Added the possibility to enable/disable REST APIs
This commit is contained in:
		| @ -317,6 +317,10 @@ Possible array keys: | ||||
| - special: minimum number of special characters; | ||||
| - min: minimum number of characters (= minimum length). | ||||
|  | ||||
| #### enableRestApi (type: `boolean`, default: `false`) | ||||
|  | ||||
| Whether to enable REST APIs. | ||||
|  | ||||
| #### authenticatorClass (type: `string`, default: `yii\filters\auth\QueryParamAuth`) | ||||
|  | ||||
| Which class to use as authenticator for REST API. | ||||
|  | ||||
| @ -139,6 +139,10 @@ class AdminController extends ActiveController | ||||
|      */ | ||||
|     public function checkAccess($action, $model = null, $params = []) | ||||
|     { | ||||
|         // Check if the REST APIs are enabled | ||||
|         if (!$this->module->enableRestApi) { | ||||
|             throw new NotFoundHttpException(Yii::t('usuario', 'The requested page does not exist.')); | ||||
|         } | ||||
|         // Access for admins only | ||||
|         if (!Yii::$app->user->can('admin')) { | ||||
|             throw new ForbiddenHttpException(Yii::t('usuario', 'User does not have sufficient permissions.')); | ||||
|  | ||||
| @ -249,6 +249,10 @@ class Module extends BaseModule | ||||
|         'digit' => 1, | ||||
|         'upper' => 1, | ||||
|     ]; | ||||
|     /** | ||||
|      * @var boolean Whether to enable REST APIs. | ||||
|      */ | ||||
|     public $enableRestApi = false; | ||||
|     /** | ||||
|      * @var string Which class to use as authenticator for REST API. | ||||
|      * Possible values: `HttpBasicAuth`, `HttpBearerAuth` or `QueryParamAuth`. | ||||
|  | ||||
		Reference in New Issue
	
	Block a user