search

carbon-io / carbond

MIT License
2 stars 5 forks source link

CollectionOperationConfig.allowUnauthenticated doesn't do anything #232

Closed tfogo closed 6 years ago

tfogo commented 7 years ago

CollectionOperationConfig.allowUnauthenticated looks like it should allow unauthenticated requests to the operation if set to true.

It actually does nothing. What works is setting allowUnauthenticated on the Collection to an array of methods (e.g. allowUnauthenticated: ['post', 'put'])

Do we want to be able to define allowUnauthenticated in both places? If so, we'll need to fix it so that defining it on CollectionOperationConfig works. We should also set allowUnauthenticated to a default in Collection for the purposes of documentation. It might make sense to change it to allowedUnauthenticatedMethods to avoid confusion since it isn't boolean.

This issue is also in the collection-overhaul branch.

gregbanks commented 6 years ago

should allowUnauthenticated be an object instead of an array (similar to Collection.enabled)?