]>
Commit | Line | Data |
---|---|---|
1 | security: | |
2 | encoders: | |
3 | FOS\UserBundle\Model\UserInterface: sha512 | |
4 | ||
5 | role_hierarchy: | |
6 | ROLE_ADMIN: ROLE_USER | |
7 | ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ] | |
8 | ||
9 | # /!\ This list is modified in WallabagUserBundle when LDAP is enabled | |
10 | providers: | |
11 | administrators: | |
12 | entity: | |
13 | class: WallabagUserBundle:User | |
14 | property: username | |
15 | fos_userbundle: | |
16 | id: fos_user.user_provider.username_email | |
17 | ||
18 | # the main part of the security, where you can set up firewalls | |
19 | # for specific sections of your app | |
20 | firewalls: | |
21 | # disables authentication for assets and the profiler, adapt it according to your needs | |
22 | dev: | |
23 | pattern: ^/(_(profiler|wdt)|css|images|js)/ | |
24 | security: false | |
25 | ||
26 | oauth_token: | |
27 | pattern: ^/oauth/v2/token | |
28 | security: false | |
29 | ||
30 | api: | |
31 | pattern: /api/.* | |
32 | fos_oauth: true | |
33 | stateless: true | |
34 | anonymous: true | |
35 | ||
36 | login_firewall: | |
37 | pattern: ^/login$ | |
38 | anonymous: ~ | |
39 | ||
40 | # /!\ This section is modified in WallabagUserBundle when LDAP is enabled | |
41 | secured_area: | |
42 | pattern: ^/ | |
43 | form_login: | |
44 | provider: fos_userbundle | |
45 | csrf_token_generator: security.csrf.token_manager | |
46 | ||
47 | anonymous: true | |
48 | remember_me: | |
49 | secret: "%secret%" | |
50 | lifetime: 31536000 | |
51 | path: / | |
52 | domain: ~ | |
53 | ||
54 | logout: | |
55 | path: /logout | |
56 | target: / | |
57 | ||
58 | access_control: | |
59 | - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
60 | - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
61 | - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
62 | - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
63 | - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
64 | - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
65 | - { path: /(unread|starred|archive|all).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
66 | - { path: /tags/(.*).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
67 | - { path: ^/share, roles: IS_AUTHENTICATED_ANONYMOUSLY } | |
68 | - { path: ^/settings, roles: ROLE_SUPER_ADMIN } | |
69 | - { path: ^/annotations, roles: ROLE_USER } | |
70 | - { path: ^/users, roles: ROLE_SUPER_ADMIN } | |
71 | - { path: ^/, roles: ROLE_USER } |