From 2cf98c47a812b551b49500971fd75964e59a7dee Mon Sep 17 00:00:00 2001
From: umorigu <umorigu@gmail.com>
Date: Sun, 27 Mar 2022 01:49:30 +0900
Subject: [PATCH] BugTrack/2565 Fix read_auth and edit_auth apply condition

* if $read_auth is 0, is_page_readable() always returns TRUE
* if $edit_auth is 0, is_page_writable() always returns TRUE
---
 lib/auth.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/auth.php b/lib/auth.php
index 83aaafe..ba9aa36 100644
--- a/lib/auth.php
+++ b/lib/auth.php
@@ -244,7 +244,10 @@ function check_editable($page, $auth_enabled = TRUE, $exit_on_fail = TRUE)
  * Whether the page is readable from current user or not.
  */
 function is_page_readable($page) {
-	global $read_auth_pages;
+	global $read_auth_pages, $read_auth;
+	if (!$read_auth) {
+		return TRUE;
+	}
 	return _is_page_accessible($page, $read_auth_pages);
 }
 
@@ -252,7 +255,10 @@ function is_page_readable($page) {
  * Whether the page is writable from current user or not.
  */
 function is_page_writable($page) {
-	global $edit_auth_pages;
+	global $edit_auth_pages, $edit_auth;
+	if (!$edit_auth) {
+		return TRUE;
+	}
 	return _is_page_accessible($page, $edit_auth_pages);
 }
 
-- 
2.11.0