50 Commits

Author SHA1 Message Date
vishalsodani
1a61209596 fix wrong variant returned for invalid_api_key_indexes error 2022-10-18 19:41:06 +05:30
Loïc Lecrenier
a2c91a87fe Upgrade dependencies
Except:
- clap stays on 3.0 because it is more complicated to upgrade
- enum_iterator goes up to 1.1.2 instead of 1.2 because of the vergen
dependency
2022-10-05 15:53:02 +02:00
Many the fish
37dc6537c3
Fix api keys bugs (#2734)
* Add some tests

* Disallow index creation when API key doesn't havec explicitelly the right on the creating index

* Fix lazy index creation with `indexes.*` action
2022-09-06 15:13:09 +02:00
Clément Renault
f0b2ac6efb
metrics.all must define metrics.get 2022-08-24 17:03:30 +02:00
Clément Renault
2c2efc7ab6
Remove the hand written numbers of the actions rights 2022-08-24 16:33:12 +02:00
Clément Renault
381df43be4
Change the metrics route API access rights 2022-08-24 16:28:33 +02:00
Clémentine Urquizar - curqui
8e370ed9ab
Merge branch 'main' into stable 2022-07-11 14:41:15 +02:00
Phillip Davis
074a6a0cce
Fix typos in HeadAuthStore::put_api_key 2022-07-06 22:24:46 -04:00
Phillip Davis
fb9b298645
Leave actions as HashSet 2022-07-05 21:52:50 -04:00
Phillip Davis
23f02f241e
Run the code formatter 2022-07-05 21:08:56 -04:00
Phillip Davis
5d80ff41a2
Clean up put_key impl 2022-07-05 21:06:58 -04:00
ManyTheFish
a146fd45b9 Format API keys in hexa instead of base64 2022-07-05 16:14:18 +02:00
Phillip Davis
63e1fb4f96
Run the code formatter 2022-07-04 21:49:40 -04:00
Phillip Davis
c251b527b0
Add iterators over * for stats, dumps, tasks, settings, and indexes; change documents impl to prevent duplication 2022-07-04 21:38:31 -04:00
Phillip Davis
1dc3724c1f
Added [...]_ALL enum members in action.rs 2022-07-04 21:38:21 -04:00
janithPet
6f910f89eb Ran formatter on the code. 2022-06-15 22:23:38 +01:00
janithPet
9a8fb6c55a Updated actions identifiers to be in a more pleasing order 2022-06-15 17:27:41 +01:00
janithPet
4016161035 Provide all document related permissions for action document.* 2022-06-15 16:11:39 +01:00
pierre-l
b8745420da Use the IndexUid and StarOr in meilisearch_auth::Key
Move `meilisearch_http::routes::StarOr` to `meilisearch_types::star_or`

Fixes #2158
2022-06-09 16:14:15 +02:00
pierre-l
36cb09eb25 Add a new meilisearch_types crate
Move `meilisearch_error` to `meilisearch_types::error`
Move `meilisearch_lib::index_resolver::IndexUid` to `meilisearch_types::index_uid`
Add a new `InvalidIndexUid` error in `meilisearch_types::index_uid`
2022-06-09 16:14:13 +02:00
ManyTheFish
1a7631c807 Hash master_key before passing it to HMAC 2022-06-08 14:54:47 +02:00
ManyTheFish
987a7f8926 Wrap sha256 in HMAC instead of directly use sha256 2022-06-08 14:25:12 +02:00
ManyTheFish
3b01ed4fe8 feat(auth): remove dumps.get action from keys 2022-06-07 10:49:28 +02:00
Ryan Russell
3e46543060
Improve Store Readability
Signed-off-by: Ryan Russell <git@ryanrussell.org>
2022-06-04 20:42:53 -05:00
ManyTheFish
9eea142e2b feat(API-keys): Change immutable_field error message
Change the immutable_field error message to fit the recent changes in the spec:
aa0a148ee3..84a9baff68
2022-06-02 11:11:07 +02:00
ManyTheFish
4512eed8f5 Fix PR comments 2022-06-01 18:06:20 +02:00
ManyTheFish
7652295d2c Encode key in base64 instead of hexa 2022-06-01 16:17:47 +02:00
ManyTheFish
94b32cce01 Patch errors 2022-06-01 16:17:47 +02:00
ManyTheFish
1816db8c1f Move dump v4 patcher into v4.rs 2022-06-01 16:17:43 +02:00
ManyTheFish
b3c8915702 Make small changes and renaming 2022-06-01 16:08:42 +02:00
ManyTheFish
151f494110 Use Stream Deserializer to load dumps 2022-06-01 16:08:42 +02:00
ManyTheFish
96152a3d32 Change default API keys names and descriptions 2022-06-01 16:08:42 +02:00
ManyTheFish
70916d6596 Patch dump v4 2022-06-01 16:08:42 +02:00
ManyTheFish
34c8888f56 Add keys actions 2022-06-01 16:07:44 +02:00
ManyTheFish
d54643455c Make PATCH only modify name, description, and updated_at fields 2022-06-01 16:07:44 +02:00
ManyTheFish
96a5791e39 Add uid and name fields in keys 2022-06-01 16:07:44 +02:00
Sai Kumar
e271395971
chore(all): bump milli
* updates to Use the milli's heed dependency #2210

