fix: allow oauth resource when oauth whitelist is empty

2025-10-28 04:35:40 +00:00 · 2025-03-10 16:22:32 +02:00
parent c0ffe3faf4
commit 3649d0d84e
1 changed files with 4 additions and 1 deletions
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -162,7 +162,10 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext) (bo
 	// Check if resource is allowed
 	allowed, allowedErr := auth.Docker.ContainerAction(appId, func(labels types.TinyauthLabels) (bool, error) {
 		// If the container has an oauth whitelist, check if the user is in it
-		if context.OAuth && len(labels.OAuthWhitelist) != 0 {
+		if context.OAuth {
+			if len(labels.OAuthWhitelist) == 0 {
+				return true, nil
+			}
 			log.Debug().Msg("Checking OAuth whitelist")
 			if slices.Contains(labels.OAuthWhitelist, context.Username) {
 				return true, nil