Merge pull request #3177 from wallabag/api-create-user-update

API user creation behing a toggle

23 files changed, 358 insertions, 385 deletions

diff --git a/app/DoctrineMigrations/Version20170602075214.php b/app/DoctrineMigrations/Version20170602075214.php
new file mode 100644
index 00000000..451d16ba
--- /dev/null
+++ b/app/DoctrineMigrations/Version20170602075214.php
@@ -0,0 +1,52 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Migrations\AbstractMigration;
+use Doctrine\DBAL\Schema\Schema;
+use Symfony\Component\DependencyInjection\ContainerAwareInterface;
+use Symfony\Component\DependencyInjection\ContainerInterface;
+
+/**
+ * Add api_user_registration in craue_config_setting.
+ */
+class Version20170602075214 extends AbstractMigration implements ContainerAwareInterface
+{
+    /**
+     * @var ContainerInterface
+     */
+    private $container;
+
+    public function setContainer(ContainerInterface $container = null)
+    {
+        $this->container = $container;
+    }
+
+    private function getTable($tableName)
+    {
+        return $this->container->getParameter('database_table_prefix').$tableName;
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $apiUserRegistration = $this->container
+            ->get('doctrine.orm.default_entity_manager')
+            ->getConnection()
+            ->fetchArray('SELECT * FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration'");
+
+        $this->skipIf(false !== $apiUserRegistration, 'It seems that you already played this migration.');
+
+        $this->addSql('INSERT INTO '.$this->getTable('craue_config_setting')." (name, value, section) VALUES ('api_user_registration', '0', 'api')");
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $this->addSql('DELETE FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration';");
+    }
+}
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.da.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.da.yml
index d1f7e3b5..20e938f5 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.da.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.da.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Demobruger"
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.de.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.de.yml
index 1105675b..526d41bc 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.de.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.de.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Test-Benutzer"
 share_public: Erlaube eine öffentliche URL für Einträge
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml
index 802599b3..3c0037f3 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.en.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Demo user"
 share_public: Allow public url for entries
 download_images_enabled: Download images locally
 restricted_access: Enable authentication for websites with paywall
+api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.es.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.es.yml
index b3ac18ed..99869669 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.es.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.es.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Nombre de usuario demo"
 share_public: Permitir URL pública para los artículos
 download_images_enabled: Descargar imágenes localmente
 restricted_access: Activar autenticación para websites con paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fa.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fa.yml
index c73d63e2..2e1307e5 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fa.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fa.yml
@@ -34,3 +34,4 @@ modify_settings: "اعمال"
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml
index a53174ae..454053ad 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.fr.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Utilisateur de la démo"
 share_public: Autoriser une URL publique pour les articles
 download_images_enabled: Télécharger les images en local
 restricted_access: Activer l'authentification pour les articles derrière un paywall
+api_user_registration: Activer la création de compte depuis l'API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.it.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.it.yml
index 3d53fc8d..4dbd2ff8 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.it.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.it.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Utente Demo"
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+api_user_registration: Abilita la registrazione dell'utente attraverso l'API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.oc.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.oc.yml
index 79f75245..00c06638 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.oc.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.oc.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Utilizaire de la demostracion"
 share_public: Autorizar una URL publica pels articles
 download_images_enabled: Telecargar los imatges en local
 restricted_access: Activar l'autenticacion pels sites amb peatge
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pl.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pl.yml
index 02fe98e3..ada11b3a 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pl.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pl.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Użytkownik Demonstracyjny"
 share_public: Zezwalaj na publiczny adres url dla wpisow
 download_images_enabled: Pobierz obrazy lokalnie
 restricted_access: Włącz autoryzację dla stron z paywallem
+api_user_registration: Włącz rejestrację użytkownika przy użyciu API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pt.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pt.yml
index 4a061bce..59af9610 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pt.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.pt.yml
@@ -34,3 +34,4 @@ demo_mode_username: "Usuário demo"
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.ro.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.ro.yml
index 5ee48074..104e37c6 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.ro.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.ro.yml
@@ -34,3 +34,4 @@ modify_settings: "aplică"
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.tr.yml b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.tr.yml
index d83a4b7b..1579366d 100644
--- a/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.tr.yml
+++ b/app/Resources/CraueConfigBundle/translations/CraueConfigBundle.tr.yml
@@ -34,3 +34,4 @@
 # share_public: Allow public url for entries
 # download_images_enabled: Download images locally
 # restricted_access: Enable authentication for websites with paywall
+# api_user_registration: Enable user to be registered using the API
diff --git a/app/config/config.yml b/app/config/config.yml
index 04f8547d..2bc5e3b3 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -2,6 +2,7 @@ imports:
     - { resource: parameters.yml }
     - { resource: security.yml }
     - { resource: services.yml }
+    - { resource: wallabag.yml }
 
 parameters:
     # Allows to use the live reload feature for changes in assets
@@ -34,42 +35,6 @@ framework:
     http_method_override: true
     assets: ~
 
