Add more exceptions on routes that are skipped in check.

Created on 16 March 2023, over 1 year ago

Updated 23 November 2023, 7 months ago

Problem/Motivation

Some frameworks need to fetch the JSONAPI index (the basic /jsonapi path) without Authorization, so we need to handle these exceptions somehow

Steps to reproduce

Try Next.js + Drupal

Proposed resolution

Add another exception route jsonapi.resource_list into your CheckUserRolePermissionEvent handler's if clause,
OR,
manage a blacklist configuration option inside settings form, and manage this exceptions in Dynamic mode
(Patch included)

Remaining tasks

Test

User interface changes

There's a new textarea element on Settings form.

API changes

None

Data model changes

None

✨ Feature request

Status

Active

Version

1.0

Component

Code

Created by

🇮🇹Italy eglaw Cittadella

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @eglaw
Comment over 1 year ago →
🇮🇹Italy eglaw Cittadella
Including the patch to fix this
Comment over 1 year ago →
🇮🇹Italy eglaw Cittadella
Comment 7 months ago →
🇮🇹Italy eglaw Cittadella
Added the patch for 1.1.1 version
Comment 7 months ago →
🇮🇹Italy eglaw Cittadella
Fixed the patch to apply

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024