2787: Anonymous Access not synced with settings

ppr***@liwja****** (Google Code) (Is this you? Claim this profile.)
chipx86
chipx86
Dec. 10, 2012
What version are you running?

1.6.13

What's the URL of the page containing the problem?

admin/settings/authentication/

What steps will reproduce the problem?
1. Check "Allow anonymous read-only access"
2. Click "Save"

What is the expected output? What do you see instead?

Expected:
"The settings have been saved."
Checkbox checked

Actual:
"The settings have been saved."
Checkbox unchecked

What operating system are you using? What browser?

CentOS 6.3, Firefox 16

Please provide any additional information below.

It seems like anonymous access is indeed enabled, but from within the settings module it is impossible to see whether it is enabled or not.
#1 geoff.******@gmai***** (Google Code) (Is this you? Claim this profile.)
This bug makes it impossible to disable anonymous access once it has been enabled, without manually editing the JSON site settings stored in the database.

This bug also makes it possible for someone to surreptitiously or accidentally turn on anonymous access, with no way to audit that it has been enabled via the UI.
chipx86
#2 chipx86
Fixed on release-1.6.x (92b3def)
  • +Fixed
  • +Milestone-Release1.6.x
    +Component-Admin
    +Component-Settings
  • +chipx86