Skip to content

MxLint

001_0001 - AnonymousDisabled

mxlint/mxlint-docs

001_0001 - AnonymousDisabled

Disable anonymous/guest access in Project Security

Metadata

authors:
- Xiwen Cheng <x@cinaq.com>
category: Security
input: Security$ProjectSecurity.yaml
rulename: AnonymousDisabled
rulenumber: '001_0001'
scope: package
severity: HIGH

Description

No anonymous means every user must have valid login session or credentials

Remediation

Disable anonymous/guest access in Project Security

Test cases

package app.mendix.project_settings.anonymous_disabled
import rego.v1

# Test cases
test_allow if {
    allow with input as {"EnableGuestAccess": false}
}
test_no_allow if {
    not allow with input as {"EnableGuestAccess": true}
}