diff options
author | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-02 10:19:33 +0200 |
---|---|---|
committer | Jeremy Benoist <jeremy.benoist@gmail.com> | 2017-06-02 11:32:38 +0200 |
commit | 426bb453d295900fb3e35dce2f9081a42639cf27 (patch) | |
tree | 77fc6aedf17640a9d13a817e25fbd06ab89b471f /app | |
parent | a687c8d915276eee0c0494156700f7d0c0606735 (diff) | |
download | wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.gz wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.tar.zst wallabag-426bb453d295900fb3e35dce2f9081a42639cf27.zip |
API user creation behing a toggle
I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled.
Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information.
I've moved all the internal settings definition to config to avoid duplicated place to define them.
I don't know why we didn't did that earlier.
Diffstat (limited to 'app')
-rw-r--r-- | app/DoctrineMigrations/Version20170602075214.php | 52 | ||||
-rw-r--r-- | app/config/config.yml | 129 | ||||
-rw-r--r-- | app/config/security.yml | 1 |
3 files changed, 182 insertions, 0 deletions
diff --git a/app/DoctrineMigrations/Version20170602075214.php b/app/DoctrineMigrations/Version20170602075214.php new file mode 100644 index 00000000..451d16ba --- /dev/null +++ b/app/DoctrineMigrations/Version20170602075214.php | |||
@@ -0,0 +1,52 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace Application\Migrations; | ||
4 | |||
5 | use Doctrine\DBAL\Migrations\AbstractMigration; | ||
6 | use Doctrine\DBAL\Schema\Schema; | ||
7 | use Symfony\Component\DependencyInjection\ContainerAwareInterface; | ||
8 | use Symfony\Component\DependencyInjection\ContainerInterface; | ||
9 | |||
10 | /** | ||
11 | * Add api_user_registration in craue_config_setting. | ||
12 | */ | ||
13 | class Version20170602075214 extends AbstractMigration implements ContainerAwareInterface | ||
14 | { | ||
15 | /** | ||
16 | * @var ContainerInterface | ||
17 | */ | ||
18 | private $container; | ||
19 | |||
20 | public function setContainer(ContainerInterface $container = null) | ||
21 | { | ||
22 | $this->container = $container; | ||
23 | } | ||
24 | |||
25 | private function getTable($tableName) | ||
26 | { | ||
27 | return $this->container->getParameter('database_table_prefix').$tableName; | ||
28 | } | ||
29 | |||
30 | /** | ||
31 | * @param Schema $schema | ||
32 | */ | ||
33 | public function up(Schema $schema) | ||
34 | { | ||
35 | $apiUserRegistration = $this->container | ||
36 | ->get('doctrine.orm.default_entity_manager') | ||
37 | ->getConnection() | ||
38 | ->fetchArray('SELECT * FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration'"); | ||
39 | |||
40 | $this->skipIf(false !== $apiUserRegistration, 'It seems that you already played this migration.'); | ||
41 | |||
42 | $this->addSql('INSERT INTO '.$this->getTable('craue_config_setting')." (name, value, section) VALUES ('api_user_registration', '0', 'api')"); | ||
43 | } | ||
44 | |||
45 | /** | ||
46 | * @param Schema $schema | ||
47 | */ | ||
48 | public function down(Schema $schema) | ||
49 | { | ||
50 | $this->addSql('DELETE FROM '.$this->getTable('craue_config_setting')." WHERE name = 'api_user_registration';"); | ||
51 | } | ||
52 | } | ||
diff --git a/app/config/config.yml b/app/config/config.yml index 04f8547d..b0d330ab 100644 --- a/app/config/config.yml +++ b/app/config/config.yml | |||
@@ -62,6 +62,135 @@ wallabag_core: | |||
62 | fetching_error_message: | | 62 | fetching_error_message: | |
63 | wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>. | 63 | wallabag can't retrieve contents for this article. Please <a href="http://doc.wallabag.org/en/user/errors_during_fetching.html#how-can-i-help-to-fix-that">troubleshoot this issue</a>. |
64 | api_limit_mass_actions: 10 | 64 | api_limit_mass_actions: 10 |
65 | default_internal_settings: | ||
66 | - | ||
67 | name: share_public | ||
68 | value: 1 | ||
69 | section: entry | ||
70 | - | ||
71 | name: carrot | ||
72 | value: 1 | ||
