Add option to enable `freely` permission in closed instance

Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>

3 files changed, 3 insertions, 1 deletions

diff --git a/lib/config/default.js b/lib/config/default.js
index 40803476..000c154a 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -16,6 +16,7 @@ module.exports = {
   protocolusessl: false,
   usecdn: true,
   allowanonymous: true,
+  allowanonymousedits: false,
   allowfreeurl: false,
   defaultpermission: 'editable',
   dburl: '',
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 5a297382..eedd4913 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -18,6 +18,7 @@ module.exports = {
   alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
   usecdn: toBooleanConfig(process.env.HMD_USECDN),
   allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
+  allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
   allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
   defaultpermission: process.env.HMD_DEFAULT_PERMISSION,
   dburl: process.env.HMD_DB_URL,
diff --git a/lib/config/index.js b/lib/config/index.js
index d44207bf..3d22c3c3 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -49,7 +49,7 @@ if (config.ldap.tlsca) {
 
 // Permission
 config.permission = Permission
-if (!config.allowanonymous) {
+if (!config.allowanonymous && !config.allowanonymousedits) {
   delete config.permission.freely
 }
 if (!(config.defaultpermission in config.permission)) {