fix: improve security by deprecating creating users with public access by default (#7319)

2021-10-08 14:24:20 +11:00
parent 2b5bf2261b
commit 484c2e81ca
10 changed files with 86 additions and 28 deletions
--- a/src/Options/docs.js
+++ b/src/Options/docs.js
@@ -28,6 +28,7 @@
 * @property {Boolean} enableAnonymousUsers Enable (or disable) anonymous users, defaults to true
 * @property {Boolean} enableExpressErrorHandler Enables the default express error handler for all errors
 * @property {String} encryptionKey Key for encrypting your files
+ * @property {Boolean} enforcePrivateUsers Set to true if new users should be created without public read and write access.
 * @property {Boolean} expireInactiveSessions Sets whether we should expire the inactive sessions, defaults to true. If false, all new sessions are created with no expiration date.
 * @property {String} fileKey Key for your files
 * @property {Adapter<FilesAdapter>} filesAdapter Adapter module for the files sub-system