From 5ce5bba4be25f738e7bcd847b0391961b5ede83c Mon Sep 17 00:00:00 2001
From: Paolo Tormene <paolo.tormene@globalquakemodel.org>
Date: Thu, 28 Sep 2023 12:07:18 +0200
Subject: [PATCH 1/2] Do not allow all users to see other users outputs by
 defualt

---
 openquake/server/settings.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openquake/server/settings.py b/openquake/server/settings.py
index b7fe1c42edc6..44e703e728ee 100644
--- a/openquake/server/settings.py
+++ b/openquake/server/settings.py
@@ -111,8 +111,8 @@
 
 # Authentication is not enabled by default
 LOCKDOWN = False
-# Allow all users to see other users outputs by default
-ACL_ON = False
+# Forbid users to see other users outputs by default
+ACL_ON = True
 
 # Add additional paths (as regular expressions) that don't require
 # authentication.

From 1fb92fa51dcb34f8607772c1416c7faa44eb551e Mon Sep 17 00:00:00 2001
From: Paolo Tormene <paolo.tormene@globalquakemodel.org>
Date: Thu, 28 Sep 2023 14:09:33 +0200
Subject: [PATCH 2/2] Update changelog [ci skip]

---
 debian/changelog | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 68728585b4b9..6a0eb3d483b5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,7 @@
+  [Paolo Tormene]
+  * In the WebUI users are not allowed to see other users outputs by default
+    (the old default can be obtained setting ACL_ON = False)
+
   [Manuela Villani, Michele Simionato]
   * Computed ASCE-41 outputs for AELO project