Api-platform: Customise Swagger UI Path

Created on 3 Jan 2019 · 3Comments · Source: api-platform/api-platform

Hello,

I tried to customize Swagger UI Path for the simple reason, to allow unauthenticated users to access for the documentation, and restrict access for the api.

access_control: - { path: ^/api/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } - { path: ^/api, roles: IS_AUTHENTICATED_FULLY } - { path: ^/docs, roles: IS_AUTHENTICATED_ANONYMOUSLY }

when i follow the documention : https://api-platform.com/docs/core/swagger/#changing-the-swagger-ui-location

i justly get duplicated link for Swagger UI, the first for the old path "/api" and a new one with "/docs", with a modified template for the two path.

Source

achref-riahi

All 3 comments

Hi,

here's an example from one of my applications.

 access_control:
        - { path: ^/newsletter/optin/(.*), roles: ['IS_AUTHENTICATED_ANONYMOUSLY']}
        - { path: ^/docs$, roles: ['IS_AUTHENTICATED_ANONYMOUSLY']}
        - { path: ^/(.*), roles: ['ROLE_ADMIN', 'ROLE_USER']}

Remove the item "{ path: ^/api, roles: IS_AUTHENTICATED_FULLY }". Then you no longer have a double link to Swagger UI. I had the same problem.

elevado on 11 Feb 2019

👍1

Controller "api_platform.swagger.action.ui" does neither exist as service nor as class

when i chang the location.

yudhir on 25 Feb 2019

😕2

I tried to customize Swagger UI Path for the simple reason, to allow unauthenticated users to access for the documentation, and restrict access for the api.

For restricting access to API resources, use access_control in your API resources (or your own listener that calls the security.authorization_checker).

Don't use access_control in security.yaml (which works by path regex, and as such does not allow granular control). :smile: