Fix checking for username when token is present.

fd228b09 · Juliusz Chroboczek · 0416976e · fd228b09
Commit fd228b09 authored Apr 29, 2022 by Juliusz Chroboczek
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 5 deletions

group/group.go group/group.go +7 -5

No files found.
--- a/group/group.go
+++ b/group/group.go
@@ -1075,11 +1075,10 @@ func GetDescription(name string) (*Description, error) {
 }

 func (desc *Description) GetPermission(group string, creds ClientCredentials) (string, []string, error) {
-	if !desc.AllowAnonymous && creds.Username == "" {
-		return "", nil, ErrAnonymousNotAuthorised
-	}
-
 	if creds.Token == "" {
+		if !desc.AllowAnonymous && creds.Username == "" {
+			return "", nil, ErrAnonymousNotAuthorised
+		}
 		if found, good := matchClient(group, creds, desc.Op); found {
 			if good {
 				var p []string
@@ -1111,6 +1110,9 @@ func (desc *Description) GetPermission(group string, creds ClientCredentials) (s
 		log.Printf("Token authentication: %v", err)
 		return "", nil, ErrNotAuthorised
 	}
+	if !desc.AllowAnonymous && sub == "" {
+		return "", nil, ErrAnonymousNotAuthorised
+	}
 	conf, err := GetConfiguration()
 	if err != nil {
 		log.Printf("Read config.json: %v", err)
@@ -1154,7 +1156,7 @@ type Status struct {
 	ClientCount *int   `json:"clientCount,omitempty"`
 }

-func (g *Group) Status (authentified bool) Status {
+func (g *Group) Status(authentified bool) Status {
 	desc := g.Description()
 	d := Status{
 		Name:        g.name,