diff --git a/UPGRADE-1.8.md b/UPGRADE-1.8.md
index 6db31af0244..41c085137c9 100644
--- a/UPGRADE-1.8.md
+++ b/UPGRADE-1.8.md
@@ -1,5 +1,7 @@
# UPGRADE FROM `v1.8.4` TO `v1.8.6`
+1. Api is disabled by default, to enable it you need to set flag ``sylius_api.enabled`` to ``true`` in ``app/config/packages/_sylius.yaml``.
+
1. Change configuration of new ApiBundle in your `config/packages/security.yaml` file:
```diff
diff --git a/config/packages/_sylius.yaml b/config/packages/_sylius.yaml
index 79f5ce6c751..0c8986f4031 100644
--- a/config/packages/_sylius.yaml
+++ b/config/packages/_sylius.yaml
@@ -11,6 +11,9 @@ imports:
parameters:
sylius_core.public_dir: '%kernel.project_dir%/public'
+sylius_api:
+ enabled: false
+
sylius_shop:
product_grid:
include_all_descendants: true
diff --git a/config/packages/test/_sylius.yaml b/config/packages/test/_sylius.yaml
new file mode 100644
index 00000000000..cd01aaf7048
--- /dev/null
+++ b/config/packages/test/_sylius.yaml
@@ -0,0 +1,2 @@
+sylius_api:
+ enabled: true
diff --git a/config/packages/test_cached/_sylius.yaml b/config/packages/test_cached/_sylius.yaml
new file mode 100644
index 00000000000..cd01aaf7048
--- /dev/null
+++ b/config/packages/test_cached/_sylius.yaml
@@ -0,0 +1,2 @@
+sylius_api:
+ enabled: true
diff --git a/docs/api/unified_api/introduction.rst b/docs/api/unified_api/introduction.rst
index 0e4971ea839..6e64b5f182d 100644
--- a/docs/api/unified_api/introduction.rst
+++ b/docs/api/unified_api/introduction.rst
@@ -5,6 +5,7 @@ Introduction
The new, unified Sylius API is still under development, that's why the whole ``ApiBundle`` is tagged with ``@experimental``.
This means that all code from ``ApiBundle`` is excluded from :doc:`Backward Compatibility Promise `.
+ You can enable entire API by changing the flag ``sylius_api.enabled`` to ``true`` in ``app/config/packages/_sylius.yaml``.
We have decided that we should rebuild our API and use API Platform to build a truly mature, multi-purpose API
which can define a new standard for headless e-commerce backends.
diff --git a/psalm.xml b/psalm.xml
index 44fd2a52943..d1b21214816 100644
--- a/psalm.xml
+++ b/psalm.xml
@@ -123,6 +123,7 @@
+
diff --git a/src/Sylius/Bundle/ApiBundle/DependencyInjection/Configuration.php b/src/Sylius/Bundle/ApiBundle/DependencyInjection/Configuration.php
index d7bb70c125c..5ed913b6b85 100644
--- a/src/Sylius/Bundle/ApiBundle/DependencyInjection/Configuration.php
+++ b/src/Sylius/Bundle/ApiBundle/DependencyInjection/Configuration.php
@@ -27,6 +27,14 @@ public function getConfigTreeBuilder(): TreeBuilder
/** @var ArrayNodeDefinition $rootNode */
$rootNode = $treeBuilder->getRootNode();
+ $rootNode
+ ->children()
+ ->booleanNode('enabled')
+ ->defaultTrue()
+ ->end()
+ ->end()
+ ;
+
return $treeBuilder;
}
}
diff --git a/src/Sylius/Bundle/ApiBundle/DependencyInjection/SyliusApiExtension.php b/src/Sylius/Bundle/ApiBundle/DependencyInjection/SyliusApiExtension.php
index 157c6a6d1f1..77c4c3f221d 100644
--- a/src/Sylius/Bundle/ApiBundle/DependencyInjection/SyliusApiExtension.php
+++ b/src/Sylius/Bundle/ApiBundle/DependencyInjection/SyliusApiExtension.php
@@ -26,6 +26,8 @@ public function load(array $configs, ContainerBuilder $container): void
