Don't allow NO_AUTH to be anything

2026-02-08 15:53:18 +08:00 · 2017-03-30 10:51:34 +02:00
parent 9a296ee451
commit 05bdece65a
2 changed files with 2 additions and 2 deletions
--- a/module_build_service/auth.py
+++ b/module_build_service/auth.py
@@ -83,7 +83,7 @@ def get_user(request):
    Returns the client's username and groups based on the OIDC token provided.
    """

-    if app.config['NO_AUTH']:
+    if app.config['NO_AUTH'] is True:
        log.debug("Authorization is disabled.")
        return "anonymous", {"packager"}

--- a/module_build_service/views.py
+++ b/module_build_service/views.py
@@ -100,7 +100,7 @@ class ModuleBuildAPI(MethodView):
        else:
            handler = SCMHandler(request)

-        if conf.no_auth and handler.username == "anonymous" and "owner" in handler.data:
+        if conf.no_auth is True and handler.username == "anonymous" and "owner" in handler.data:
            handler.username = handler.data["owner"]

        if conf.allowed_groups and not (conf.allowed_groups & handler.groups):