snowykami/meilisearch
1
0
Fork 0
mirror of https://github.com/meilisearch/meilisearch.git synced 2025-07-27 08:41:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow management key to read other keys

Browse Source
This commit is contained in:
Mubelotix
2025-06-19 11:52:58 +02:00
parent 11fedea788
commit f50e586a4f
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crates/meilisearch-types/src/keys.rs
View File

@ -148,8 +148,8 @@ impl Key {
let now = OffsetDateTime::now_utc(); let now = OffsetDateTime::now_utc();
let uid = Uuid::from_u128(1); let uid = Uuid::from_u128(1);
Self { Self {
name: Some("Read-only Admin key".to_string()), name: Some("Default Read-Only Admin API Key".to_string()),
description: Some("Use it to peek into the instance in a read-only mode. Caution! Do not expose it on a public frontend".to_string()), description: Some("Use it to peek into the instance in a read-only mode. Caution! Do not expose it on a public frontend. It would give access to all other keys".to_string()),
uid, uid,
actions: vec![Action::AllRead], actions: vec![Action::AllRead],
indexes: vec![IndexUidPattern::all()], indexes: vec![IndexUidPattern::all()],
@ -444,7 +444,7 @@ impl Action {
SnapshotsCreate => false, SnapshotsCreate => false,
Version => true, Version => true,
KeysAdd => false, KeysAdd => false,
KeysGet => false, // Prevent privilege escalation by not allowing reading other keys. KeysGet => true,
KeysUpdate => false, KeysUpdate => false,
KeysDelete => false, KeysDelete => false,
ExperimentalFeaturesGet => true, ExperimentalFeaturesGet => true,