73 | section: entry | ||
74 | - | ||
75 | name: share_diaspora | ||
76 | value: 1 | ||
77 | section: entry | ||
78 | - | ||
79 | name: diaspora_url | ||
80 | value: http://diasporapod.com | ||
81 | section: entry | ||
82 | - | ||
83 | name: share_unmark | ||
84 | value: 1 | ||
85 | section: entry | ||
86 | - | ||
87 | name: unmark_url | ||
88 | value: https://unmark.it | ||
89 | section: entry | ||
90 | - | ||
91 | name: share_shaarli | ||
92 | value: 1 | ||
93 | section: entry | ||
94 | - | ||
95 | name: share_scuttle | ||
96 | value: 1 | ||
97 | section: entry | ||
98 | - | ||
99 | name: shaarli_url | ||
100 | value: http://myshaarli.com | ||
101 | section: entry | ||
102 | - | ||
103 | name: scuttle_url | ||
104 | value: http://scuttle.org | ||
105 | section: entry | ||
106 | - | ||
107 | name: share_mail | ||
108 | value: 1 | ||
109 | section: entry | ||
110 | - | ||
111 | name: share_twitter | ||
112 | value: 1 | ||
113 | section: entry | ||
114 | - | ||
115 | name: show_printlink | ||
116 | value: 1 | ||
117 | section: entry | ||
118 | - | ||
119 | name: restricted_access | ||
120 | value: 0 | ||
121 | section: entry | ||
122 | - | ||
123 | name: export_epub | ||
124 | value: 1 | ||
125 | section: export | ||
126 | - | ||
127 | name: export_mobi | ||
128 | value: 1 | ||
129 | section: export | ||
130 | - | ||
131 | name: export_pdf | ||
132 | value: 1 | ||
133 | section: export | ||
134 | - | ||
135 | name: export_csv | ||
136 | value: 1 | ||
137 | section: export | ||
138 | - | ||
139 | name: export_json | ||
140 | value: 1 | ||
141 | section: export | ||
142 | - | ||
143 | name: export_txt | ||
144 | value: 1 | ||
145 | section: export | ||
146 | - | ||
147 | name: export_xml | ||
148 | value: 1 | ||
149 | section: export | ||
150 | - | ||
151 | name: import_with_redis | ||
152 | value: 0 | ||
153 | section: import | ||
154 | - | ||
155 | name: import_with_rabbitmq | ||
156 | value: 0 | ||
157 | section: import | ||
158 | - | ||
159 | name: piwik_enabled | ||
160 | value: 0 | ||
161 | section: analytics | ||
162 | - | ||
163 | name: piwik_host | ||
164 | value: v2.wallabag.org | ||
165 | section: analytics | ||
166 | - | ||
167 | name: piwik_site_id | ||
168 | value: 1 | ||
169 | section: analytics | ||
170 | - | ||
171 | name: demo_mode_enabled | ||
172 | value: 0 | ||
173 | section: misc | ||
174 | - | ||
175 | name: demo_mode_username | ||
176 | value: wallabag | ||
177 | section: misc | ||
178 | - | ||
179 | name: download_images_enabled | ||
180 | value: 0 | ||
181 | section: misc | ||
182 | - | ||
183 | name: wallabag_support_url | ||
184 | value: https://www.wallabag.org/pages/support.html | ||
185 | section: misc | ||
186 | - | ||
187 | name: wallabag_url | ||
188 | value: http://v2.wallabag.org | ||
189 | section: misc | ||
190 | - | ||
191 | name: api_user_registration | ||
192 | value: 0 | ||
193 | section: api | ||
65 | 194 | ||
66 | wallabag_user: | 195 | wallabag_user: |
67 | registration_enabled: "%fosuser_registration%" | 196 | registration_enabled: "%fosuser_registration%" |
diff --git a/app/config/security.yml b/app/config/security.yml index efb00a53..ffb1d356 100644 --- a/app/config/security.yml +++ b/app/config/security.yml | |||
@@ -56,6 +56,7 @@ security: | |||
56 | access_control: | 56 | access_control: |
57 | - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } | 57 | - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } |
58 | - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY } | 58 | - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY } |
59 | - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY } | ||
59 | - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } | 60 | - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } |
60 | - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } | 61 | - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } |
61 | - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } | 62 | - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } |