From 0d0e941fb7e711e9de7de586100e9b6cb3592bcd Mon Sep 17 00:00:00 2001 From: mattamon Date: Wed, 16 Oct 2024 11:48:25 +0200 Subject: [PATCH 1/3] Update subscribers and docs --- config/event_subscribers.yaml | 3 ++- doc/00_Installation.md | 25 ++++++++++++++++--- .../PimcoreStudioBackendExtension.php | 7 ++++-- .../ApiExceptionSubscriber.php | 6 ++--- src/EventSubscriber/CorsSubscriber.php | 13 +++++----- src/Util/Trait/StudioBackendPathTrait.php | 4 +-- 6 files changed, 41 insertions(+), 17 deletions(-) diff --git a/config/event_subscribers.yaml b/config/event_subscribers.yaml index b7dd5c11b..0693e57df 100644 --- a/config/event_subscribers.yaml +++ b/config/event_subscribers.yaml @@ -7,7 +7,8 @@ services: #Subscriber Pimcore\Bundle\StudioBackendBundle\EventSubscriber\CorsSubscriber: tags: [ 'kernel.event_subscriber' ] + arguments: ['%pimcore_studio_backend.url_prefix%'] Pimcore\Bundle\StudioBackendBundle\EventSubscriber\ApiExceptionSubscriber: tags: [ 'kernel.event_subscriber' ] - arguments: ["%kernel.environment%"] \ No newline at end of file + arguments: ["%kernel.environment%", '%pimcore_studio_backend.url_prefix%'] \ No newline at end of file diff --git a/doc/00_Installation.md b/doc/00_Installation.md index 5ae4cebc9..c7e877d13 100644 --- a/doc/00_Installation.md +++ b/doc/00_Installation.md @@ -20,14 +20,15 @@ composer require pimcore/studio-backend-bundle 2) Enable Firewall settings To enable the firewall settings in your project, add the following configuration to your `config/packages/security.yaml` file: - +Keep in mind that the prefix part pimcore-studio/api can be changed to any other value in the config. +You need to adapt your access_control settings accordingly. ```yaml security: firewalls: pimcore_studio: '%pimcore_studio_backend.firewall_settings%' access_control: - - { path: ^/studio/api/(docs|docs.json|translations)$, roles: PUBLIC_ACCESS } - - { path: ^/studio, roles: ROLE_PIMCORE_USER } + - { path: ^/pimcore-studio/api/(docs|docs.json|translations)$, roles: PUBLIC_ACCESS } + - { path: ^/pimcore-studio, roles: ROLE_PIMCORE_USER } ``` 3) Make sure the bundle is enabled in the `config/bundles.php` file. The following lines should be added: @@ -110,3 +111,21 @@ pimcore_studio_backend: # Optional configuration cookie_lifetime: 3600 ``` + +## Changing the prefix of the Studio Backend +It is possible to change the route where you can reach the API. By default, the route is `/pimcore-studio/api/`. +If you want to change the prefix, you can do so by changing the configuration like the following: +Keep in mind that you need to update your access_control settings accordingly. +```yaml +pimcore_studio_backend: + url_prefix: '/your-prefix/api/' +``` + +```yaml +security: + firewalls: + pimcore_studio: '%pimcore_studio_backend.firewall_settings%' + access_control: + - { path: ^/your-prefix/api/(docs|docs.json|translations)$, roles: PUBLIC_ACCESS } + - { path: ^/your-prefix, roles: ROLE_PIMCORE_USER } +``` diff --git a/src/DependencyInjection/PimcoreStudioBackendExtension.php b/src/DependencyInjection/PimcoreStudioBackendExtension.php index 518c82b25..32c5d454e 100644 --- a/src/DependencyInjection/PimcoreStudioBackendExtension.php +++ b/src/DependencyInjection/PimcoreStudioBackendExtension.php @@ -70,9 +70,12 @@ public function load(array $configs, ContainerBuilder $container): void $this->checkValidOpenApiScanPaths($config['open_api_scan_paths']); $this->checkValidUrlPrefix($config['url_prefix']); + $definition = $container->getDefinition(OpenApiServiceInterface::class); - $definition->setArgument('$routePrefix', rtrim($config['url_prefix'], '/')); - $definition->setArgument('$openApiScanPaths', $config['open_api_scan_paths']); + $definition->setArguments([ + '$routePrefix' => $config['url_prefix'], + '$openApiScanPaths' => $config['open_api_scan_paths'], + ]); $definition = $container->getDefinition(CorsSubscriber::class); $definition->setArgument('$allowedHosts', $config['allowed_hosts_for_cors']); diff --git a/src/EventSubscriber/ApiExceptionSubscriber.php b/src/EventSubscriber/ApiExceptionSubscriber.php