Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Role-based API support for POST, PUT and DELETE operations #2648

Merged
merged 30 commits into from
Nov 29, 2021

Conversation

I-Valchev
Copy link
Member

@I-Valchev I-Valchev commented Jun 21, 2021

Thanks to @simongroenewolt 's fantastic work, this works almost out-of-the-box!

Todo:

  • Make the content-specific permission work ❌ not in this PR
  • Test thoroughly! (It's giving write access, after all!)

This is considered a BC, because it'll close the GET API only for roles that have api:get. It can be opened up with Symfony's anonymous roles.

Sorry, something went wrong.

@I-Valchev
Copy link
Member Author

I-Valchev commented Nov 16, 2021

Making slow progress on this.. now it's possible to authenticate using basic auth and do things like POSTing these:

To create a field for a known content

{
    "name": "title",
    "content": "/api/contents/126",
    "value": [
        "test me"
    ]
}

To create a new content with its fields

{
    "contentType": "dummies",
    "status": "published",
    "createdAt": "2021-11-16T14:07:10.333Z",
    "modifiedAt": "2021-11-16T14:07:10.333Z",
    "publishedAt": "2021-11-16T14:07:10.333Z",
    "depublishedAt": "2021-11-16T14:07:10.333Z",
    "fields": [
        {
            "name": "title",
            "value": ["This is a test value for the title"]
        }
    ]
}

Bugs:

  • Fields are always type generic
  • Can't set the author of a content

Sorry, something went wrong.

@I-Valchev I-Valchev changed the base branch from master to 5.0 November 19, 2021 09:42
@I-Valchev I-Valchev changed the base branch from 5.0 to master November 19, 2021 09:42
@I-Valchev I-Valchev changed the title [WIP] Role-based API support for POST, PUT and DELETE operations Role-based API support for POST, PUT and DELETE operations Nov 19, 2021
@I-Valchev I-Valchev marked this pull request as ready for review November 19, 2021 09:52
@I-Valchev I-Valchev changed the base branch from master to 5.0 November 19, 2021 14:52
@I-Valchev I-Valchev changed the base branch from 5.0 to master November 19, 2021 14:53
@I-Valchev
Copy link
Member Author

After adding the migrations, this is no longer a BC.

Copy link
Member

@bobdenotter bobdenotter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoop whoop! 🎉

@bobdenotter bobdenotter merged commit 6016c91 into master Nov 29, 2021
@bobdenotter bobdenotter deleted the feature/post-api branch November 29, 2021 11:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants