Fix if no permission exist

This commit is contained in:
Kay0u 2020-01-29 18:24:25 +07:00
parent 02b4ecec8c
commit f74619020d
No known key found for this signature in database
GPG key ID: 7FF262C033518333

View file

@ -267,16 +267,17 @@ end
function has_access(user) function has_access(user)
user = user or authUser user = user or authUser
logger.debug("User "..user.." try to access "..ngx.var.uri)
-- Get the longest url permission -- Get the longest url permission
longest_permission_match = longest_url_path(permission_matches()) or "" longest_permission_match = longest_url_path(permission_matches()) or ""
logger.debug("Longest permission match : "..longest_permission_match) logger.debug("Longest permission match : "..longest_permission_match)
-- If no permission matches, it means that there is no -- If no permission matches, it means that there is no permission defined for this url.
-- permission defined for this url, a logged-in user can access it.
if longest_permission_match == "" then if longest_permission_match == "" then
logger.debug("No access rules defined for user "..user..", assuming it can access.") logger.debug("No access rules defined for user "..user..", assuming it cannot access.")
return true return false
end end
-- All user in this permission -- All user in this permission