Merge pull request #1787 from goldquest/dev_nopass_whensession

Grant access for valid session to password protected group pads so, if user has valid session, they don't need the password
author: Marcel Klehr <mklehr@gmx.net> 2014-06-17 14:01:16 +0200
committer: Marcel Klehr <mklehr@gmx.net> 2014-06-17 14:01:16 +0200
commit: b1b972a2b45756eb6676ec06a353647618e58a13 (patch)
tree: f6fdbac87d56176c3d998561357d4cfc603ec4ec /src/node/db
parent: c627608ea5c86410c9dd53e8a157b12e4c1fe3b2 (diff)
parent: 842e09a7adde3da2c67099578912906f317013d4 (diff)
download: etherpad-lite-b1b972a2b45756eb6676ec06a353647618e58a13.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/src/node/db/SecurityManager.js b/src/node/db/SecurityManager.js
index 6388f096..df3c3826 100644
--- a/src/node/db/SecurityManager.js
+++ b/src/node/db/SecurityManager.js
@@ -223,6 +223,12 @@ exports.checkAccess = function (padID, sessionCookie, token, password, callback)
           //--> grant access
           statusObject = {accessStatus: "grant", authorID: sessionAuthor};
         }
+        //- the setting to bypass password validation is set
+        else if(settings.sessionNoPassword)
+        {
+          //--> grant access
+          statusObject = {accessStatus: "grant", authorID: sessionAuthor};
+        }
         //- the pad is password protected and password is correct
         else if(isPasswordProtected && passwordStatus == "correct")
         {
author	Marcel Klehr <mklehr@gmx.net>	2014-06-17 14:01:16 +0200
committer	Marcel Klehr <mklehr@gmx.net>	2014-06-17 14:01:16 +0200
commit	b1b972a2b45756eb6676ec06a353647618e58a13 (patch)
tree	f6fdbac87d56176c3d998561357d4cfc603ec4ec /src/node/db
parent	c627608ea5c86410c9dd53e8a157b12e4c1fe3b2 (diff)
parent	842e09a7adde3da2c67099578912906f317013d4 (diff)
download	etherpad-lite-b1b972a2b45756eb6676ec06a353647618e58a13.zip