Merge pull request #3136 from bolt/fix/api-access-public

Don't break `/bolt/api/` if it's set to public and it's accessed in a browser
bolt · Mar 24, 2022 · e69cdd9 · e69cdd9
2 parents 8b5b77d + 920a457
commit e69cdd9
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 7 deletions.
diff --git a/config/packages/api_platform.yaml b/config/packages/api_platform.yaml
@@ -6,10 +6,10 @@ api_platform:
     mapping:
         paths: ['%kernel.project_dir%/src/Entity']
     formats:
-        jsonld:   ['application/ld+json']
         json:     ['application/json']
+        jsonld:   ['application/ld+json']
         jsonapi:  ['application/vnd.api+json']
-        html:     ['text/html']
+        # html:     ['text/html']
     defaults:
             pagination:
                 client_items_per_page: true

diff --git a/src/Entity/Content.php b/src/Entity/Content.php
@@ -23,7 +23,7 @@
 
 /**
  * @ApiResource(
- *     normalizationContext={"groups"={"get_content","get_definition"}},
+ *     normalizationContext={"groups"={"get_content"}},
  *     denormalizationContext={"groups"={"api_write"},"enable_max_depth"=true},
  *     collectionOperations={
  *          "get"={"security"="is_granted('api:get')"},

diff --git a/src/Menu/BackendMenu.php b/src/Menu/BackendMenu.php
@@ -55,9 +55,14 @@ public function buildAdminMenu(): array
 
         $locale = $this->requestStack->getCurrentRequest()->getLocale();
 
-        /** @var User $user */
+        /** @var User|null $user */
         $user = $this->security->getUser();
-        $username = $user->getUsername();
+
+        if ($user instanceof User) {
+            $username = $user->getUsername();
+        } else {
+            $username = '';
+        }
 
         $cacheKey = 'bolt.backendMenu_' . $locale . '_' . $username;
 

diff --git a/templates/_base/layout.html.twig b/templates/_base/layout.html.twig
@@ -23,9 +23,12 @@
     <!-- Admin Toolbar -->
     <nav class="admin__toolbar" id="toolbar">
         {% set user_display_name = app.user.displayName|default('Unknown user') %}
-        {% set user_avatar = app.user.avatar|thumbnail(25, 25, 'crop')|default(null) %}
 
-        {% if user_avatar ends with 'placeholder.png' %}
+        {% if app.user.avatar is defined %}
+            {% set user_avatar = app.user.avatar|thumbnail(25, 25, 'crop')|default(null) %}
+        {% endif %}
+
+        {% if app.user.avatar is not defined or user_avatar ends with 'placeholder.png' %}
             {% set user_avatar = null %}
         {% endif %}