From c72aba2dc2bc6bbe5e4f35e91d127fa714060cbd Mon Sep 17 00:00:00 2001
From: Michael Quigley <michael@quigley.com>
Date: Fri, 23 May 2025 10:30:16 -0400
Subject: [PATCH 1/4] default to closed permission mode; replace '--closed'
 flag with '--open' (#971)

---
 cmd/zrok/reserve.go      | 23 ++++++++++++-----------
 cmd/zrok/sharePrivate.go | 19 ++++++++++---------
 cmd/zrok/sharePublic.go  | 23 ++++++++++++-----------
 3 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/cmd/zrok/reserve.go b/cmd/zrok/reserve.go
index 7aba8f6a..122fe78b 100644
--- a/cmd/zrok/reserve.go
+++ b/cmd/zrok/reserve.go
@@ -28,7 +28,7 @@ type reserveCommand struct {
 	oauthProvider             string
 	oauthEmailAddressPatterns []string
 	oauthCheckInterval        time.Duration
-	closed                    bool
+	open                      bool
 	accessGrants              []string
 	cmd                       *cobra.Command
 }
@@ -54,7 +54,7 @@ func newReserveCommand() *reserveCommand {
 	cmd.Flags().StringArrayVar(&command.oauthEmailAddressPatterns, "oauth-email-address-patterns", []string{}, "Allow only these email domains to authenticate via OAuth")
 	cmd.Flags().DurationVar(&command.oauthCheckInterval, "oauth-check-interval", 3*time.Hour, "Maximum lifetime for OAuth authentication; reauthenticate after expiry")
 	cmd.MarkFlagsMutuallyExclusive("basic-auth", "oauth-provider")
-	cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
+	cmd.Flags().BoolVar(&command.open, "open", false, "Enable open permission mode")
 	cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that are allowed to access this share (see --closed)")
 
 	cmd.Run = command.run
@@ -147,12 +147,14 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 	}
 
 	req := &sdk.ShareRequest{
-		Reserved:    true,
-		UniqueName:  cmd.uniqueName,
-		BackendMode: sdk.BackendMode(cmd.backendMode),
-		ShareMode:   shareMode,
-		BasicAuth:   cmd.basicAuth,
-		Target:      target,
+		Reserved:       true,
+		UniqueName:     cmd.uniqueName,
+		BackendMode:    sdk.BackendMode(cmd.backendMode),
+		ShareMode:      shareMode,
+		BasicAuth:      cmd.basicAuth,
+		Target:         target,
+		PermissionMode: sdk.ClosedPermissionMode,
+		AccessGrants:   cmd.accessGrants,
 	}
 	if shareMode == sdk.PublicShareMode {
 		req.Frontends = cmd.frontendSelection
@@ -165,9 +167,8 @@ func (cmd *reserveCommand) run(_ *cobra.Command, args []string) {
 		req.OauthEmailAddressPatterns = cmd.oauthEmailAddressPatterns
 		req.OauthAuthorizationCheckInterval = cmd.oauthCheckInterval
 	}
-	if cmd.closed {
-		req.PermissionMode = sdk.ClosedPermissionMode
-		req.AccessGrants = cmd.accessGrants
+	if cmd.open {
+		req.PermissionMode = sdk.OpenPermissionMode
 	}
 	shr, err := sdk.CreateShare(env, req)
 	if err != nil {
diff --git a/cmd/zrok/sharePrivate.go b/cmd/zrok/sharePrivate.go
index 38a3fd33..dd0f0340 100644
--- a/cmd/zrok/sharePrivate.go
+++ b/cmd/zrok/sharePrivate.go
@@ -41,7 +41,7 @@ type sharePrivateCommand struct {
 	forceLocal   bool
 	forceAgent   bool
 	insecure     bool
-	closed       bool
+	open         bool
 	accessGrants []string
 	cmd          *cobra.Command
 }
@@ -65,7 +65,7 @@ func newSharePrivateCommand() *sharePrivateCommand {
 	cmd.Flags().BoolVar(&command.forceAgent, "force-agent", false, "Skip agent detection and force agent mode")
 	cmd.MarkFlagsMutuallyExclusive("force-local", "force-agent")
 	cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
-	cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
+	cmd.Flags().BoolVar(&command.open, "open", false, "Enable open permission mode")
 	cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that are allowed to access this share (see --closed)")
 	cmd.Run = command.run
 	return command
@@ -184,13 +184,14 @@ func (cmd *sharePrivateCommand) shareLocal(args []string, root env_core.Root) {
 	}
 
