Auth: setup a public rule

2020-05-15 10:24:30 +01:00 · 2020-05-15 10:24:30 +01:00 · 4d2de923cd
commit 4d2de923cd
parent f64b1468a5
1 changed files with 7 additions and 1 deletions
--- a/auth/service/service.go
+++ b/auth/service/service.go
@ -203,7 +203,13 @@ var ruleJoinKey = ":"
 // accessForRule returns a rule status, indicating if a rule permits access to a
 // resource for a given account
 func accessForRule(rule *pb.Rule, acc *auth.Account, res *auth.Resource) pb.Access {
-	if rule.Role == "*" {
+	// a blank role permits access to the public
+	if rule.Role == "" {
+		return rule.Access
+	}
+
+	// a * role permits access to any user
+	if rule.Role == "*" && acc != nil {
 		return rule.Access
 	}