-wallabag_core:
-    version: 2.2.3
-    paypal_url: "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9UBA65LG3FX9Y&lc=gb"
-    languages:
-        en: 'English'
-        fr: 'Français'
-        de: 'Deutsch'
-        tr: 'Türkçe'
-        fa: 'فارسی'
-        ro: 'Română'
-        pl: 'Polish'
-        da: 'Dansk'
-        es: 'Español'
-        oc: 'Occitan'
-        it: 'Italiano'
-        pt: 'Português'
-    items_on_page: 12
-    theme: material
-    language: '%locale%'
-    rss_limit: 50
-    reading_speed: 1
-    cache_lifetime: 10
-    action_mark_as_read: 1
-    list_mode: 0
-    fetching_error_message_title: 'No title found'
-    fetching_error_message: |
-        wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>.
-    api_limit_mass_actions: 10
-
-wallabag_user:
-    registration_enabled: "%fosuser_registration%"
-
-wallabag_import:
-    allow_mimetypes: ['application/octet-stream', 'application/json', 'text/plain', 'text/csv']
-    resource_dir: "%kernel.root_dir%/../web/uploads/import"
-
 # Twig Configuration
 twig:
     debug: "%kernel.debug%"
diff --git a/app/config/security.yml b/app/config/security.yml
index efb00a53..ffb1d356 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -56,6 +56,7 @@ security:
     access_control:
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
diff --git a/app/config/wallabag.yml b/app/config/wallabag.yml
new file mode 100644
index 00000000..d8c593c6
--- /dev/null
+++ b/app/config/wallabag.yml
@@ -0,0 +1,164 @@
+wallabag_core:
+    version: 2.2.3
+    paypal_url: "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9UBA65LG3FX9Y&lc=gb"
+    languages:
+        en: 'English'
+        fr: 'Français'
+        de: 'Deutsch'
+        tr: 'Türkçe'
+        fa: 'فارسی'
+        ro: 'Română'
+        pl: 'Polish'
+        da: 'Dansk'
+        es: 'Español'
+        oc: 'Occitan'
+        it: 'Italiano'
+        pt: 'Português'
+    items_on_page: 12
+    theme: material
+    language: '%locale%'
+    rss_limit: 50
+    reading_speed: 1
+    cache_lifetime: 10
+    action_mark_as_read: 1
+    list_mode: 0
+    fetching_error_message_title: 'No title found'
+    fetching_error_message: |
+        wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>.
+    api_limit_mass_actions: 10
+    default_internal_settings:
+        -
+            name: share_public
+            value: 1
+            section: entry
+        -
+            name: carrot
+            value: 1
+            section: entry
+        -
+            name: share_diaspora
+            value: 1
+            section: entry
+        -
+            name: diaspora_url
+            value: http://diasporapod.com
+            section: entry
+        -
+            name: share_unmark
+            value: 1
+            section: entry
+        -
+            name: unmark_url
+            value: https://unmark.it
+            section: entry
+        -
+            name: share_shaarli
+            value: 1
+            section: entry
+        -
+            name: share_scuttle
+            value: 1
+            section: entry
+        -
+            name: shaarli_url
+            value: http://myshaarli.com
+            section: entry
+        -
+            name: scuttle_url
+            value: http://scuttle.org
+            section: entry
+        -
+            name: share_mail
+            value: 1
+            section: entry
+        -
+            name: share_twitter
+            value: 1
+            section: entry
+        -
+            name: show_printlink
+            value: 1
+            section: entry
+        -
+            name: restricted_access
+            value: 0
+            section: entry
+        -
+            name: export_epub
+            value: 1
+            section: export
+        -
+            name: export_mobi
+            value: 1
+            section: export
+        -
+            name: export_pdf
+            value: 1
+            section: export
+        -
+            name: export_csv
+            value: 1
+            section: export
+        -
+            name: export_json
+            value: 1
+            section: export
+        -
+            name: export_txt
+            value: 1
+            section: export
+        -
+            name: export_xml
+            value: 1
+            section: export
+        -
+            name: import_with_redis
+            value: 0
+            section: import
+        -
+            name: import_with_rabbitmq
+            value: 0
+            section: import
+        -
+            name: piwik_enabled
+            value: 0
+            section: analytics
+        -
+            name: piwik_host
+            value: v2.wallabag.org
+            section: analytics
+        -
+            name: piwik_site_id
+            value: 1
+            section: analytics
+        -
+            name: demo_mode_enabled
+            value: 0
+            section: misc
+        -
+            name: demo_mode_username
+            value: wallabag
+            section: misc
+        -
+            name: download_images_enabled
+            value: 0
+            section: misc
+        -
+            name: wallabag_support_url
+            value: https://www.wallabag.org/pages/support.html
+            section: misc
+        -
+            name: wallabag_url
+            value: http://v2.wallabag.org
+            section: misc
+        -
+            name: api_user_registration
+            value: 0
+            section: api
+
+wallabag_user:
+    registration_enabled: "%fosuser_registration%"
+
+wallabag_import:
+    allow_mimetypes: ['application/octet-stream', 'application/json', 'text/plain', 'text/csv']
+    resource_dir: "%kernel.root_dir%/../web/uploads/import"
diff --git a/src/Wallabag/ApiBundle/Controller/UserRestController.php b/src/Wallabag/ApiBundle/Controller/UserRestController.php
index a1b78e3f..8f675b8d 100644
--- a/src/Wallabag/ApiBundle/Controller/UserRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/UserRestController.php
@@ -43,16 +43,18 @@ class UserRestController extends WallabagRestController
      */
     public function putUserAction(Request $request)
     {
-        if (!$this->container->getParameter('fosuser_registration')) {
+        if (!$this->getParameter('fosuser_registration') || !$this->get('craue_config')->get('api_user_registration')) {
             $json = $this->get('serializer')->serialize(['error' => "Server doesn't allow registrations"], 'json');
 