 	req := &sdk.ShareRequest{
-		BackendMode: sdk.BackendMode(cmd.backendMode),
-		ShareMode:   sdk.PrivateShareMode,
-		Target:      target,
+		BackendMode:    sdk.BackendMode(cmd.backendMode),
+		ShareMode:      sdk.PrivateShareMode,
+		Target:         target,
+		PermissionMode: sdk.ClosedPermissionMode,
+		AccessGrants:   cmd.accessGrants,
 	}
-	if cmd.closed {
-		req.PermissionMode = sdk.ClosedPermissionMode
-		req.AccessGrants = cmd.accessGrants
+	if cmd.open {
+		req.PermissionMode = sdk.OpenPermissionMode
 	}
 	shr, err := sdk.CreateShare(root, req)
 	if err != nil {
@@ -548,7 +549,7 @@ func (cmd *sharePrivateCommand) shareAgent(args []string, root env_core.Root) {
 		Target:       target,
 		BackendMode:  cmd.backendMode,
 		Insecure:     cmd.insecure,
-		Closed:       cmd.closed,
+		Closed:       !cmd.open,
 		AccessGrants: cmd.accessGrants,
 	})
 	if err != nil {
diff --git a/cmd/zrok/sharePublic.go b/cmd/zrok/sharePublic.go
index 91de615d..c60e0895 100644
--- a/cmd/zrok/sharePublic.go
+++ b/cmd/zrok/sharePublic.go
@@ -43,7 +43,7 @@ type sharePublicCommand struct {
 	oauthProvider             string
 	oauthEmailAddressPatterns []string
 	oauthCheckInterval        time.Duration
-	closed                    bool
+	open                      bool
 	accessGrants              []string
 	cmd                       *cobra.Command
 }
@@ -73,7 +73,7 @@ func newSharePublicCommand() *sharePublicCommand {
 	cmd.Flags().BoolVar(&command.forceAgent, "force-agent", false, "Skip agent detection and force agent mode")
 	cmd.MarkFlagsMutuallyExclusive("force-local", "force-agent")
 	cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for <target>")
-	cmd.Flags().BoolVar(&command.closed, "closed", false, "Enable closed permission mode (see --access-grant)")
+	cmd.Flags().BoolVar(&command.open, "open", false, "Enable open permission mode")
 	cmd.Flags().StringArrayVar(&command.accessGrants, "access-grant", []string{}, "zrok accounts that are allowed to access this share (see --closed)")
 	cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (<username:password>,...)")
 	cmd.Flags().StringVar(&command.oauthProvider, "oauth-provider", "", "Enable OAuth provider [google, github]")
@@ -148,15 +148,16 @@ func (cmd *sharePublicCommand) shareLocal(args []string, root env_core.Root) {
 	}
 
 	req := &sdk.ShareRequest{
-		BackendMode: sdk.BackendMode(cmd.backendMode),
-		ShareMode:   sdk.PublicShareMode,
-		Frontends:   cmd.frontendSelection,
-		BasicAuth:   cmd.basicAuth,
-		Target:      target,
+		BackendMode:    sdk.BackendMode(cmd.backendMode),
+		ShareMode:      sdk.PublicShareMode,
+		Frontends:      cmd.frontendSelection,
+		BasicAuth:      cmd.basicAuth,
+		Target:         target,
+		PermissionMode: sdk.ClosedPermissionMode,
+		AccessGrants:   cmd.accessGrants,
 	}
-	if cmd.closed {
-		req.PermissionMode = sdk.ClosedPermissionMode
-		req.AccessGrants = cmd.accessGrants
+	if cmd.open {
+		req.PermissionMode = sdk.OpenPermissionMode
 	}
 	if cmd.oauthProvider != "" {
 		req.OauthProvider = cmd.oauthProvider
@@ -414,7 +415,7 @@ func (cmd *sharePublicCommand) shareAgent(args []string, root env_core.Root) {
 		OauthProvider:             cmd.oauthProvider,
 		OauthEmailAddressPatterns: cmd.oauthEmailAddressPatterns,
 		OauthCheckInterval:        cmd.oauthCheckInterval.String(),
-		Closed:                    cmd.closed,
+		Closed:                    !cmd.open,
 		AccessGrants:              cmd.accessGrants,
 	})
 	if err != nil {

