Prepare wallabag 2.0.4

[github/wallabag/wallabag.git] / app / config / security.yml

diff --git a/app/config/security.yml b/app/config/security.yml
index 576cfd25d7f7d41094f6c64004bd0c1ca93b143e..0748c06ce03d316c67e5237541718569d95caa9a 100644 (file)
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -15,6 +15,11 @@ security:
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
+        # disables authentication for assets and the profiler, adapt it according to your needs
+        dev:
+            pattern: ^/(_(profiler|wdt)|css|images|js)/
+            security: false
+
         oauth_token:
             pattern: ^/oauth/v2/token
             security: false
@@ -33,11 +38,11 @@ security:
             pattern: ^/
             form_login:
                 provider: fos_userbundle
-                csrf_provider: security.csrf.token_manager
+                csrf_token_generator: security.csrf.token_manager
 
             anonymous:    true
             remember_me:
-                key:      "%secret%"
+                secret:   "%secret%"
                 lifetime: 31536000
                 path:     /
                 domain:   ~
@@ -48,8 +53,11 @@ security:
 
     access_control:
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/settings, roles: ROLE_SUPER_ADMIN }
+        - { path: ^/annotations, roles: ROLE_USER }
         - { path: ^/, roles: ROLE_USER }