Disable specific Symfony routes

Question

Long story short: I'm setting up a private Packagist site for my company, and I need to disable user registration [users are created by Chef] while still allowing Github OAuth connectivity.

I disabled the general signup page by adding the following un-satisfiable condition to the route in routing.yml:

fos_user_register:
    resource: '@FOSUserBundle/Resources/config/routing/registration.xml'
    prefix: /register
    condition: "1 == 0"

However I've found that if you try to sign in with Github without first connecting your existing account there is a second registration form under /connect/registration that are governed by the routes:

hwi_oauth_connect:
    resource: '@HWIOAuthBundle/Resources/config/routing/connect.xml'
    prefix:   /connect

in routing.yml, and:

<route id="hwi_oauth_connect_registration" path="/registration/{key}">
    <default key="_controller">HWIOAuthBundle:Connect:registration</default>
</route>

Which is in vendor/hwi/oauth-bundle/Resources/config/routing/connect.xml.

How can I disable only /connect/registration without modifying the connect.xml in the vendor folder?

Answer 1

Copy the content of the file '@HWIOAuthBundle/Resources/config/routing/connect.xml' and paste it in a new app/config/routing_hwi_connect.xml.

Disable the route by setting up your custom check in the newly created file:

<route id="hwi_oauth_connect_registration" path="/registration/{key}">
    <default key="_controller">HWIOAuthBundle:Connect:registration</default>
    <condition>1 == 0</condition>
</route>

In your routing.yml, change hwi_oauth_connect to:

hwi_oauth_connect:
    resource: "routing_hwi_connect.xml"
    prefix:   /connect

And it should return a 404 when someone try to access it.

Also, there is surely better approach to allow/restrict routes, maybe by creating a pre-register method, then look in the SecurityBundle configuration where you can easily do something good.