Restrict access for store urls in API Manager

Question

New in the WSO2 community I succeed to install the APIM solution.

Now I would like to make public the API Manager store to some of my customers. However, I'm not interested in allow them to access to the forum and analytics.

I haven't found any URL restriction and a way to hide the menu links by roles in your documentation. So, is it possible ?

For example :

• /store/site/pages/statistics will only be allowed to analyst and administrator
• /store/forum will be disable

For now, I just only managed to disable links and menu button in a custom subtheme.

Thank you

Answer 1

Here are the manipulation to disable community features (forum, comments and stars) and Analytics for end users.

First, you have to modify the api-manager.xml file from wso2_install/repository/conf and set those XML tags to false :

• <DisplayComments>false</DisplayComments>
• <DisplayRatings>false</DisplayRatings>
• <isStoreForumEnabled>false</isStoreForumEnabled>

This way all comunity features will be disabled.

Second, to disable analytics the only way I found is to modify the repository\deployment\server\jaggeryapps\store\site\themes\wso2\subthemes\my_subtheme\templates\menu\primary\template.jag file in a subthemes (Documentation : Adding a New API Store Theme).

In addition I've created a variable in that template : var isAnalyticsEnabled = org.wso2.carbon.apimgt.impl.utils.APIUtil.isAnalyticsEnabled(); that I used to disable blocks in the menu.

Answer 2

the forum, comments or analytics can be disabled in the /repository/conf/api-manager.xml Then these are disabled for the whole environment. There's no role or permission to allow or restrict access to these functionalities.

Indeed you can check the roles on the jaggery (theme) level