src/Routing/ReadOnlyModeMethodFilter.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/Routing/ReadOnlyModeMethodFilter.php b/src/Routing/ReadOnlyModeMethodFilter.php index f12920a..b77cb75 100644 --- a/src/Routing/ReadOnlyModeMethodFilter.php +++ b/src/Routing/ReadOnlyModeMethodFilter.php @@ -45,6 +45,11 @@ class ReadOnlyModeMethodFilter implements FilterInterface { * {@inheritdoc} */ public function filter(RouteCollection $collection, Request $request) { + $all_supported_methods = []; + foreach ($collection->all() as $name => $route) { + $all_supported_methods = array_merge($all_supported_methods, $route->getMethods()); + } + $collection = $this->inner->filter($collection, $request); if (!$this->readOnlyModeIsEnabled) { @@ -52,7 +57,6 @@ class ReadOnlyModeMethodFilter implements FilterInterface { } $read_only_methods = ['GET', 'HEAD', 'OPTIONS', 'TRACE']; - $all_supported_methods = []; foreach ($collection->all() as $name => $route) { if (!$route->hasDefault(Routes::JSON_API_ROUTE_FLAG_KEY)) { continue; @@ -62,14 +66,13 @@ class ReadOnlyModeMethodFilter implements FilterInterface { assert(count($supported_methods) > 0, 'JSON:API routes always have a method specified.'); $is_read_only_route = empty(array_diff($supported_methods, $read_only_methods)); if (!$is_read_only_route) { - $all_supported_methods = array_merge($supported_methods, $all_supported_methods); $collection->remove($name); } } if (count($collection)) { return $collection; } - throw new MethodNotAllowedHttpException(array_unique($all_supported_methods), sprintf("JSON:API's read-only mode is enabled. Site administrators can enable writes at %s.", Url::fromRoute('jsonapi.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl())); + throw new MethodNotAllowedHttpException(array_intersect($all_supported_methods, $read_only_methods), sprintf("JSON:API's read-only mode is enabled. Site administrators can enable writes at %s.", Url::fromRoute('jsonapi.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl())); } }