Open lukaslau opened 4 months ago
The collections:*
permission allows you to do collections:list
which is why you are able to list all collections.
Yes but if the key is scoped it should return collections from key's scope when listing all collections
Description
I created a scoped key which should only access collections which starts with "name_.*". When I call retrieve all collections method I get a collection named "test" in a result set.
Steps to reproduce
Created a key with this json:
{ "description": "Write key", "actions": [ "collections:*", "documents:*", "synonyms:*" ], "collections": [ "name_.*" ], "value": "3859c47b98b78a573a1a7b00071e2108" }
Made a request with that API key to get all collections Response:
[ { "created_at": 1709418276, "default_sorting_field": "", "enable_nested_fields": false, "fields": [ { "facet": false, "index": true, "infix": false, "locale": "", "name": ".*", "optional": true, "sort": false, "type": "auto" } ], "name": "name_1", "num_documents": 0, "symbols_to_index": [], "token_separators": [] }, { "created_at": 1709415257, "default_sorting_field": "", "enable_nested_fields": false, "fields": [ { "facet": false, "index": true, "infix": false, "locale": "", "name": ".*", "optional": true, "sort": false, "type": "auto" } ], "name": "test", "num_documents": 0, "symbols_to_index": [], "token_separators": [] } ]
Expected Behavior
If you create a scoped key with defined collections name pattern you should not get collections not matching that pattern when calling "/collections" method to get all collections.
Actual Behavior
It works good if you try to get one collection by name but not when you try to get all collections.
Metadata
Typesense Version: latest
OS: debian