-            return (new JsonResponse())->setJson($json)->setStatusCode(403);
+            return (new JsonResponse())
+                ->setJson($json)
+                ->setStatusCode(JsonResponse::HTTP_FORBIDDEN);
         }
 
         $userManager = $this->get('fos_user.user_manager');
         $user = $userManager->createUser();
-        // enable created user by default
-        $user->setEnabled(true);
+        // user will be disabled BY DEFAULT to avoid spamming account to be enabled
+        $user->setEnabled(false);
 
         $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user, [
             'csrf_protection' => false,
@@ -90,7 +92,9 @@ class UserRestController extends WallabagRestController
 
             $json = $this->get('serializer')->serialize(['error' => $errors], 'json');
 
-            return (new JsonResponse())->setJson($json)->setStatusCode(400);
+            return (new JsonResponse())
+                ->setJson($json)
+                ->setStatusCode(JsonResponse::HTTP_BAD_REQUEST);
         }
 
         $userManager->updateUser($user);
@@ -99,17 +103,18 @@ class UserRestController extends WallabagRestController
         $event = new UserEvent($user, $request);
         $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);
 
-        return $this->sendUser($user);
+        return $this->sendUser($user, JsonResponse::HTTP_CREATED);
     }
 
     /**
      * Send user response.
      *
      * @param User $user
+     * @param int  $status HTTP Status code to send
      *
      * @return JsonResponse
      */
-    private function sendUser(User $user)
+    private function sendUser(User $user, $status = JsonResponse::HTTP_OK)
     {
         $json = $this->get('serializer')->serialize(
             $user,
@@ -117,7 +122,9 @@ class UserRestController extends WallabagRestController
             SerializationContext::create()->setGroups(['user_api'])
         );
 
-        return (new JsonResponse())->setJson($json);
+        return (new JsonResponse())
+            ->setJson($json)
+            ->setStatusCode($status);
     }
 
     /**
diff --git a/src/Wallabag/CoreBundle/Command/InstallCommand.php b/src/Wallabag/CoreBundle/Command/InstallCommand.php
index d9608246..0f119377 100644
--- a/src/Wallabag/CoreBundle/Command/InstallCommand.php
+++ b/src/Wallabag/CoreBundle/Command/InstallCommand.php
@@ -292,165 +292,7 @@ class InstallCommand extends ContainerAwareCommand
         // cleanup before insert new stuff
         $em->createQuery('DELETE FROM CraueConfigBundle:Setting')->execute();
 
