diff --git a/src/auth.rs b/src/auth.rs
index 881542b..70cbd10 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -229,8 +229,8 @@ impl AccessPaths {
 pub enum AccessPerm {
     #[default]
     IndexOnly,
-    ReadWrite,
     ReadOnly,
+    ReadWrite,
 }
 
 impl AccessPerm {
@@ -519,4 +519,16 @@ mod tests {
         assert_eq!(paths.find("dir2", true), None);
         assert!(paths.find("dir1/file", true).is_some());
     }
+
+    #[test]
+    fn test_access_paths_perm() {
+        let mut paths = AccessPaths::default();
+        assert_eq!(paths.perm(), AccessPerm::IndexOnly);
+        paths.set_perm(AccessPerm::ReadOnly);
+        assert_eq!(paths.perm(), AccessPerm::ReadOnly);
+        paths.set_perm(AccessPerm::ReadWrite);
+        assert_eq!(paths.perm(), AccessPerm::ReadWrite);
+        paths.set_perm(AccessPerm::ReadOnly);
+        assert_eq!(paths.perm(), AccessPerm::ReadWrite);
+    }
 }
diff --git a/tests/auth.rs b/tests/auth.rs
index 7b97397..6a0cbde 100644
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -29,6 +29,23 @@ fn auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Resu
     Ok(())
 }
 
+#[rstest]
+fn auth_and_public(
+    #[with(&["--auth", "user:pass@/:rw|@/", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.text()?, "abc");
+    Ok(())
+}
+
 #[rstest]
 fn auth_skip(#[with(&["--auth", "@/"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;