Generally when I try to search for the solution they direct me to security.yml in the config folder. But whenever I change it to my module name lets says "user"
user:
is_secure: true
it doesn't work while....
all:
is_secure: true
locked up all the page so what should I do to handling on specific modules or files if possible. Thanks for the valuable time and comment.
Edit:
My path
<!-- apps/frontend/modules/user -->
originally under user folder doesn't have config folder...
If you want to secure an specific module you have to define it in its config folder at security.yml file (like you said but in the desire module). For example, if I have a clients module with index, new, create, etc actions and want to secure the new and create actions, you have to add to the
<!-- /app_name/modules/clients/config/security.yml -->
new:
is_secure: true
credentials: [...] //if you defined credentials
create:
is_secure: true
credentials: [...] //if you defined credentials
If you want to secure all clients module just set
<!-- /app_name/modules/clients/config/security.yml -->
all:
is_secure: true
Related
I would like to access Rails.application.secrets as an object till its deeper length.
Example: ../config/secrets.yml
development:
secret_key_base: ""
my_data:
user_email: "abc#example.io"
external_service:
remote:
password: ""
local:
password: ""
Presently Remote password of an external service is fetched using:
Rails.application.secrets.my_data[:external_service][:remote][:password]
Instead I would like to access it as below:
Rails.application.secrets.my_data.external_service.remote.password
Is there a way that I can configure my application to behave in above format?
Note:
Only config/secrets.yml must be affected
Please specify the file path/name where the configurations must be changed/added
Also suggest if there is an alternate way(gem, etc)
You might be able to put this in an initializer and achieve what you're looking for:
Rails.application.secrets = JSON.parse(Rails.application.secrets.to_json, object_class: OpenStruct)
Oke so back to https://api-platform.com :)
So I currently have corsAllowOrigin: "*" #to allow all origins in my helm values file (as per docs). To make sure that the propper headers are bieng set on return values.
Now I would expect (as per docs) that the Access-Control-Allow-Origin: would now go to "*" however it goes to Access-Control-Allow-Origin: null. That's of course a bit annoying because it prevent react native apps of accessing the API.
Question here, is this a bug? Am I using the wrong values? Or overlooking something?
Sets .env file with:
###> nelmio/cors-bundle ###
CORS_ALLOW_ORIGIN=['*']
###< nelmio/cors-bundle ###
By default, API Platform uses nelmio cors and the default config use the environment variable CORS_ALLOW_ORIGIN.
With that you can allow any url with this config in your .env (or .env.local) with CORS_ALLOW_ORIGIN=^https?://.*?$
As the others have said, CORS is handled by nelmio/cors-bundle. If you don't wish to modify env files, the actual package configuration for it is documented on its GitHub page https://github.com/nelmio/NelmioCorsBundle.
The configuration you'd want to modify is the allow_origin configuration, which can have a default value or can be configured based on the path of the current request. Pretty neat.
In config/packages/nelmio_cors.yaml:
nelmio_cors:
defaults:
...
allow_origin: []
...
paths:
'^/api/':
...
allow_origin: ['*']
...
'^/':
...
allow_origin: ['^http://localhost:[0-9]+']
...
My config file on remote git repo:
myapp-uat.properties:
portal.db.userName=allen
portal.db.password=allen1235
I could load this file on client side, and I want save these properties by call /env, but get portal.db.password=***.
I wonder if I could get real value (portal.db.password=allen1235) by adding some properties in client config file or some other methods. Hope for your help.
The below is the default sanitized keywords for /env endpoint.
endpoints:
env:
keys-to-sanitize: password,secret,key,token,.*credentials.*,vcap_services
You can override the below property without password by defining below in your application.yml/properties.
endpoints:
env:
keys-to-sanitize: secret,key,token,.*credentials.*,vcap_services
Suppose I have the following dir:
root.properties
dev-ci
common.properties
app_dir
app.properties
prod
stage
test
test/stage/prod all follow dev-ci's dir/path structure.
How can I setup my bootstrap.yml file so that when I start my app, it'll load the following:
root.properties
dev-ci/common.properties
dev-ci/app_dir/app.properties
Is there a way to set up my yml so that it takes some parameter from commandline? Or will I have to map out all the possible 'paths' then pass in some label/name?
Lastly, where does the tag name come into play?
I'd like to export my Plone session configuration to my portal product.
The session configuration is set via the ZMI -> acl-users -> session -> properties
I have tried creating a snapshot of the site but can't locate the session configuration within the snapshot xml...
Indeed, there is no GenericSetup configuration support included in plone.session; there is currently nothing that'll export it for you, nor anything to then import the settings.
You'd have to write a setup step for it instead, and configure the session plugin manually through that.
Add an import step to your configure.zcml configuration file:
<?xml version="1.0"?>
<configure
xmlns="http://namespaces.zope.org/zope"
xmlns:genericsetup="http://namespaces.zope.org/genericsetup"
<genericsetup:importStep
name="yourpackage.a_unique_id_for_your_step"
title="Configures the plone.session plugin"
description="Perhaps an optional description"
handler="your.package.setuphandlers.setupPloneSession"
/>
</configure>
and add an empty 'sentinel' text file to the same profile directory named youpackage.setup-plonesession.txt
then add a setuphandlers.py module to your package (what handler points to in the above example):
def setupPloneSession(context):
if context.readDataFile('youpackage.setup-plonesession.txt') is None:
return
portal = context.getSite()
plugin = portal.acl_users.session
# Configure the plugin manually
plugin.path = '/'
plugin.cookie_name = '__ac'
plugin.cookie_domain = ''
# Set up a shared auth_tkt secret
plugin._shared_secret = 'YourSharedSecretKey'
plugin.mod_auth_tkt = True
Note that we first test if the sentinel file is present; if you reuse your package setup elsewhere the setup step could be run multiple times if you don't do this.
You'll need to refer to the plugin source to get an idea of what you can configure, I'm afraid.