-        $settings = [
-            [
-                'name' => 'share_public',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'carrot',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_diaspora',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'diaspora_url',
-                'value' => 'http://diasporapod.com',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_unmark',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'unmark_url',
-                'value' => 'https://unmark.it',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_shaarli',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'shaarli_url',
-                'value' => 'http://myshaarli.com',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_scuttle',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'scuttle_url',
-                'value' => 'http://scuttle.org',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_mail',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_twitter',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'export_epub',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_mobi',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_pdf',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_csv',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_json',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_txt',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_xml',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'import_with_redis',
-                'value' => '0',
-                'section' => 'import',
-            ],
-            [
-                'name' => 'import_with_rabbitmq',
-                'value' => '0',
-                'section' => 'import',
-            ],
-            [
-                'name' => 'show_printlink',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'wallabag_support_url',
-                'value' => 'https://www.wallabag.org/pages/support.html',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'wallabag_url',
-                'value' => '',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'piwik_enabled',
-                'value' => '0',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'piwik_host',
-                'value' => 'v2.wallabag.org',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'piwik_site_id',
-                'value' => '1',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'demo_mode_enabled',
-                'value' => '0',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'demo_mode_username',
-                'value' => 'wallabag',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'download_images_enabled',
-                'value' => '0',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'restricted_access',
-                'value' => '0',
-                'section' => 'entry',
-            ],
-        ];
-
-        foreach ($settings as $setting) {
+        foreach ($this->getContainer()->getParameter('wallabag_core.default_internal_settings') as $setting) {
             $newSetting = new Setting();
             $newSetting->setName($setting['name']);
             $newSetting->setValue($setting['value']);
diff --git a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php
index aaeb9ee9..a52288e6 100644
--- a/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php
+++ b/src/Wallabag/CoreBundle/DataFixtures/ORM/LoadSettingData.php
@@ -6,173 +6,27 @@ use Doctrine\Common\DataFixtures\AbstractFixture;
 use Doctrine\Common\DataFixtures\OrderedFixtureInterface;
 use Doctrine\Common\Persistence\ObjectManager;
 use Craue\ConfigBundle\Entity\Setting;
+use Symfony\Component\DependencyInjection\ContainerAwareInterface;
+use Symfony\Component\DependencyInjection\ContainerInterface;
 
-class LoadSettingData extends AbstractFixture implements OrderedFixtureInterface
+class LoadSettingData extends AbstractFixture implements OrderedFixtureInterface, ContainerAwareInterface
 {
     /**
+     * @var ContainerInterface
+     */
+    private $container;
+
+    public function setContainer(ContainerInterface $container = null)
+    {
+        $this->container = $container;
+    }
+
+    /**
      * {@inheritdoc}
      */
     public function load(ObjectManager $manager)
     {
-        $settings = [
-            [
-                'name' => 'share_public',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'carrot',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_diaspora',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'diaspora_url',
-                'value' => 'http://diasporapod.com',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_unmark',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'unmark_url',
-                'value' => 'https://unmark.it',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_shaarli',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_scuttle',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'shaarli_url',
-                'value' => 'http://myshaarli.com',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'scuttle_url',
-                'value' => 'http://scuttle.org',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_mail',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'share_twitter',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'export_epub',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_mobi',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_pdf',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_csv',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_json',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_txt',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'export_xml',
-                'value' => '1',
-                'section' => 'export',
-            ],
-            [
-                'name' => 'import_with_redis',
-                'value' => '0',
-                'section' => 'import',
-            ],
-            [
-                'name' => 'import_with_rabbitmq',
-                'value' => '0',
-                'section' => 'import',
-            ],
-            [
-                'name' => 'show_printlink',
-                'value' => '1',
-                'section' => 'entry',
-            ],
-            [
-                'name' => 'wallabag_support_url',
-                'value' => 'https://www.wallabag.org/pages/support.html',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'wallabag_url',
-                'value' => 'http://v2.wallabag.org',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'piwik_enabled',
-                'value' => '0',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'piwik_host',
-                'value' => 'v2.wallabag.org',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'piwik_site_id',
-                'value' => '1',
-                'section' => 'analytics',
-            ],
-            [
-                'name' => 'demo_mode_enabled',
-                'value' => '0',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'demo_mode_username',
-                'value' => 'wallabag',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'download_images_enabled',
-                'value' => '0',
-                'section' => 'misc',
-            ],
-            [
-                'name' => 'restricted_access',
-                'value' => '0',
-                'section' => 'entry',
-            ],
-        ];
-
-        foreach ($settings as $setting) {
+        foreach ($this->container->getParameter('wallabag_core.default_internal_settings') as $setting) {
             $newSetting = new Setting();
             $newSetting->setName($setting['name']);
             $newSetting->setValue($setting['value']);
diff --git a/src/Wallabag/CoreBundle/DependencyInjection/Configuration.php b/src/Wallabag/CoreBundle/DependencyInjection/Configuration.php
index 8b5b5744..33df92d3 100644
--- a/src/Wallabag/CoreBundle/DependencyInjection/Configuration.php
+++ b/src/Wallabag/CoreBundle/DependencyInjection/Configuration.php
@@ -52,6 +52,17 @@ class Configuration implements ConfigurationInterface
                 ->scalarNode('api_limit_mass_actions')
                     ->defaultValue(10)
                 ->end()
+                ->arrayNode('default_internal_settings')
+                    ->prototype('array')
+                        ->children()
+                            ->scalarNode('name')->end()
+                            ->scalarNode('value')->end()
+                            ->enumNode('section')
+                                ->values(['entry', 'misc', 'api', 'analytics', 'export', 'import'])
+                            ->end()
+                        ->end()
+                    ->end()
+                ->end()
             ->end()
         ;
 
