odysseus

Salastil/odysseus

Fork 0

mirror of https://github.com/pewdiepie-archdaemon/odysseus.git synced 2026-06-23 05:05:24 -04:00

Commit Graph

Author	SHA1	Message	Date
Rudra Sarker	8ec27fd903	fix: document read fails with 403 when auth is disabled (#4623 ) * fix: document read fails with 403 when auth is disabled Add _auth_disabled() bypass in _verify_doc_owner() and the /api/documents/{session_id} route guard so documents remain accessible in single-user / no-auth mode. Minimal change: only adds the auth-disabled check alongside existing 403 raises — preserves existing formatting and line endings. * refactor: hoist _auth_disabled import to module level Address reviewer feedback on PR #4623 — no circular import exists (src.auth_helpers only imports stdlib + fastapi), so the inline imports are unnecessary. Moves the import to module top in both document_helpers.py and document_routes.py. * test: add regression tests for auth-disabled document access (PR #4623)	2026-06-22 21:01:11 +02:00

Author

SHA1

Message

Date

Rudra Sarker

8ec27fd903

fix: document read fails with 403 when auth is disabled (#4623 )

* fix: document read fails with 403 when auth is disabled

Add _auth_disabled() bypass in _verify_doc_owner() and the
/api/documents/{session_id} route guard so documents remain accessible
in single-user / no-auth mode.

Minimal change: only adds the auth-disabled check alongside existing
403 raises — preserves existing formatting and line endings.

* refactor: hoist _auth_disabled import to module level

Address reviewer feedback on PR #4623 — no circular import exists
(src.auth_helpers only imports stdlib + fastapi), so the inline
imports are unnecessary. Moves the import to module top in both
document_helpers.py and document_routes.py.

* test: add regression tests for auth-disabled document access (PR #4623)

2026-06-22 21:01:11 +02:00

1 Commits