Add tests

[github/wallabag/wallabag.git] / app / config / security.yml

diff --git a/app/config/security.yml b/app/config/security.yml
index f4fefe2e4f24e550ddb4ec11305fd2cf7cdca8c0..37236d403a92d27e0d489be7db47310fb9966af5 100644 (file)
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -1,6 +1,6 @@
 security:
     encoders:
-        Wallabag\CoreBundle\Entity\Users:
+        Wallabag\CoreBundle\Entity\User:
             algorithm:        sha1
             encode_as_base64: false
             iterations:       1
@@ -11,14 +11,16 @@ security:
 
     providers:
         administrators:
-            entity: { class: WallabagCoreBundle:Users, property: username }
+            entity: { class: WallabagCoreBundle:User, property: username }
 
     # the main part of the security, where you can set up firewalls
     # for specific sections of your app
     firewalls:
-        #wsse_secured:
-        #    pattern:   /api/.*
-        #    wsse:      true
+        wsse_secured:
+            pattern:      /api/.*
+            wsse:         true
+            stateless:    true
+            anonymous:    true
         login_firewall:
             pattern:    ^/login$
             anonymous:  ~
@@ -54,5 +56,9 @@ security:
                 target: /
 
     access_control:
+        - { path: ^/api/salt, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/forgot-password, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/, roles: ROLE_USER }