From 5a5148707c4d492fd2125586fe0c21eeb4d7e5a6 Mon Sep 17 00:00:00 2001
From: Casper Meijn <casper@meijn.net>
Date: Fri, 17 Feb 2023 10:46:07 +0100
Subject: [PATCH] Fix API `allowed_registration`

Two configuration options need to be enabled to allow user registration via the API:
1) fosuser_registration, which indicates whether registration is allowed at all (frontend and API)
2) api_user_registration, which indicates whether registration is allowed via the API
---
 .../Controller/WallabagRestController.php     |  5 ++--
 .../Controller/WallabagRestControllerTest.php | 29 +++++++++++++++++++
 2 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
index f1b6f83b4..21d457728 100644
--- a/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
+++ b/src/Wallabag/ApiBundle/Controller/WallabagRestController.php
@@ -2,6 +2,7 @@
 
 namespace Wallabag\ApiBundle\Controller;
 
+use Craue\ConfigBundle\Util\Config;
 use Doctrine\ORM\EntityManagerInterface;
 use FOS\RestBundle\Controller\AbstractFOSRestController;
 use JMS\Serializer\SerializationContext;
@@ -75,12 +76,12 @@ class WallabagRestController extends AbstractFOSRestController
      *
      * @return JsonResponse
      */
-    public function getInfoAction()
+    public function getInfoAction(Config $craueConfig)
     {
         $info = [
             'appname' => 'wallabag',
             'version' => $this->getParameter('wallabag_core.version'),
-            'allowed_registration' => $this->getParameter('fosuser_registration'),
+            'allowed_registration' => $this->getParameter('fosuser_registration') && $craueConfig->get('api_user_registration'),
         ];
 
         return (new JsonResponse())->setJson($this->serializer->serialize($info, 'json'));
diff --git a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
index 8b49c0ae0..98817bb13 100644
--- a/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/WallabagRestControllerTest.php
@@ -2,6 +2,7 @@
 
 namespace Tests\Wallabag\ApiBundle\Controller;
 
+use Craue\ConfigBundle\Util\Config;
 use Tests\Wallabag\ApiBundle\WallabagApiTestCase;
 
 class WallabagRestControllerTest extends WallabagApiTestCase
@@ -35,4 +36,32 @@ class WallabagRestControllerTest extends WallabagApiTestCase
 
         $this->assertSame('wallabag', $content['appname']);
     }
+
+    public function testAllowedRegistration()
+    {
+        // create a new client instead of using $this->client to be sure client isn't authenticated
+        $client = static::createClient();
+
+        if (!$client->getContainer()->getParameter('fosuser_registration')) {
+            $this->markTestSkipped('fosuser_registration is not enabled.');
+
+            return;
+        }
+
+        $client->getContainer()->get(Config::class)->set('api_user_registration', 1);
+
+        $client->request('GET', '/api/info');
+
+        $content = json_decode($client->getResponse()->getContent(), true);
+
+        $this->assertTrue($content['allowed_registration']);
+
+        $client->getContainer()->get(Config::class)->set('api_user_registration', 0);
+
+        $client->request('GET', '/api/info');
+
+        $content = json_decode($client->getResponse()->getContent(), true);
+
+        $this->assertFalse($content['allowed_registration']);
+    }
 }