[16.0][IMP]fastapi: expose FastAPI docs only if field is set

[PicchiSeba]

If we go into production right now, the FastAPI documentation endpoints (Swagger, Redoc, OpenAPI) are reachable by anyone.

There might be cases where this feature is not required or even prohibited.

With this PR we aim to hide these interfaces with a System Parameter

[OCA-git-bot]

Hi @lmignon, some modules you are maintaining are being modified, check this out!

[PicchiSeba]

While testing it I found a problem, not necessarily related to this implementation.

If I enable the endpoint with expose_fastapi_docs set to True the docs are reachable as expected. Then if I change expose_fastapi_docs to `False the docs are still reachable.

I found that the _prepare_fastapi_app_params method is never triggered after synching the endpoint. Perhaps it gets computed only before mounting the FastAPI app?

[lmignon]

While testing it I found a problem, not necessarily related to this implementation.

If I enable the endpoint with expose_fastapi_docs set to True the docs are reachable as expected. Then if I change expose_fastapi_docs to `False the docs are still reachable.

I found that the _prepare_fastapi_app_params method is never triggered after synching the endpoint. Perhaps it gets computed only before mounting the FastAPI app?

It's because you must add the new field into the list returned by the method _fastapi_app_fields. This will instruct the addon that the app must be rebuild when you new field is modified.

[OCA-git-bot]

This PR has the approved label and has been created more than 5 days ago. It should therefore be ready to merge by a maintainer (or a PSC member if the concerned addon has no declared maintainer). 🤖