feat: Added RoadizUserBundle configuration

roadiz · Jun 13, 2022 · 37dbc5a · 37dbc5a
1 parent 5bba2bb
commit 37dbc5a
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 9 deletions.
diff --git a/config/api_resources/user.yaml b/config/api_resources/user.yaml
@@ -8,10 +8,20 @@ RZ\Roadiz\CoreBundle\Entity\User:
             path: '/users/signup'
             controller: RZ\Roadiz\UserBundle\Controller\SignupController
             input: RZ\Roadiz\UserBundle\Api\Dto\UserInput
+            output: RZ\Roadiz\UserBundle\Api\Dto\UserOutput
             openapi_context:
                 summary: Create a new public user
                 description: |
                     Create a new public user. User won't be validated and will not be granted with any role
+        password_request:
+            method: 'POST'
+            path: '/users/password_request'
+            controller: RZ\Roadiz\UserBundle\Controller\PasswordRequestController
+            input: RZ\Roadiz\UserBundle\Api\Dto\UserPasswordRequestInput
+            openapi_context:
+                summary: Request a public user new password
+                description: |
+                    Initiate a public user new password request (forgot my password)
 
     itemOperations:
         information:
@@ -24,29 +34,23 @@ RZ\Roadiz\CoreBundle\Entity\User:
                 summary: Get current user (JWT) information
                 description: |
                     Get current user (JWT) information
+
         validate:
             method: 'PATCH'
             path: '/users/{id}/validate'
             controller: RZ\Roadiz\UserBundle\Controller\ValidateController
             input: RZ\Roadiz\UserBundle\Api\Dto\UserTokenInput
+            output: RZ\Roadiz\UserBundle\Api\Dto\UserOutput
             openapi_context:
                 summary: Validate a public user email
                 description: |
                     Validate a public user email with a unique and temporary token
-        password_request:
-            method: 'PATCH'
-            path: '/users/{id}/password_request'
-            controller: RZ\Roadiz\UserBundle\Controller\PasswordRequestController
-            input: RZ\Roadiz\UserBundle\Api\Dto\UserPasswordRequestInput
-            openapi_context:
-                summary: Request a public user new password
-                description: |
-                    Initiate a public user new password request (forgot my password)
         password_reset:
             method: 'PATCH'
             path: '/users/{id}/password_reset'
             controller: RZ\Roadiz\UserBundle\Controller\PasswordResetController
             input: RZ\Roadiz\UserBundle\Api\Dto\UserPasswordTokenInput
+            output: RZ\Roadiz\UserBundle\Api\Dto\UserOutput
             openapi_context:
                 summary: Reset a public user password
                 description: |

diff --git a/config/packages/cache.yaml b/config/packages/cache.yaml
@@ -18,4 +18,5 @@ framework:
         pools:
             cache.contact_form_limiter: ~
             cache.custom_form_limiter: ~
+            cache.user_signup_limiter: ~
             #my.dedicated.cache: null
diff --git a/config/packages/doctrine.yaml b/config/packages/doctrine.yaml
@@ -19,6 +19,12 @@ doctrine:
                 dir: 'src/Entity'
                 prefix: 'RZ\Roadiz\CoreBundle\Entity'
                 alias: RoadizCoreBundle
+            RoadizUserBundle:
+                is_bundle: true
+                type: annotation
+                dir: 'src/Entity'
+                prefix: 'RZ\Roadiz\UserBundle\Entity'
+                alias: RoadizUserBundle
             RZ\Roadiz\Core:
                 is_bundle: false
                 type: annotation

diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml
@@ -33,6 +33,11 @@ framework:
             limit: 10
             rate: { interval: '1 minutes', amount: 5 }
             cache_pool: 'cache.custom_form_limiter'
+        user_signup:
+            policy: 'token_bucket'
+            limit: 5
+            rate: { interval: '1 minutes', amount: 3 }
+            cache_pool: 'cache.user_signup_limiter'
 
     csrf_protection:
         enabled: true

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
@@ -75,5 +75,8 @@ security:
         - { path: ^/api/token, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: "^/api/custom_forms/(?:[0-9]+)/post", methods: [ POST ], roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: "^/api/contact_form/post", methods: [ POST ], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "^/api/users/signup", methods: [ POST ], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "^/api/users/password_request", methods: [ POST ], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: "^/api/users", methods: [ GET, PUT, PATCH, POST ], roles: ROLE_USER }
         - { path: ^/api, roles: ROLE_BACKEND_USER, methods: [ POST, PUT, PATCH, DELETE ] }
         # - { path: ^/profile, roles: ROLE_USER }