fix: tinyauth should allow the user to access a resource if a whitelist is not setup

2025-10-28 20:55:42 +00:00 · 2025-04-08 16:24:25 +03:00
parent c664be5cc5
commit 38c5cd7b32
3 changed files with 6 additions and 2 deletions
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -295,6 +295,9 @@ func (auth *Auth) ResourceAllowed(c *gin.Context, context types.UserContext) (bo
 	// Check if user is allowed
 	if len(labels.Users) != 0 {
 		log.Debug().Msg("Checking users")
+		if len(labels.Users) == 0 {
+			return true, nil
+		}
 		if slices.Contains(labels.Users, context.Username) {
 			return true, nil
 		}