diff --git a/config/config.yml.dist b/config/config.yml.dist index d642350..2d4d684 100644 --- a/config/config.yml.dist +++ b/config/config.yml.dist @@ -50,3 +50,6 @@ date-iso-8601: true # - 0 for no options (recommended for production) # - 128 for pretty print (recommended for testing/development) jsonoptions: 0 + +# Set this to true to disable frontend completely and display an empty page +disablefrontend: false \ No newline at end of file diff --git a/src/Config/Config.php b/src/Config/Config.php index e9b204d..c727ad8 100644 --- a/src/Config/Config.php +++ b/src/Config/Config.php @@ -62,12 +62,17 @@ class Config */ private $jsonOptions; + /** + * @var boolean + */ + private $disableFrontend; + public function __construct($config, Application $app) { if (isset($config['base'])) { $this->base = $config['base']; } - + $this->setBasePath($app['paths']['hosturl'] . $this->base); $this->setContentTypes($config['contenttypes']); $this->setReplacements($config['replacements']); @@ -77,6 +82,9 @@ public function __construct($config, Application $app) $this->setDateIso($config['date-iso-8601']); $this->setHeaders($config['headers']); $this->setJsonOptions($config['jsonoptions']); + + $disablefrontend = isset($config['disablefrontend']) ? $config['disablefrontend'] : false; + $this->setDisableFrontend($disablefrontend); } /** @@ -322,4 +330,24 @@ public function getSort($contentType) return ''; } + + /** + * @return bool + */ + public function isDisableFrontend() + { + return $this->disableFrontend; + } + + /** + * @param bool $disableFrontend + * + * @return Config + */ + public function setDisableFrontend($disableFrontend) + { + $this->disableFrontend = $disableFrontend; + + return $this; + } } diff --git a/src/JSONAPIExtension.php b/src/JSONAPIExtension.php index 9ec2868..3ddbe17 100644 --- a/src/JSONAPIExtension.php +++ b/src/JSONAPIExtension.php @@ -10,13 +10,17 @@ namespace Bolt\Extension\Bolt\JsonApi; +use Bolt\Controller\Zone; use Bolt\Extension\Bolt\JsonApi\Controllers\ContentController; use Bolt\Extension\Bolt\JsonApi\Exception\ApiException; +use Bolt\Extension\Bolt\JsonApi\Exception\FrontendDisabledException; use Bolt\Extension\Bolt\JsonApi\Provider\APIProvider; use Bolt\Extension\Bolt\JsonApi\Response\ApiErrorResponse; use Bolt\Extension\SimpleExtension; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpKernel\Event\FilterControllerEvent; use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; +use Symfony\Component\HttpKernel\Exception\HttpException; use Symfony\Component\HttpKernel\KernelEvents; /** @@ -63,11 +67,42 @@ public static function getSubscribedEvents() KernelEvents::EXCEPTION => [ ['error', 515], ], + KernelEvents::CONTROLLER => [ + ['disableFrontend', 10] + ] ]; return $parentEvents + $localEvents; } + public function disableFrontend(FilterControllerEvent $event) + { + $request = $event->getRequest(); + + $container = $this->getContainer(); + + $routeName = $request->get('_route'); + + //Check if request is NOT to frontend + if (! Zone::isFrontend($request)) { + return; + } + + //Check if we should disable frontend based upon the configuration + if (! $container['jsonapi.config']->isDisableFrontend()) { + return; + } + + //Only disable frontend routes, don't disable json routes + if (strpos($routeName, 'jsonapi') === false) { + $event->setController( + function() { + throw new HttpException(Response::HTTP_FORBIDDEN, "Front-end is disabled by JSON API extension."); + } + ); + } + } + /** * Listener to handle all exceptions thrown of type ApiException. It converts * the exception into an ApiErrorResponse.