From dc533584c63f4aff70e8e4bbbd61509653569d50 Mon Sep 17 00:00:00 2001
From: Tamo <tamo@meilisearch.com>
Date: Thu, 23 Feb 2023 17:13:22 +0100
Subject: [PATCH] Forbid the usage of the metrics route if your API key have a
 limitation on the indexes

---
 meilisearch/src/routes/metrics.rs | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/meilisearch/src/routes/metrics.rs b/meilisearch/src/routes/metrics.rs
index 1d3fb834e..4b328adb0 100644
--- a/meilisearch/src/routes/metrics.rs
+++ b/meilisearch/src/routes/metrics.rs
@@ -2,13 +2,13 @@ use actix_web::http::header;
 use actix_web::web::{self, Data};
 use actix_web::HttpResponse;
 use index_scheduler::IndexScheduler;
-use meilisearch_auth::{AuthController, AuthFilter};
+use meilisearch_auth::AuthController;
 use meilisearch_types::error::ResponseError;
 use meilisearch_types::keys::actions;
 use prometheus::{Encoder, TextEncoder};
 
 use crate::extractors::authentication::policies::ActionPolicy;
-use crate::extractors::authentication::GuardedData;
+use crate::extractors::authentication::{AuthenticationError, GuardedData};
 use crate::routes::create_all_stats;
 
 pub fn configure(config: &mut web::ServiceConfig) {
@@ -19,12 +19,17 @@ pub async fn get_metrics(
     index_scheduler: GuardedData<ActionPolicy<{ actions::METRICS_GET }>, Data<IndexScheduler>>,
     auth_controller: GuardedData<ActionPolicy<{ actions::METRICS_GET }>, AuthController>,
 ) -> Result<HttpResponse, ResponseError> {
-    let response = create_all_stats(
-        (*index_scheduler).clone(),
-        (*auth_controller).clone(),
-        // we don't use the filters contained in the `ActionPolicy` because the metrics must have the right to access all the indexes.
-        &AuthFilter::default(),
-    )?;
+    let auth_filters = index_scheduler.filters();
+    if !auth_filters.all_indexes_authorized() {
+        let mut error = ResponseError::from(AuthenticationError::InvalidToken);
+        error.message.push_str(
+            " The API key for the `/metrics` route must have no limitation on the indexes.",
+        );
+        return Err(error);
+    }
+
+    let response =
+        create_all_stats((*index_scheduler).clone(), (*auth_controller).clone(), auth_filters)?;
 
     crate::metrics::MEILISEARCH_DB_SIZE_BYTES.set(response.database_size as i64);
     crate::metrics::MEILISEARCH_INDEX_COUNT.set(response.indexes.len() as i64);