$config = $this->processConfiguration($this->getConfiguration([], $container), $configs);
$loader = new XmlFileLoader($container, new FileLocator(__DIR__ . '/../Resources/config'));
+ $container->setParameter('sylius_api.enabled', $config['enabled']);
+
$loader->load('services.xml');
}
}
diff --git a/src/Sylius/Bundle/ApiBundle/EventSubscriber/KernelRequestEventSubscriber.php b/src/Sylius/Bundle/ApiBundle/EventSubscriber/KernelRequestEventSubscriber.php
new file mode 100644
index 00000000000..f0fcf5ba960
--- /dev/null
+++ b/src/Sylius/Bundle/ApiBundle/EventSubscriber/KernelRequestEventSubscriber.php
@@ -0,0 +1,52 @@
+apiEnabled = $apiEnabled;
+ $this->apiRoute = $apiRoute;
+ }
+
+ public static function getSubscribedEvents()
+ {
+ return [
+ KernelEvents::REQUEST => ['validateApi', EventPriorities::PRE_VALIDATE],
+ ];
+ }
+
+ public function validateApi(RequestEvent $event): void
+ {
+ $pathInfo = $event->getRequest()->getPathInfo();
+
+ if ($this->apiEnabled === false && strpos($pathInfo, $this->apiRoute) !== false) {
+ $event->setResponse(new Response('Route not found', 404));
+ }
+ }
+}
diff --git a/src/Sylius/Bundle/ApiBundle/Resources/config/services/event_subscribers.xml b/src/Sylius/Bundle/ApiBundle/Resources/config/services/event_subscribers.xml
index b9d6eb99780..9368f1edde0 100644
--- a/src/Sylius/Bundle/ApiBundle/Resources/config/services/event_subscribers.xml
+++ b/src/Sylius/Bundle/ApiBundle/Resources/config/services/event_subscribers.xml
@@ -16,6 +16,11 @@
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"
>
+
+ %sylius_api.enabled%
+ %sylius.security.new_api_route%
+
+
diff --git a/src/Sylius/Bundle/ApiBundle/spec/EventSubscriber/KernelRequestEventSubscriberSpec.php b/src/Sylius/Bundle/ApiBundle/spec/EventSubscriber/KernelRequestEventSubscriberSpec.php
new file mode 100644
index 00000000000..d98b13c8bb0
--- /dev/null
+++ b/src/Sylius/Bundle/ApiBundle/spec/EventSubscriber/KernelRequestEventSubscriberSpec.php
@@ -0,0 +1,77 @@
+beConstructedWith(true, '/new-api');
+ }
+
+ function it_does_nothing_if_api_is_enabled(
+ RequestEvent $event,
+ Request $request,
+ HttpKernelInterface $kernel
+ ): void {
+ $event->getRequest()->willReturn($request);
+
+ $request->getPathInfo()->willReturn('/new-api/any-endpoint');
+
+ $event->setResponse(new Response('Route not found', 404))->shouldNotBeCalled();
+
+ $this->validateApi($event);
+ }
+
+ function it_returns_404_if_api_is_disabled(
+ RequestEvent $event,
+ Request $request,
+ HttpKernelInterface $kernel
+ ): void {
+ $this->beConstructedWith(false, '/new-api');
+
+ $event->getRequest()->willReturn($request);
+
+ $request->getPathInfo()->willReturn('/new-api/any-endpoint');
+
+ $event->setResponse(new Response('Route not found', 404))->shouldBeCalled();
+
+ $this->validateApi($event);
+ }
+
+ function it_does_nothing_for_non_api_endpoints_when_api_is_disabled(
+ RequestEvent $event,
+ Request $request,
+ HttpKernelInterface $kernel
+ ): void {
+ $this->beConstructedWith(false, '/new-api');
+
+ $event->getRequest()->willReturn($request);
+
+ $request->getPathInfo()->willReturn('/');
+
+ $event->setResponse(new Response('Route not found', 404))->shouldNotBeCalled();
+
+ $this->validateApi($event);
+ }
+}