diff --git a/source/clog-auth.lisp b/source/clog-auth.lisp
index 62a32f9..b60ac63 100644
--- a/source/clog-auth.lisp
+++ b/source/clog-auth.lisp
@@ -102,7 +102,9 @@ for CLOG")
 ;;;;;;;;;;;;;;;;;;;;;
 
 (defun is-authorized-p (role-list action)
-  "Given ROLE-LIST is action authorized"
-  (dolist (role role-list nil)
-    (when (member action (gethash role *authorization-hash*))
-      (return t))))
+  "Given ROLE-LIST is action authorized. If action is nil returns t."
+  (if action
+      (dolist (role role-list nil)
+	(when (member action (gethash role *authorization-hash*))
+	  (return t)))
+      t))
diff --git a/source/clog-web-dbi.lisp b/source/clog-web-dbi.lisp
index e4c50da..0716bd4 100644
--- a/source/clog-web-dbi.lisp
+++ b/source/clog-web-dbi.lisp
@@ -202,7 +202,8 @@ optional WHERE and ORDER-BY sql."
 value where key=PAGE or if FOLLOW-URL-PAGE is true PAGE is default
 page if no second on path otherwise page is the second on path (first
 must be base-url). If comment-table is nil no comments are shown. User
-must authorize on CAN-COMMENT, CAN-SHOW-COMMENTS and if CAN-EDIT."
+must authorize on action set by CAN-COMMENT, CAN-SHOW-COMMENTS and if
+CAN-EDIT unless they are set to nil."
   (lambda (obj)
     (let* ((body    (connection-body obj))
 	   (prof    (profile (get-web-site body)))