-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ACL for subscriptions are disabled globally #795
Comments
Can you elaborate on this please? example config, what branch/version of code you're working with? |
master The issue is, while it is true for the default plugin, the subscription ACLs are never neforeced at all, no matter which plugin. The proper solution would be to put the (disabled) checks in the default plugin, but remove the |
You'll be happy to hear that version 1.5 does pass acl subscription checks to the authentication plugins. |
@ralight is 1.4.15 not going to receive this fix? Otherwise I have to stick with a custom patched instance. |
@drahnr I'm afraid that 1.4.x will not get this, because it is a change in functionality rather than a fix. |
Instead of disabling ACL checks for the default security plugin, all auth plugins can not filter subscriptions.
The text was updated successfully, but these errors were encountered: