710 Commits

Author SHA1 Message Date
Kerollmops
8fecc6238d
Make the test use the default CLI options 2022-03-29 11:37:08 -07:00
bors[bot]
513b37e245
Merge #2253
2253: refactor authentication key extraction r=ManyTheFish a=MarinPostma

I am concerned that the part of the code that performs the key prefix extraction from the jwt token migh be misused in the future. Since this is a critical part of the code, I moved it into it's own function. Since we deserialized the payload twice anyway, I reordered the verifications, and we now use the data from the validated token.


Co-authored-by: ad hoc <postma.marin@protonmail.com>
2022-03-28 08:53:13 +00:00
Kerollmops
3df542f072
Export milli's heed from meilisearch-lib 2022-03-24 15:30:10 +01:00
Kerollmops
ee6be4f6b9
Import milli from meilisearch-lib in meilisearch-http 2022-03-24 14:45:37 +01:00
ad hoc
6a82a055d3
chore(auth): refactor token validation 2022-03-21 11:18:51 +01:00
bors[bot]
7e65816d63
Merge #2237
2237: Update dependencies r=MarinPostma a=Kerollmops

This PR upgrade and updates the dependencies of meilisearch, but first I removed three unused dependencies. I used [cargo udeps](https://github.com/est31/cargo-udeps) to detect those and [cargo upgrade](https://github.com/killercup/cargo-edit/blob/master/README.md#available-subcommands) to upgrade ⬆️

~This PR **must** be merged when https://github.com/meilisearch/milli/pull/465 is merged and then must be updated accordingly i.e. using the latest version of milli.~

Co-authored-by: Kerollmops <clement@meilisearch.com>
Co-authored-by: ManyTheFish <many@meilisearch.com>
2022-03-17 17:15:19 +00:00
Kerollmops
5bffa4b7f9
Tenant token validation is now created by a function 2022-03-17 17:55:50 +01:00
bors[bot]
d1c0ecceb9
Merge #2245
2245: Add test to validate cli r=irevoire a=MarinPostma

followup on #2242 and #2243

Add a test to make sure the cli is valid, and add a CI task to run the tests in debug to make sure we hit debug assertions.

FYI `@curquiza,` because of CI changes

Co-authored-by: ad hoc <postma.marin@protonmail.com>
2022-03-17 16:14:31 +00:00
ManyTheFish
4aef7c5ac5
Fix tenant token validation when exp is null 2022-03-17 11:05:03 +01:00
Kerollmops
968053649b
Change the jsonwebtoken crate usage 2022-03-17 11:03:32 +01:00
Kerollmops
ac48860bbb
Upgrade the workspace dependencies 2022-03-17 11:03:31 +01:00
Kerollmops
46e6d23dd2
Remove the zstd dependency comming from actix-web/http 2022-03-17 11:00:25 +01:00
Kerollmops
55c9514c6b
Reorder the Meilisearch features for more readability 2022-03-17 11:00:25 +01:00
Kerollmops
86c1e83ea1
Remove three unused dependencies 2022-03-17 11:00:24 +01:00
ad hoc
22c61a1ecb
chore(http): add test for validity of cli 2022-03-16 17:17:57 +01:00
Sai Kumar
e271395971
chore(all): bump milli
* updates to Use the milli's heed dependency #2210

* Update index.rs

* Update store.rs

* Update mod.rs

* cargo fmt
2022-03-16 16:34:44 +01:00
bors[bot]
b669a73432
Merge #2209
2209: rename auto batching cli r=curquiza a=MarinPostma

rename `--enable-autobatching` to `--enable-auto-batching`.

as per https://github.com/meilisearch/specifications/pull/96#issuecomment-1060693721

Co-authored-by: ad hoc <postma.marin@protonmail.com>
2022-03-07 15:58:58 +00:00
ad hoc
62ce8e0bda
chore(http): rename auto batching cli option 2022-03-07 15:19:19 +01:00
ad hoc
ddd25bfe01
remove token from InvalidToken error 2022-03-07 15:16:07 +01:00
ad hoc
19da45c53b
Update meilisearch-http/src/extractors/sequential_extractor.rs
Co-authored-by: Clément Renault <clement@meilisearch.com>
2022-03-07 15:02:07 +01:00
ad hoc
0026410c61
review edits 2022-03-07 14:21:44 +01:00
ad hoc
b57c59baa4
sequential extractor 2022-03-04 20:43:12 +01:00
ad hoc
af8a5f2c21
async auth 2022-03-02 19:25:51 +01:00
ad hoc
d6400aef27
remove async from meilsearch-authentication 2022-03-02 18:22:34 +01:00
ManyTheFish
c2b58720d1 Fix(dumps): Explicitly define serde for time 2022-03-02 11:37:48 +01:00
Rob Ede
15150db957
clippy 2022-02-28 19:03:38 +01:00
Rob Ede
3b2e467ca6
update actix-web dependency to 4.0 2022-02-28 19:03:37 +01:00
ad hoc
4fbb83a34d
bug(snapshot): Correctly open environments in snapshots 2022-02-28 12:37:30 +01:00
Tamo
6312e7f1f3
fix(analytics): flatten the scheduler options 2022-02-22 15:55:50 +01:00
Tamo
21d277a0ef
fix(all): fix two dates that were wrongly formatted 2022-02-22 11:29:11 +01:00
bors[bot]
c3e3c900f2
Merge #2173
2173: chore(all): replace chrono with time r=irevoire a=irevoire

Chrono has been unmaintained for a few month now and there is a CVE on it.

