fix: remove Method::Options auth check (#168)

* fix: remove Method::Options auth check * add tests --------- Co-authored-by: sigoden <sigoden@gmail.com>
2023-02-19 12:30:14 +08:00 · 2023-02-19 12:30:14 +08:00 · 0000bd27f5
commit 0000bd27f5
parent 47883376c1
2 changed files with 15 additions and 0 deletions
--- a/src/auth.rs
+++ b/src/auth.rs
@ -82,6 +82,11 @@ impl AccessControl {
        if self.rules.is_empty() {
            return GuardType::ReadWrite;
        }
+
+        if method == Method::OPTIONS {
+            return GuardType::ReadOnly;
+        }
+
        let mut controls = vec![];
        for path in walk_path(path) {
            if let Some(control) = self.rules.get(path) {
--- a/tests/auth.rs
+++ b/tests/auth.rs
@ -35,6 +35,16 @@ fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result
    Ok(())
 }

+#[rstest]
+fn auth_skip_on_options_method(
+    #[with(&["--auth", "/@user:pass"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"OPTIONS", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
 #[rstest]
 fn auth_readonly(
    #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,