fix(auth): clean up rename and null-owner ownership (#4340)

2026-06-17 10:15:27 -04:00 · 2026-06-16 05:33:02 +03:00
parent 745c10e0d7
commit 4d10c16d02
14 changed files with 557 additions and 14 deletions
@@ -102,8 +102,11 @@ def _owner_session_filter(q, user):

    The owner backfill runs in init_db before the app serves requests, so
    by the time this filter is live there are no NULL-owner rows to leak;
-    we therefore match the owner strictly."""
-    if user is None:
+    we therefore match the owner strictly for authenticated callers."""
+    if not user:
+        from src.auth_helpers import _auth_disabled
+        if user == "" or _auth_disabled():
+            return q
        return q.filter(False)
    return q.filter(Document.owner == user)