aboutsummaryrefslogtreecommitdiffhomepage
path: root/app
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 10:19:33 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-06-02 11:32:38 +0200
commit426bb453d295900fb3e35dce2f9081a42639cf27 (patch)
tree77fc6aedf17640a9d13a817e25fbd06ab89b471f /app
parenta687c8d915276eee0c0494156700f7d0c0606735 (diff)
downloadwallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst
wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip
API user creation behing a toggle
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier.
Diffstat (limited to 'app')
-rw-r--r--app/DoctrineMigrations/Version20170602075214.php52
-rw-r--r--app/config/config.yml129
-rw-r--r--app/config/security.yml1
3 files changed, 182 insertions, 0 deletions
diff --git a/app/DoctrineMigrations/Version20170602075214.php b/app/DoctrineMigrations/Version20170602075214.php
new file mode 100644
index 00000000..451d16ba
--- /dev/null
+++ b/app/DoctrineMigrations/Version20170602075214.php
@@ -0,0 +1,52 @@
1<?php
2
3namespace Application\Migrations;
4
5use Doctrine\DBAL\Migrations\AbstractMigration;
6use Doctrine\DBAL\Schema\Schema;
7use Symfony\Component\DependencyInjection\ContainerAwareInterface;
8use Symfony\Component\DependencyInjection\ContainerInterface;
9
10/**
11 * Add api_user_registration in craue_config_setting.
12 */
13class Version20170602075214 extends AbstractMigration implements ContainerAwareInterface
14{
15 /**
16 * @var ContainerInterface
17 */
18 private $container;
19
20 public function setContainer(ContainerInterface $container = null)
21 {
22 $this->container = $container;
23 }
24
25 private function getTable($tableName)
26 {
27 return $this->container->getParameter('database_table_prefix').$tableName;
28 }
29
30 /**
31 * @param Schema $schema
32 */
33 public function up(Schema $schema)
34 {
35 $apiUserRegistration = $this->container
36 ->get('doctrine.orm.default_entity_manager')
37 ->getConnection()
38 ->fetchArray('SELECT * FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration'");
39
40 $this->skipIf(false !== $apiUserRegistration, 'It seems that you already played this migration.');
41
42 $this->addSql('INSERT INTO '.$this->getTable('craue_config_setting')." (name, value, section) VALUES ('api_user_registration', '0', 'api')");
43 }
44
45 /**
46 * @param Schema $schema
47 */
48 public function down(Schema $schema)
49 {
50 $this->addSql('DELETE FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration';");
51 }
52}
diff --git a/app/config/config.yml b/app/config/config.yml
index 04f8547d..b0d330ab 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -62,6 +62,135 @@ wallabag_core:
62 fetching_error_message: | 62 fetching_error_message: |
63 wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>. 63 wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>.
64 api_limit_mass_actions: 10 64 api_limit_mass_actions: 10
65 default_internal_settings:
66 -
67 name: share_public
68 value: 1
69 section: entry
70 -
71 name: carrot
72 value: 1
73 section: entry
74 -
75 name: share_diaspora
76 value: 1
77 section: entry
78 -
79 name: diaspora_url
80 value: http://diasporapod.com
81 section: entry
82 -
83 name: share_unmark
84 value: 1
85 section: entry
86 -
87 name: unmark_url
88 value: https://unmark.it
89 section: entry
90 -
91 name: share_shaarli
92 value: 1
93 section: entry
94 -
95 name: share_scuttle
96 value: 1
97 section: entry
98 -
99 name: shaarli_url
100 value: http://myshaarli.com
101 section: entry
102 -
103 name: scuttle_url
104 value: http://scuttle.org
105 section: entry
106 -
107 name: share_mail
108 value: 1
109 section: entry
110 -
111 name: share_twitter
112 value: 1
113 section: entry
114 -
115 name: show_printlink
116 value: 1
117 section: entry
118 -
119 name: restricted_access
120 value: 0
121 section: entry
122 -
123 name: export_epub
124 value: 1
125 section: export
126 -
127 name: export_mobi
128 value: 1
129 section: export
130 -
131 name: export_pdf
132 value: 1
133 section: export
134 -
135 name: export_csv
136 value: 1
137 section: export
138 -
139 name: export_json
140 value: 1
141 section: export
142 -
143 name: export_txt
144 value: 1
145 section: export
146 -
147 name: export_xml
148 value: 1
149 section: export
150 -
151 name: import_with_redis
152 value: 0
153 section: import
154 -
155 name: import_with_rabbitmq
156 value: 0
157 section: import
158 -
159 name: piwik_enabled
160 value: 0
161 section: analytics
162 -
163 name: piwik_host
164 value: v2.wallabag.org
165 section: analytics
166 -
167 name: piwik_site_id
168 value: 1
169 section: analytics
170 -
171 name: demo_mode_enabled
172 value: 0
173 section: misc
174 -
175 name: demo_mode_username
176 value: wallabag
177 section: misc
178 -
179 name: download_images_enabled
180 value: 0
181 section: misc
182 -
183 name: wallabag_support_url
184 value: https://www.wallabag.org/pages/support.html
185 section: misc
186 -
187 name: wallabag_url
188 value: http://v2.wallabag.org
189 section: misc
190 -
191 name: api_user_registration
192 value: 0
193 section: api
65 194
66wallabag_user: 195wallabag_user:
67 registration_enabled: "%fosuser_registration%" 196 registration_enabled: "%fosuser_registration%"
diff --git a/app/config/security.yml b/app/config/security.yml
index efb00a53..ffb1d356 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -56,6 +56,7 @@ security:
56 access_control: 56 access_control:
57 - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } 57 - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
58 - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY } 58 - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
59 - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
59 - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 60 - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
60 - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } 61 - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
61 - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } 62 - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }