API user creation behing a toggle

I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
author: Jeremy Benoist <jeremy.benoist@gmail.com> 2017-06-02 10:19:33 +0200
committer: Jeremy Benoist <jeremy.benoist@gmail.com> 2017-06-02 11:32:38 +0200
commit: 426bb453d295900fb3e35dce2f9081a42639cf27 (patch)
tree: 77fc6aedf17640a9d13a817e25fbd06ab89b471f /app/config/security.yml
parent: a687c8d915276eee0c0494156700f7d0c0606735 (diff)
download: wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/app/config/security.yml b/app/config/security.yml
index efb00a53..ffb1d356 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -56,6 +56,7 @@ security:
    access_control:
        - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
author	Jeremy Benoist <jeremy.benoist@gmail.com>	2017-06-02 10:19:33 +0200
committer	Jeremy Benoist <jeremy.benoist@gmail.com>	2017-06-02 11:32:38 +0200
commit	426bb453d295900fb3e35dce2f9081a42639cf27 (patch)
tree	77fc6aedf17640a9d13a817e25fbd06ab89b471f /app/config/security.yml
parent	a687c8d915276eee0c0494156700f7d0c0606735 (diff)
download	wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip

diff --git a/app/config/security.yml b/app/config/security.yml index efb00a53..ffb1d356 100644 --- a/app/config/security.yml +++ b/app/config/security.yml
@@ -56,6 +56,7 @@ security:
56	access_control:	56	access_control:
57	- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }	57	- { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
58	- { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }	58	- { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
		59	- { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
59	- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }	60	- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
60	- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }	61	- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
61	- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }	62	- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }