omnigollum icon indicating copy to clipboard operation
omnigollum copied to clipboard

Published 20 hours ago verified publisher icon arr2036

authorized_users documentation vs code

Open ghost opened this issue 8 years ago • 2 comments

The default option :authorized_users => [] and the code that checks if a user is authorized (when Rexexp, when Array, else) implies that the default option for authorized users is actually an empty list, rather than all authenticated users.

The README still says:

By default, any authenticated user will be able to access the protected routes. Restrict this by setting the authorized_users option.

But, with the default option, an authenticated user will get: User was not found in the authorized users list

In practice, this default-open setting can be enabled by setting :authorized_users => nil in the config.rb file.

ghost avatar Sep 02 '16 00:09 ghost

I'd consider this a bug. It behaved different in older versions. The default was probably actually nil.

tnt avatar May 08 '17 10:05 tnt

Thank you for this issue! I was having trouble as well with following the docs. Manually assigning to nil makes everything work perfectly :)

cmazakas avatar Nov 30 '17 22:11 cmazakas