csoni111
commented
6 years ago To re enable auth check for everyone sometime in future, we only need to remove the isAdmin method and keep only else part in authMiddleware, shareReadAccess and shareWriteAccess in auth.go file.
It disables auth check (so no 401 or 403 status codes are sent) so that older clients do not start throwing errors but if an
Authorizationheader is supplied (by newer clients), then sends appropriate response (ex limiting shares to what that user can see).