parameter fix for semi auth

CHANGELOG.md

@@ -2,7 +2,11 @@
 
 All notable changes to the Zlux Server Framework package will be documented in this file..
 This repo is part of the app-server Zowe Component, and the change logs here may appear on Zowe.org in that section.
-
+
+## 2.14.0
+- Bugfix: A call to GET /plugins would trigger an authorization check regardless of if rbac was set on or off
+
+
 ## 2.13.0
 - Added support for using zowe.network and components.app-server.zowe.network to set listener IP and TLS properties including max and min version, ciphers, and ECDH curves. (#511)
 - Enhanced cipher customization to allow for ciphers to be specified in IANA format in addition to the existing OpenSSL format. (#511)

lib/webauth.js

@@ -500,7 +500,7 @@ module.exports = function(authManager, cookieIdentifier, isSecurePort) {
         authLogger.debug(`${req.session.id}: Initiating isAuthorized check with ${handler.pluginID}`);        
         result = yield handler.authorized(req, authPluginSession, {
           syncOnly: isWebsocket,
-          bypassAuthorizatonCheck: !authManager.isRbacEnabled
+          bypassAuthorizatonCheck: !authManager.isRbacEnabled()
         });
         next();
         return;