Self-contradicting documentation about `Order` directive

[porridge]

Describe the bug

The published policies documentation seems to document the same directive as allowing all access in most places, but as denying all access in another place. Either I'm missing something (but then another casual reader would be confused too), or at least one example is wrong.

I think the source for the aforementioned page is https://github.com/OpenPrinting/cups/blob/master/doc/help/policies.html so I'm using that document to point at individual lines below.

The question is about the meaning of Order deny,allow.

Places which document it to mean "allow all access":

1. The "Order deny,allow" line at the end of both Limit subsections allows the request to come from any system allowed by the Location sections elsewhere in the cupsd.conf file.
2. In this case, all other operations are allowed without a username or authentication:
3. For example, if you want to allow any user to cancel any other users' jobs, you can change the Cancel-Job limits to:

Place which documents it to mean "deny all access":

1. Deny Everyone/Disable Operation(s)

IIRC in Apache the meaning of a directive could change depending on other directives in the same section, but in at least some the above cases, there are no other directives.

[michaelrsweet]

Order deny,allow means "allow by default, process Deny directives then Allow directives".

Order allow,deny means "deny by default, process Allow directives then Deny directives".

Later versions of Apache have done away with Order because it can be confusing... :)

[Gmin2]

Can o give it a try @michaelrsweet