Added the possibility to enable/disable REST APIs

This commit is contained in:
MatteoF96
2022-09-22 17:19:24 +02:00
parent 312861c854
commit 08e1355753
3 changed files with 12 additions and 0 deletions

View File

@ -317,6 +317,10 @@ Possible array keys:
- special: minimum number of special characters;
- min: minimum number of characters (= minimum length).
#### enableRestApi (type: `boolean`, default: `false`)
Whether to enable REST APIs.
#### authenticatorClass (type: `string`, default: `yii\filters\auth\QueryParamAuth`)
Which class to use as authenticator for REST API.

View File

@ -139,6 +139,10 @@ class AdminController extends ActiveController
*/
public function checkAccess($action, $model = null, $params = [])
{
// Check if the REST APIs are enabled
if (!$this->module->enableRestApi) {
throw new NotFoundHttpException(Yii::t('usuario', 'The requested page does not exist.'));
}
// Access for admins only
if (!Yii::$app->user->can('admin')) {
throw new ForbiddenHttpException(Yii::t('usuario', 'User does not have sufficient permissions.'));

View File

@ -249,6 +249,10 @@ class Module extends BaseModule
'digit' => 1,
'upper' => 1,
];
/**
* @var boolean Whether to enable REST APIs.
*/
public $enableRestApi = false;
/**
* @var string Which class to use as authenticator for REST API.
* Possible values: `HttpBasicAuth`, `HttpBearerAuth` or `QueryParamAuth`.