skip auth check if no users defined

This commit is contained in:
Kyle Klaus 2020-05-09 09:48:50 -07:00
parent 64922f07ff
commit df73c2a458
3 changed files with 8 additions and 6 deletions

View File

@ -71,7 +71,7 @@ const internalAccessList = {
// re-fetch with expansions // re-fetch with expansions
return internalAccessList.get(access, { return internalAccessList.get(access, {
id: data.id, id: data.id,
expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items']
}, true /* <- skip masking */); }, true /* <- skip masking */);
}) })
.then((row) => { .then((row) => {
@ -216,7 +216,7 @@ const internalAccessList = {
// re-fetch with expansions // re-fetch with expansions
return internalAccessList.get(access, { return internalAccessList.get(access, {
id: data.id, id: data.id,
expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients'] expand: ['owner', 'items', 'clients', 'proxy_hosts.access_list.clients', 'proxy_hosts.access_list.items']
}, true /* <- skip masking */); }, true /* <- skip masking */);
}) })
.then((row) => { .then((row) => {
@ -254,7 +254,7 @@ const internalAccessList = {
.joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0') .joinRaw('LEFT JOIN `proxy_host` ON `proxy_host`.`access_list_id` = `access_list`.`id` AND `proxy_host`.`is_deleted` = 0')
.where('access_list.is_deleted', 0) .where('access_list.is_deleted', 0)
.andWhere('access_list.id', data.id) .andWhere('access_list.id', data.id)
.allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients]') .allowEager('[owner,items,clients,proxy_hosts,proxy_hosts.access_list.clients,proxy_hosts.access_list.items]')
.omit(['access_list.is_deleted']) .omit(['access_list.is_deleted'])
.first(); .first();

View File

@ -73,7 +73,7 @@ const internalProxyHost = {
// re-fetch with cert // re-fetch with cert
return internalProxyHost.get(access, { return internalProxyHost.get(access, {
id: row.id, id: row.id,
expand: ['certificate', 'owner', 'access_list.clients'] expand: ['certificate', 'owner', 'access_list.clients', 'access_list.items']
}); });
}) })
.then((row) => { .then((row) => {
@ -186,7 +186,7 @@ const internalProxyHost = {
.then(() => { .then(() => {
return internalProxyHost.get(access, { return internalProxyHost.get(access, {
id: data.id, id: data.id,
expand: ['owner', 'certificate', 'access_list.clients'] expand: ['owner', 'certificate', 'access_list.clients', 'access_list.items']
}) })
.then((row) => { .then((row) => {
// Configure nginx // Configure nginx
@ -219,7 +219,7 @@ const internalProxyHost = {
.query() .query()
.where('is_deleted', 0) .where('is_deleted', 0)
.andWhere('id', data.id) .andWhere('id', data.id)
.allowEager('[owner,access_list,access_list.clients,certificate]') .allowEager('[owner,access_list,access_list.clients,access_list.items,certificate]')
.first(); .first();
if (access_data.permission_visibility !== 'all') { if (access_data.permission_visibility !== 'all') {

View File

@ -23,9 +23,11 @@ server {
location / { location / {
{% if access_list_id > 0 %} {% if access_list_id > 0 %}
{% if access_list.items.length > 0 %}
# Authorization # Authorization
auth_basic "Authorization required"; auth_basic "Authorization required";
auth_basic_user_file /data/access/{{ access_list_id }}; auth_basic_user_file /data/access/{{ access_list_id }};
{% endif %}
# Access Rules # Access Rules
{% for client in access_list.clients %} {% for client in access_list.clients %}