From 05bdece65af3fbbeed8d4e25d7930db99560c672 Mon Sep 17 00:00:00 2001
From: Jakub Kadlčík <frostyx@email.cz>
Date: Mar 30 2017 09:21:39 +0000
Subject: Don't allow NO_AUTH to be anything


---

diff --git a/module_build_service/auth.py b/module_build_service/auth.py
index 8bfb9eb..b416934 100644
--- a/module_build_service/auth.py
+++ b/module_build_service/auth.py
@@ -83,7 +83,7 @@ def get_user(request):
     Returns the client's username and groups based on the OIDC token provided.
     """
 
-    if app.config['NO_AUTH']:
+    if app.config['NO_AUTH'] is True:
         log.debug("Authorization is disabled.")
         return "anonymous", {"packager"}
 
diff --git a/module_build_service/views.py b/module_build_service/views.py
index 759f919..6810e0e 100644
--- a/module_build_service/views.py
+++ b/module_build_service/views.py
@@ -100,7 +100,7 @@ class ModuleBuildAPI(MethodView):
         else:
             handler = SCMHandler(request)
 
-        if conf.no_auth and handler.username == "anonymous" and "owner" in handler.data:
+        if conf.no_auth is True and handler.username == "anonymous" and "owner" in handler.data:
             handler.username = handler.data["owner"]
 
         if conf.allowed_groups and not (conf.allowed_groups & handler.groups):