Few minor fixes and adding another note to the vuepress docs

2025-12-25 22:23:10 +00:00 · 2018-12-10 18:03:32 +01:00 · 2018-12-10 18:03:32 +01:00 · 31d6c420a2
commit 31d6c420a2
parent 54f54a4aa9
2 changed files with 21 additions and 1 deletions
--- a/docs/3.x.x/guides/api-documentation.md
+++ b/docs/3.x.x/guides/api-documentation.md
@ -200,6 +200,20 @@ Overriding the `full_documentation.json` is a bad idea since it will be regenera

 You can easily modify the description, summary, parameters of a path however, for a response like the `200` you will need to write the full object. Take a look at the `./plugins/users-permissions/documentation/1.0.0/overrides/users-permissions-User.json` for a complete example.

+**_NOTE 3_**
+
+To modify your generated swagger files security on a specific model, for example to allow the public to use it, you will need to override the security for each path's action. For example with the route `/comments/count` typically all routes are protected by strapi, however if you allow the public role to use this without authentication you will need to override it in your model. See the below example:
+
+```json
+    "/comments/count": {
+      "get": {
+        "security": []
+      }
+    },
+```
+
+As you can see in that example, you are defining "no security" whereas normally you would need a bearer token to access. You will need to do this manually as the documentation plugin rewrites files and cannot pull permissions from the database as this would require a server restart each time the docs are updated.
+
 ## FAQ

 ### How does it generate the other plugins' documentation?
--- a/packages/strapi-plugin-users-permissions/documentation/1.0.0/overrides/users-permissions-User.json
+++ b/packages/strapi-plugin-users-permissions/documentation/1.0.0/overrides/users-permissions-User.json
@ -3,6 +3,7 @@
    "/auth/local/register": {
      "post": {
        "tags": ["Authentication"],
+        "security": [],
        "externalDocs": {
          "description": "Find out more in the strapi's documentation",
          "url": "https://strapi.io/documentation/guides/authentication.html#usage"
@ -48,7 +49,8 @@
    },
    "/auth/email-confirmation": {
      "get": {
-        "tags": ["Authentication"]
+        "tags": ["Authentication"],
+        "security": [],
      }
    },
    "/users-permissions/search/{id}": {
@ -72,6 +74,7 @@
      "get": {
        "summary": "Authenticate your user with a custom provider",
        "tags": ["Authentication"],
+        "security": [],
        "parameters":[
          {
            "name": "provider",
@ -102,6 +105,7 @@
          "url": "https://strapi.io/documentation/guides/authentication.html#login"
        },
        "tags": ["Authentication"],
+        "security": [],
        "requestBody": {
          "description": "The identifier param can either be an email or a username",
          "content": {
@ -177,6 +181,7 @@
    "/auth/forgot-password": {
      "post": {
        "tags": ["Authentication"],
+        "security": [],
        "summary": "Send an email to reset your password",
        "externalDocs": {
          "description": "Find out more in the strapi's documentation",
@ -214,6 +219,7 @@
    "/auth/reset-password": {
      "post": {
        "tags": ["Authentication"],
+        "security": [],
        "responses": {
          "200": {
            "description": "response",