[PR #917] [MERGED] user.Manager: fix ACL write, read order #1462

New issue

Closed

opened 2026-05-07 01:02:13 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented

2026-05-07 01:02:13 +02:00

Owner

📋 Pull Request Information

Original PR: https://github.com/binwiederhier/ntfy/pull/917
Author: @sandman7920
Created: 10/13/2023
Status: ✅ Merged
Merged: 11/19/2023
Merged by: @binwiederhier

Base: main ← Head: main

📝 Commits (7)

5c9cebf user.Manager: fix ACL write, read order
7a5572a user.Manager: further improve ACL write/read order
afd6d2e Default_DenyAll: move the longest rule on top
5437093 TestManager_UserManagement: move the longest rule on top
ff2a354 TestMigrationFrom1: move the longest rule on top
0ff1f65 TestMigrationFrom4: move the longest rule on top
1aa82ff FullScenario_Default_DenyAll: add user "john" test case

📊 Changes

2 files changed (+46 additions, -12 deletions)

View changed files

📝 user/manager.go (+3 -3)
📝 user/manager_test.go (+43 -9)

📄 Description

This should fix read-only access to topic * being applied before read-write access to topic _PREFIX_* Before this if we have:

ntfy access user "mytopic*" rw
ntfy access user "*" ro

read-only access rule was applied first and user couldn't write to mytopic*

See #914

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/binwiederhier/ntfy/pull/917 **Author:** [@sandman7920](https://github.com/sandman7920) **Created:** 10/13/2023 **Status:** ✅ Merged **Merged:** 11/19/2023 **Merged by:** [@binwiederhier](https://github.com/binwiederhier) **Base:** `main` ← **Head:** `main` --- ### 📝 Commits (7) - [`5c9cebf`](https://github.com/binwiederhier/ntfy/commit/5c9cebf0597749c9c1b869b631cd3a31b18b79d9) user.Manager: fix ACL write, read order - [`7a5572a`](https://github.com/binwiederhier/ntfy/commit/7a5572ad7cfa62a412b11e30f51c4a2004082b0a) user.Manager: further improve ACL write/read order - [`afd6d2e`](https://github.com/binwiederhier/ntfy/commit/afd6d2e0ee17e785688036861413c56aec412a08) Default_DenyAll: move the longest rule on top - [`5437093`](https://github.com/binwiederhier/ntfy/commit/543709336cc10168f52f5765f2d88b45537bfc8b) TestManager_UserManagement: move the longest rule on top - [`ff2a354`](https://github.com/binwiederhier/ntfy/commit/ff2a3543337456a8866169264ba8be21147cb915) TestMigrationFrom1: move the longest rule on top - [`0ff1f65`](https://github.com/binwiederhier/ntfy/commit/0ff1f6520a14b57ecbe7b46588531482d4583721) TestMigrationFrom4: move the longest rule on top - [`1aa82ff`](https://github.com/binwiederhier/ntfy/commit/1aa82ff06a71d27630262bf099f171d57f7e2306) FullScenario_Default_DenyAll: add user "john" test case ### 📊 Changes **2 files changed** (+46 additions, -12 deletions) <details> <summary>View changed files</summary> 📝 `user/manager.go` (+3 -3) 📝 `user/manager_test.go` (+43 -9) </details> ### 📄 Description This should fix `read-only access to topic *` being applied before `read-write access to topic _PREFIX_*` Before this if we have: ``` ntfy access user "mytopic*" rw ntfy access user "*" ro ``` read-only access rule was applied first and user couldn't write to mytopic* See #914 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>