Skip to content

Commit

Permalink
fix: no authentication check if no auth users
Browse files Browse the repository at this point in the history
  • Loading branch information
sigoden committed Dec 11, 2024
1 parent bc6c573 commit ab4ef06
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,9 @@ impl AccessControl {
authorization: Option<&HeaderValue>,
guard_options: bool,
) -> (Option<String>, Option<AccessPaths>) {
if self.users.is_empty() {
return (None, Some(AccessPaths::new(AccessPerm::ReadWrite)));
}
if let Some(authorization) = authorization {
if let Some(user) = get_auth_user(authorization) {
if let Some((pass, paths)) = self.users.get(&user) {
Expand Down
10 changes: 10 additions & 0 deletions tests/auth.rs
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,16 @@ fn auth_skip_on_options_method(
Ok(())
}

#[rstest]
fn auth_skip_if_no_auth_user(server: TestServer) -> Result<(), Error> {
let url = format!("{}index.html", server.url());
let resp = fetch!(b"GET", &url)
.basic_auth("user", Some("pass"))
.send()?;
assert_eq!(resp.status(), 200);
Ok(())
}

#[rstest]
fn auth_check(
#[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
Expand Down

0 comments on commit ab4ef06

Please sign in to comment.