StarOr::Star],
            expires_at: None,
            created_at: now,
            updated_at: now,
--- a/meilisearch-auth/src/lib.rs
+++ b/meilisearch-auth/src/lib.rs
@ -5,6 +5,7 @@ mod key;
 mod store;

 use std::collections::{HashMap, HashSet};
+use std::ops::Deref;
 use std::path::Path;
 use std::sync::Arc;

@ -16,6 +17,7 @@ use uuid::Uuid;
 pub use action::{actions, Action};
 use error::{AuthControllerError, Result};
 pub use key::Key;
+use meilisearch_types::star_or::StarOr;
 use store::generate_key_as_base64;
 pub use store::open_auth_store_env;
 use store::HeedAuthStore;
@ -87,20 +89,22 @@ impl AuthController {
            .get_api_key(uid)?
            .ok_or_else(|| AuthControllerError::ApiKeyNotFound(uid.to_string()))?;

-        if !key.indexes.iter().any(|i| i.as_str() == "*") {
+        if !key.indexes.iter().any(|i| i == &StarOr::Star) {
            filters.search_rules = match search_rules {
                // Intersect search_rules with parent key authorized indexes.
                Some(search_rules) => SearchRules::Map(
                    key.indexes
                        .into_iter()
                        .filter_map(|index| {
-                            search_rules
-                                .get_index_search_rules(&index)
-                                .map(|index_search_rules| (index, Some(index_search_rules)))
+                            search_rules.get_index_search_rules(index.deref()).map(
+                                |index_search_rules| {
+                                    (String::from(index), Some(index_search_rules))
+                                },
+                            )
                        })
                        .collect(),
                ),
-                None => SearchRules::Set(key.indexes.into_iter().collect()),
+                None => SearchRules::Set(key.indexes.into_iter().map(String::from).collect()),
            };
        } else if let Some(search_rules) = search_rules {
            filters.search_rules = search_rules;
--- a/meilisearch-auth/src/store.rs
+++ b/meilisearch-auth/src/store.rs
@ -3,12 +3,14 @@ use std::cmp::Reverse;
 use std::convert::TryFrom;
 use std::convert::TryInto;
 use std::fs::create_dir_all;
+use std::ops::Deref;
 use std::path::Path;
 use std::str;
 use std::sync::Arc;

 use enum_iterator::IntoEnumIterator;
 use hmac::{Hmac, Mac};
+use meilisearch_types::star_or::StarOr;
 use milli::heed::types::{ByteSlice, DecodeIgnore, SerdeJson};
 use milli::heed::{Database, Env, EnvOpenOptions, RwTxn};
 use sha2::{Digest, Sha256};
@ -92,7 +94,7 @@ impl HeedAuthStore {
            key.actions.clone()
        };

-        let no_index_restriction = key.indexes.contains(&"*".to_owned());
+        let no_index_restriction = key.indexes.contains(&StarOr::Star);
        for action in actions {
            if no_index_restriction {
                // If there is no index restriction we put None.
@ -102,7 +104,7 @@ impl HeedAuthStore {
                for index in key.indexes.iter() {
                    db.put(
                        &mut wtxn,
-                        &(&uid, &action, Some(index.as_bytes())),
+                        &(&uid, &action, Some(index.deref().as_bytes())),
                        &key.expires_at,
                    )?;
                }