diff --git a/src/Wallabag/CoreBundle/DependencyInjection/WallabagCoreExtension.php b/src/Wallabag/CoreBundle/DependencyInjection/WallabagCoreExtension.php
index a2a703cb..b4d8a386 100644
--- a/src/Wallabag/CoreBundle/DependencyInjection/WallabagCoreExtension.php
+++ b/src/Wallabag/CoreBundle/DependencyInjection/WallabagCoreExtension.php
@@ -28,6 +28,7 @@ class WallabagCoreExtension extends Extension
         $container->setParameter('wallabag_core.fetching_error_message', $config['fetching_error_message']);
         $container->setParameter('wallabag_core.fetching_error_message_title', $config['fetching_error_message_title']);
         $container->setParameter('wallabag_core.api_limit_mass_actions', $config['api_limit_mass_actions']);
+        $container->setParameter('wallabag_core.default_internal_settings', $config['default_internal_settings']);
 
         $loader = new Loader\YamlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
         $loader->load('services.yml');
diff --git a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
index 3f4969a5..5735bc58 100644
--- a/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/UserRestControllerTest.php
@@ -27,15 +27,32 @@ class UserRestControllerTest extends WallabagApiTestCase
         $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
     }
 
+    public function testGetUserWithoutAuthentication()
+    {
+        $client = static::createClient();
+        $client->request('GET', '/api/user.json');
+        $this->assertEquals(401, $client->getResponse()->getStatusCode());
+
+        $content = json_decode($client->getResponse()->getContent(), true);
+
+        $this->assertArrayHasKey('error', $content);
+        $this->assertArrayHasKey('error_description', $content);
+
+        $this->assertEquals('access_denied', $content['error']);
+
+        $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
+    }
+
     public function testCreateNewUser()
     {
+        $this->client->getContainer()->get('craue_config')->set('api_user_registration', 1);
         $this->client->request('PUT', '/api/user.json', [
             'username' => 'google',
             'password' => 'googlegoogle',
             'email' => 'wallabag@google.com',
         ]);
 
-        $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
+        $this->assertEquals(201, $this->client->getResponse()->getStatusCode());
 
         $content = json_decode($this->client->getResponse()->getContent(), true);
 
@@ -50,30 +67,51 @@ class UserRestControllerTest extends WallabagApiTestCase
 
         $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
 
-        // remove the created user to avoid side effect on other tests
-        // @todo remove these lines when test will be isolated
-        $em = $this->client->getContainer()->get('doctrine.orm.entity_manager');
+        $this->client->getContainer()->get('craue_config')->set('api_user_registration', 0);
+    }
+
+    public function testCreateNewUserWithoutAuthentication()
+    {
+        // create a new client instead of using $this->client to be sure client isn't authenticated
+        $client = static::createClient();
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
+        $client->request('PUT', '/api/user.json', [
+            'username' => 'google',
+            'password' => 'googlegoogle',
+            'email' => 'wallabag@google.com',
+        ]);
+
+        $this->assertEquals(201, $client->getResponse()->getStatusCode());
+
+        $content = json_decode($client->getResponse()->getContent(), true);
 
