anonymous user can see all private wikis
|Reported by:||anonymous||Owned by:||Eric Hodges|
I'm appriciate privatewikiplugin. However I have odd spec and report you. in api.py:
25 def check_permission(self, action, username, resource, perm): 26 if username == 'anonymous' or resource is None or resource.id is None: 27 return None
anonymous user can access all private wiki. IMO, you don't give permisson anonymous user to access private wiki.