Closed Undermaken closed 1 year ago
I have mixed feelings about this. I'm afraid that the ability to hide the users page would encourage users to trust spid-testenv2 as a safe application which can be used in a production context. spid-testenv2 is only a development/demo tool and MUST NOT be used to secure production applications. With this constraint in mind, I can't see a scenario where hiding the Users page would make sense.
I think we should keep this PR open until someone suggests such a scenario. I'll be happy to merge it then :-)
This PR adds the can_view_users configuration flag to enable/disable the access to users list section