index b09ed5624..121cec47f 100644 --- a/src/EventSubscriber/ApiExceptionSubscriber.php +++ b/src/EventSubscriber/ApiExceptionSubscriber.php @@ -26,11 +26,11 @@ /** * @internal */ -final class ApiExceptionSubscriber implements EventSubscriberInterface +final readonly class ApiExceptionSubscriber implements EventSubscriberInterface { use StudioBackendPathTrait; - public function __construct(private readonly string $environment) + public function __construct(private string $environment, private string $urlPrefix) { } @@ -46,7 +46,7 @@ public function onKernelException(ExceptionEvent $event): void $exception = $event->getThrowable(); $request = $event->getRequest(); - if (!$this->isStudioBackendPath($request->getPathInfo())) { + if (!$this->isStudioBackendPath($request->getPathInfo(), $this->urlPrefix)) { return; } diff --git a/src/EventSubscriber/CorsSubscriber.php b/src/EventSubscriber/CorsSubscriber.php index 7116fd8c8..832f19b6a 100644 --- a/src/EventSubscriber/CorsSubscriber.php +++ b/src/EventSubscriber/CorsSubscriber.php @@ -27,14 +27,15 @@ use Symfony\Component\Routing\RouterInterface; use function in_array; -final class CorsSubscriber implements EventSubscriberInterface +final readonly class CorsSubscriber implements EventSubscriberInterface { use StudioBackendPathTrait; public function __construct( - private readonly RouterInterface $router, - private readonly UrlMatcherInterface $urlMatcher, - private readonly array $allowedHosts = [] + private string $urlPrefix, + private RouterInterface $router, + private UrlMatcherInterface $urlMatcher, + private array $allowedHosts = [] ) { } @@ -55,7 +56,7 @@ public function onKernelRequest(RequestEvent $event): void $request = $event->getRequest(); - if (!$this->isStudioBackendPath($request->getPathInfo())) { + if (!$this->isStudioBackendPath($request->getPathInfo(), $this->urlPrefix)) { return; } @@ -90,7 +91,7 @@ public function onKernelResponse(ResponseEvent $event): void { $request = $event->getRequest(); - if (!$this->isStudioBackendPath($request->getPathInfo())) { + if (!$this->isStudioBackendPath($request->getPathInfo(), $this->urlPrefix)) { return; } // Run CORS check in here to ensure domain is in the system diff --git a/src/Util/Trait/StudioBackendPathTrait.php b/src/Util/Trait/StudioBackendPathTrait.php index b5d12505b..186b62b96 100644 --- a/src/Util/Trait/StudioBackendPathTrait.php +++ b/src/Util/Trait/StudioBackendPathTrait.php @@ -23,8 +23,8 @@ */ trait StudioBackendPathTrait { - private function isStudioBackendPath(string $path): bool + private function isStudioBackendPath(string $path, string $urlPrefix): bool { - return str_starts_with($path, AbstractApiController::PREFIX); + return str_starts_with($path, $urlPrefix); } } From e3c41e45fb4c82ba281e2245683663980006a2ad Mon Sep 17 00:00:00 2001 From: mattamon Date: Wed, 16 Oct 2024 09:50:08 +0000 Subject: [PATCH 2/3] Apply php-cs-fixer changes --- src/Util/Trait/StudioBackendPathTrait.php | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/Util/Trait/StudioBackendPathTrait.php b/src/Util/Trait/StudioBackendPathTrait.php index 186b62b96..51c7e65b4 100644 --- a/src/Util/Trait/StudioBackendPathTrait.php +++ b/src/Util/Trait/StudioBackendPathTrait.php @@ -16,8 +16,6 @@ namespace Pimcore\Bundle\StudioBackendBundle\Util\Trait; -use Pimcore\Bundle\StudioBackendBundle\Controller\AbstractApiController; - /** * @internal */ From f249f5fc6bef550e0e220598dd628e692d43b94c Mon Sep 17 00:00:00 2001 From: mattamon Date: Wed, 16 Oct 2024 11:59:24 +0200 Subject: [PATCH 3/3] Remove lines --- doc/00_Installation.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/doc/00_Installation.md b/doc/00_Installation.md index c7e877d13..ac26ea8cd 100644 --- a/doc/00_Installation.md +++ b/doc/00_Installation.md @@ -123,8 +123,6 @@ pimcore_studio_backend: ```yaml security: - firewalls: - pimcore_studio: '%pimcore_studio_backend.firewall_settings%' access_control: - { path: ^/your-prefix/api/(docs|docs.json|translations)$, roles: PUBLIC_ACCESS } - { path: ^/your-prefix, roles: ROLE_PIMCORE_USER }