Enable or disable Content Block Kickstarter via extension configuration

TYPO3-Initiatives / content-block-registration-api

This is a repository of the TYPO3 Structured Content Initiative. It provides the registration API for Content Blocks for TYPO3.

GNU General Public License v2.0

19 stars 7 forks source link

Closed typecat closed 2 years ago

typecat commented 3 years ago

The creation of new content blocks should not be available in production by default due to security issues. There are two options:

Disable the kickstarter if the application context is production (or have a toggle for that, which is off by default).
Move the kickstarter into a separate extension, which can be installed as requrie-dev dependency.

typecat commented 3 years ago

Personally, I would go for the "separate extension" approach.

typecat commented 2 years ago

We discussed this question and decided to go with neither of the options, because:

The application context is not granular enough and not all installations have an application context.
A change in the API would affect two extensions then, which is harder to maintain.

Instead we decided to implement a third option: Dis- or enable the kickstarter via extension configuration.

krausandre commented 2 years ago

@typecat I guess this is done by commit c3ffb92e42c61dbb16bcc78381cc8a502d98f56f Think we can close this issue?

typecat commented 2 years ago

Yes, verified.