impl not strictly processing for loginRequired

lib/models/config.js

@@ -218,6 +218,16 @@ module.exports = function(crowi) {
     return method != 'none';
   };
 
+  configSchema.statics.isGuesstAllowedToRead = function(config)
+  {
+    // return false if undefined
+    if (undefined === config.crowi || undefined === config.crowi['security:restrictGuestMode']) {
+      return false;
+    }
+
+    return SECURITY_RESTRICT_GUEST_MODE_READONLY === config.crowi['security:restrictGuestMode'];
+  };
+
   configSchema.statics.isEnabledPlugins = function(config)
   {
     var defaultValue = getArrayForInstalling()['plugin:isEnabledPlugins'];

lib/util/middlewares.js

@@ -188,7 +188,13 @@ exports.loginRequired = function(crowi, app, isStrictly = true) {
 
     // when the route is not strictly restricted
     if (!isStrictly) {
-      // TODO check guest access option
+      var config = req.config;
+      var Config = crowi.model('Config');
+
+      // when allowed to read
+      if (Config.isGuesstAllowedToRead(config)) {
+        return next();
+      }
     }
 
     if (req.user && '_id' in req.user) {