-        $query = $em->createQuery('DELETE FROM Wallabag\CoreBundle\Entity\Config c WHERE c.user = :user_id');
-        $query->setParameter('user_id', $content['id']);
-        $query->execute();
+        $this->assertArrayHasKey('id', $content);
+        $this->assertArrayHasKey('email', $content);
+        $this->assertArrayHasKey('username', $content);
+        $this->assertArrayHasKey('created_at', $content);
+        $this->assertArrayHasKey('updated_at', $content);
 
-        $query = $em->createQuery('DELETE FROM Wallabag\UserBundle\Entity\User u WHERE u.id = :id');
-        $query->setParameter('id', $content['id']);
-        $query->execute();
+        $this->assertEquals('wallabag@google.com', $content['email']);
+        $this->assertEquals('google', $content['username']);
+
+        $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
+
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
     }
 
     public function testCreateNewUserWithExistingEmail()
     {
-        $this->client->request('PUT', '/api/user.json', [
+        $client = static::createClient();
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
+        $client->request('PUT', '/api/user.json', [
             'username' => 'admin',
             'password' => 'googlegoogle',
             'email' => 'bigboss@wallabag.org',
         ]);
 
-        $this->assertEquals(400, $this->client->getResponse()->getStatusCode());
+        $this->assertEquals(400, $client->getResponse()->getStatusCode());
 
-        $content = json_decode($this->client->getResponse()->getContent(), true);
+        $content = json_decode($client->getResponse()->getContent(), true);
 
         $this->assertArrayHasKey('error', $content);
         $this->assertArrayHasKey('username', $content['error']);
@@ -85,26 +123,50 @@ class UserRestControllerTest extends WallabagApiTestCase
         $this->assertEquals('This value is already used.', $content['error']['username'][0]);
         $this->assertEquals('This value is already used.', $content['error']['email'][0]);
 
-        $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
+        $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
+
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
     }
 
     public function testCreateNewUserWithTooShortPassword()
     {
-        $this->client->request('PUT', '/api/user.json', [
+        $client = static::createClient();
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 1);
+        $client->request('PUT', '/api/user.json', [
             'username' => 'facebook',
             'password' => 'face',
             'email' => 'facebook@wallabag.org',
         ]);
 
-        $this->assertEquals(400, $this->client->getResponse()->getStatusCode());
+        $this->assertEquals(400, $client->getResponse()->getStatusCode());
 
-        $content = json_decode($this->client->getResponse()->getContent(), true);
+        $content = json_decode($client->getResponse()->getContent(), true);
 
         $this->assertArrayHasKey('error', $content);
         $this->assertArrayHasKey('password', $content['error']);
 
         $this->assertEquals('validator.password_too_short', $content['error']['password'][0]);
 
-        $this->assertEquals('application/json', $this->client->getResponse()->headers->get('Content-Type'));
+        $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
+
+        $client->getContainer()->get('craue_config')->set('api_user_registration', 0);
+    }
+
+    public function testCreateNewUserWhenRegistrationIsDisabled()
+    {
+        $client = static::createClient();
+        $client->request('PUT', '/api/user.json', [
+            'username' => 'facebook',
+            'password' => 'face',
+            'email' => 'facebook@wallabag.org',
+        ]);
+
+        $this->assertEquals(403, $client->getResponse()->getStatusCode());
+
+        $content = json_decode($client->getResponse()->getContent(), true);
+
+        $this->assertArrayHasKey('error', $content);
+
+        $this->assertEquals('application/json', $client->getResponse()->headers->get('Content-Type'));
     }
 }
diff --git a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
index c87e58de..df638e8f 100644
--- a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
@@ -8,12 +8,14 @@ class WallabagRestControllerTest extends WallabagApiTestCase
 {
     public function testGetVersion()
     {
-        $this->client->request('GET', '/api/version');
+        // create a new client instead of using $this->client to be sure client isn't authenticated
+        $client = static::createClient();
+        $client->request('GET', '/api/version');
 
-        $this->assertEquals(200, $this->client->getResponse()->getStatusCode());
+        $this->assertEquals(200, $client->getResponse()->getStatusCode());
 
-        $content = json_decode($this->client->getResponse()->getContent(), true);
+        $content = json_decode($client->getResponse()->getContent(), true);
 
-        $this->assertEquals($this->client->getContainer()->getParameter('wallabag_core.version'), $content);
+        $this->assertEquals($client->getContainer()->getParameter('wallabag_core.version'), $content);
     }
 }