I am using FOSJsRoutingBundle
along with FOSRestBundle
and what I want to do is define whole controllers for exposing routes like here:
# Bundle's routing.yml imported as resource in app/config/routing.yml
my_api:
resource: 'MyBundle\Controller\ApiController'
type: rest
prefix: /api
name_prefix: my_api_
options:
expose: true
BUT also I want to NOT expose routes secured with @Secure
annotation, which are not accessible by current user, without explicitely setting expose = false
on that routes. We all know human memory is fallible so I would like to automate it.
This is because I want to make sure that any denied route will not be exposed to frontend if user can't access it. There is Angular app on the frontend side and it would be better for us to know if route is accessible before requesting it (we could use Routing.getRoute()
for checking it's allowed and for example do not display menu item if route is denied).
Or maybe there is better solution for that?