* Update index.rs

* Update store.rs

* Update mod.rs

* cargo fmt
2022-03-16 16:34:44 +01:00
ad hoc
d6400aef27
remove async from meilsearch-authentication 2022-03-02 18:22:34 +01:00
ad hoc
4fbb83a34d
bug(snapshot): Correctly open environments in snapshots 2022-02-28 12:37:30 +01:00
Irevoire
05c8d81e65
chore: get rid of chrono in favor of time
Chrono has been unmaintened for a few month now and there is a CVE on it.

make clippy happy

bump milli
2022-02-16 18:14:29 +01:00
ad hoc
23eba82038
fix(auth): fix env being closed when dumping 2022-02-09 13:56:26 +01:00
ManyTheFish
3bee31e6c7 bug(auth): Make API keys accept Null descriptions 2022-02-02 18:18:17 +01:00
ManyTheFish
7ca647f0d0 feat(auth): Implement Tenant token
Make meilisearch support JWT authentication signed with meilisearch API keys
using HS256, HS384 or HS512 algorithms.

Related spec: https://github.com/meilisearch/specifications/pull/89
Fix #1991
2022-01-27 08:25:39 +01:00
Irevoire
343bce6a29
fix(dump): Fix the import of dump from the v24 and before 2022-01-13 13:23:57 +01:00
bors[bot]
5d48f72ade
Merge #2065
2065: MeiliSearch v0.25.0: `stable` -> `main` r=curquiza a=curquiza



Co-authored-by: Clémentine Urquizar <clementine@meilisearch.com>
Co-authored-by: Clément Renault <clement@meilisearch.com>
Co-authored-by: bors[bot] <26634292+bors[bot]@users.noreply.github.com>
Co-authored-by: many <maxime@meilisearch.com>
Co-authored-by: Marin Postma <postma.marin@protonmail.com>
Co-authored-by: Maxime Legendre <maximelegendre@MacBook-Pro-de-Maxime.local>
Co-authored-by: Maxime Legendre <maximelegendre@mbp-de-maxime.home>
Co-authored-by: Tamo <tamo@meilisearch.com>
Co-authored-by: ManyTheFish <many@meilisearch.com>
2022-01-11 16:30:22 +00:00
Maxime Legendre
37329e0784 Bug(auth): Parse YMD date
Use NaiveDate to parse YMD date instead of NaiveDatetime

fix #2017
2021-12-20 15:30:11 +01:00
Maxime Legendre
a845cd8880 Fix(auth): Forbid index creation on alternates routes
Forbid index creation on alternates routes when the action `index.create` is not given

fix #2024
2021-12-20 14:48:18 +01:00
Marin Postma
b28a465304 bug(lib): drop env on last use
fixes the `too many open files` error when running tests by closing the
environment on last drop
2021-12-16 10:57:55 +01:00
many
ee7970f603 feat(auth): Extend API keys
- Add API keys in snapshots
- Add API keys in dumps
- Rename action indexes.add to indexes.create
- fix QA #1979

fix #1979
fix #1995
fix #2001
fix #2003
related to #1890
2021-12-14 17:33:39 +01:00
many
ffefd0caf2
feat(auth): API keys
implements:
https://github.com/meilisearch/specifications/blob/develop/text/0085-api-keys.md

- Add tests on API keys management route (meilisearch-http/tests/auth/api_keys.rs)
- Add tests checking authorizations on each meilisearch routes (meilisearch-http/tests/auth/authorization.rs)
- Implement API keys management routes (meilisearch-http/src/routes/api_key.rs)
- Create module to manage API keys and authorizations (meilisearch-auth)
- Reimplement GuardedData to extend authorizations (meilisearch-http/src/extractors/authentication/mod.rs)
- Change X-MEILI-API-KEY by Authorization Bearer (meilisearch-http/src/extractors/authentication/mod.rs)
- Change meilisearch routes to fit to the new authorization feature (meilisearch-http/src/routes/)

- close #1867
2021-12-06 09:52:41 +01:00