From 5b5871298e20eaef479fed13420e12bc824ed712 Mon Sep 17 00:00:00 2001
From: Michael Quigley <michael@quigley.com>
Date: Fri, 23 May 2025 10:43:47 -0400
Subject: [PATCH 2/4] changelog (#971)

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 62110ea6..bef41f53 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ## v1.0.5
 
+CHANGE: `zrok share public`, `zrok share private`, and `zrok reserve` all default to the "closed" permission mode (they previously defaulted to the "open" permission mode). The `--closed` flag has been replaced with a new `--open` flag. See the [Permission Modes](https://docs.zrok.io/docs/guides/permission-modes/) docs for details (https://github.com/openziti/zrok/issues/971)
+
 FIX: `zrok enable` now handles the case where the user ID does not resolve to a username when generating the default environment description (https://github.com/openziti/zrok/issues/959)
 
 FIX: Linux packages were optimized to avoid manage file revision conflicts (https://github.com/openziti/zrok/issues/817)

From 554f7a085d97ec272584bf7ad5c9a143551279ef Mon Sep 17 00:00:00 2001
From: Michael Quigley <michael@quigley.com>
Date: Fri, 23 May 2025 10:58:49 -0400
Subject: [PATCH 3/4] docs (#971)

---
 docs/guides/permission-modes.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/guides/permission-modes.md b/docs/guides/permission-modes.md
index 8cab041b..1aef153b 100644
--- a/docs/guides/permission-modes.md
+++ b/docs/guides/permission-modes.md
@@ -5,6 +5,10 @@ sidebar_label: Permission Modes
 
 # Permission Modes
 
+:::note
+As of `v1.0.5` zrok sharing new defaults to the `closed` permission mode. The `--closed` flag has been removed and has been replaced with a new `--open` flag for users who want to retain the open permission model. Otherwise, the closed permission mode works exactly the same.
+:::
+
 Shares created in zrok `v0.4.26` and newer now include a choice of _permission mode_. 
 
 Shares created with zrok `v0.4.25` and older were created using what is now called the _open permission mode_. Whether _public_ or _private_, these shares can be accessed by any user of the zrok service instance, as long as they know the _share token_ of the share. Effectively shares with the _open permission mode_ are accessible by any user of the zrok service instance.

From 06b7f874a914ac2ca875d0a2c930d5e3472c5a7e Mon Sep 17 00:00:00 2001
From: Michael Quigley <michael@quigley.com>
Date: Fri, 23 May 2025 10:59:53 -0400
Subject: [PATCH 4/4] typo (#971)

---
 docs/guides/permission-modes.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/guides/permission-modes.md b/docs/guides/permission-modes.md
index 1aef153b..882e3084 100644
--- a/docs/guides/permission-modes.md
+++ b/docs/guides/permission-modes.md
@@ -6,7 +6,7 @@ sidebar_label: Permission Modes
 # Permission Modes
 
 :::note
-As of `v1.0.5` zrok sharing new defaults to the `closed` permission mode. The `--closed` flag has been removed and has been replaced with a new `--open` flag for users who want to retain the open permission model. Otherwise, the closed permission mode works exactly the same.
+As of `v1.0.5` zrok sharing now defaults to the `closed` permission mode. The `--closed` flag has been removed and has been replaced with a new `--open` flag for users who want to retain the open permission model. Otherwise, the closed permission mode works exactly the same.
 :::
 
 Shares created in zrok `v0.4.26` and newer now include a choice of _permission mode_.