fix: no authentication check if no auth users

diff --git a/src/auth.rs b/src/auth.rs
index 87c938847ba2c87b3b14653a14d093401def6724..02e965c49cea07686197dbc1a18e4b5197ee00e1 100644 (file)
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -102,6 +102,9 @@ impl AccessControl {
         authorization: Option<&HeaderValue>,
         guard_options: bool,
     ) -> (Option<String>, Option<AccessPaths>) {
+        if self.users.is_empty() {
+            return (None, Some(AccessPaths::new(AccessPerm::ReadWrite)));
+        }
         if let Some(authorization) = authorization {
             if let Some(user) = get_auth_user(authorization) {
                 if let Some((pass, paths)) = self.users.get(&user) {

diff --git a/tests/auth.rs b/tests/auth.rs
index 00a520504736f6fe661333c663ccb11e3531f441..4b0e7e09557b66031259e497af075b75dde2e7fa 100644 (file)
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -115,6 +115,16 @@ fn auth_skip_on_options_method(
     Ok(())
 }
 
+#[rstest]
+fn auth_skip_if_no_auth_user(server: TestServer) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url)
+        .basic_auth("user", Some("pass"))
+        .send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
 #[rstest]
 fn auth_check(
     #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,