From 426bb453d295900fb3e35dce2f9081a42639cf27 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Fri, 2 Jun 2017 10:19:33 +0200 Subject: API user creation behing a toggle I've added a toggle feature (in internal settings) so that user api creation can be disabled while form registration still can be enabled. Also, the /api/user endpoint shouldn't require authentication. Even if we check the authentication when sending a GET request, to retrieve current user information. I've moved all the internal settings definition to config to avoid duplicated place to define them. I don't know why we didn't did that earlier. --- app/config/security.yml | 1 + 1 file changed, 1 insertion(+) (limited to 'app/config/security.yml') diff --git a/app/config/security.yml b/app/config/security.yml index efb00a53..ffb1d356 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -56,6 +56,7 @@ security: access_control: - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } -- cgit v1.2.3 From 18c38dffc67d04e59a9cc26b6910d9b9a4a49cd6 Mon Sep 17 00:00:00 2001 From: Jeremy Benoist Date: Sat, 10 Jun 2017 13:11:08 +0200 Subject: Add RSS tags feeds --- app/config/security.yml | 1 + 1 file changed, 1 insertion(+) (limited to 'app/config/security.yml') diff --git a/app/config/security.yml b/app/config/security.yml index ffb1d356..e14a0bd1 100644 --- a/app/config/security.yml +++ b/app/config/security.yml @@ -61,6 +61,7 @@ security: - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } + - { path: /tags/(.*).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/share, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/settings, roles: ROLE_SUPER_ADMIN } - { path: ^/annotations, roles: ROLE_USER } -- cgit v1.2.3