Also I updated all the error messages related to the API key as you can see here: https://github.com/meilisearch/specifications/pull/114

fix #2172

Co-authored-by: Irevoire <tamo@meilisearch.com>
2022-02-17 14:12:23 +00:00
Irevoire
05c8d81e65
chore: get rid of chrono in favor of time
Chrono has been unmaintened for a few month now and there is a CVE on it.

make clippy happy

bump milli
2022-02-16 18:14:29 +01:00
Morgane Dubus
7bcaa2fd13
Update dashboard to v0.1.9 2022-02-16 15:53:15 +01:00
Morgane Dubus
67ecd7c147
Update dashboard with v0.1.8 2022-02-16 14:10:47 +01:00
Clémentine Urquizar
e2a9414c7a
Update version (v0.26.0) 2022-02-14 16:11:07 +01:00
bors[bot]
c24b1e5250
Merge #2135
2135: bug(auth): Make API keys accept Null descriptions r=curquiza a=ManyTheFish

Fix #2116


Co-authored-by: ManyTheFish <many@meilisearch.com>
2022-02-03 15:26:11 +00:00
ManyTheFish
3bee31e6c7 bug(auth): Make API keys accept Null descriptions 2022-02-02 18:18:17 +01:00
mpostma
c9a236b0af
feat(lib): auto-batching 2022-02-01 18:06:20 +01:00
bors[bot]
622c15e825
Merge #2096
2096: feat(auth): Tenant token r=Kerollmops a=ManyTheFish

Make meilisearch support JWT authentication signed with meilisearch API keys
using HS256, HS384 or HS512 algorithms.

Related spec: [specifications#89](https://github.com/meilisearch/specifications/pull/89) [rendered](https://github.com/meilisearch/specifications/blob/scoped-api-keys/text/0089-tenant-tokens.md)
Fix #1991 


Co-authored-by: ManyTheFish <many@meilisearch.com>
2022-01-27 10:38:41 +00:00
ManyTheFish
7ca647f0d0 feat(auth): Implement Tenant token
Make meilisearch support JWT authentication signed with meilisearch API keys
using HS256, HS384 or HS512 algorithms.

Related spec: https://github.com/meilisearch/specifications/pull/89
Fix #1991
2022-01-27 08:25:39 +01:00
Clémentine Urquizar - curqui
aa50fcb1f0
Merge branch 'main' into stable 2022-01-26 20:17:41 +01:00
Tamo
72d9c5ee5c
fix(rebranding): Update the ascii art (#2118) 2022-01-26 18:53:07 +01:00
Clémentine Urquizar
8a959da120
Update MeiliSearch into Meilisearch everywhere 2022-01-26 17:43:16 +01:00
bors[bot]
c8bb54cd94
Merge #2098
2098: feat(dump): Provide the same cli options as the snapshots r=MarinPostma a=irevoire

Add two cli options for the dump:
- `--ignore-missing-dump`
- `--ignore-dump-if-db-exists`

Fix #2087

Co-authored-by: Tamo <tamo@meilisearch.com>
2022-01-26 14:32:23 +00:00
Tamo
bad4bed439
feat(dump): Provide the same cli options as the snapshots
Add two cli options for the dump:
- `--ignore-missing-dump`
- `--ignore-dump-if-db-exists`

Fix #2087
2022-01-26 14:34:06 +01:00
Tamo
7828da15c3
feat(analytics): send the whole set of cli options instead of only the snapshot 2022-01-26 13:52:41 +01:00
bors[bot]
7e2f6063ae
Merge #2099 #2108
2099: feat(analytics): Set the timestamp of the aggregated event as the first aggregate r=MarinPostma a=irevoire



2108: meta(auth): Enhance tests on authorization r=MarinPostma a=ManyTheFish

Enhance auth tests in order to be able to add new actions without changing tests.

Helping #2080 

Co-authored-by: Tamo <tamo@meilisearch.com>
Co-authored-by: ManyTheFish <many@meilisearch.com>
2022-01-24 15:13:01 +00:00
ManyTheFish
2b766a2f26 meta(auth): Enhance tests on authorization
Enhance auth tests in order to be able to add new action without changing tests
2022-01-24 15:35:39 +01:00
bors[bot]
8ae504bfb0
Merge #2101
2101: chore(all): update actix-web dependency to 4.0.0-beta.21 r=MarinPostma a=robjtede

# Pull Request

## What does this PR do?
I don't expect any more breaking changes to Actix Web that will affect Meilisearch so bump to latest beta.

Fixes #N/A?
<!-- Please link the issue you're trying to fix with this PR, if none then please create an issue first. -->

## PR checklist
Please check if your PR fulfills the following requirements:
- [ ] Does this PR fix an existing issue?
- [x] Have you read the contributing guidelines?
- [x] Have you made sure that the title is accurate and descriptive of the changes?

Thank you so much for contributing to MeiliSearch!


Co-authored-by: Rob Ede <robjtede@icloud.com>
2022-01-24 14:33:46 +00:00
bors[bot]
1be3a1e945
Merge #2075
2075: Allow payloads with no documents  r=irevoire a=MarinPostma

accept addition with 0 documents.

0 bytes payload are still refused, since they are not valid json/jsonlines/csv anyways...

close #1987


Co-authored-by: mpostma <postma.marin@protonmail.com>
2022-01-24 12:55:29 +00:00