I understand when allowing similarly accessible routes, that the order of the routes matter.
Where I'm confused is why when submitting a DELETE request to this route, does it match to the GET route, instead of ignoring it and trying the matched method one below it?
/**
* #Route("/{game}")
* #Method({"GET"})
*/
public function single(Request $request, GameSerializer $gameSerializer, Game $game) {
$out = $gameSerializer->bind($game);
return new JsonResponse($out);
}
/**
* #Route("/{game}")
* #Method({"DELETE"})
*/
public function remove(Request $request, Game $game) {
$em = $this->getDoctrine()->getManager();
$em->remove($game);
$em->flush();
return new JsonResponse([], 200);
}
Full disclosure
I understand why it matches the top most route based on strictly patterns
I dont understand why the access method is getting ignored when doing so
So, just to test, I adjusted to move the DELETE based route up above the GET route
/**
* #Route("/{game}")
* #Method({"DELETE"})
*/
public function remove(Request $request, Game $game) {
$em = $this->getDoctrine()->getManager();
$em->remove($game);
$em->flush();
return new JsonResponse([], 200);
}
/**
* #Route("/{game}")
* #Method({"GET"})
*/
public function single(Request $request, GameSerializer $gameSerializer, Game $game) {
$out = $gameSerializer->bind($game);
return new JsonResponse($out);
}
only.. for this to happen when I tried getting an existing non-test record by performing a basic operation of visiting the url in a browser (so, GET)
and oh boy, did it ever delete that record.
Why is the Access Method being ignored?
First of all, careful of which SensioFrameworkExtraBundle version you are using because the #Method annotation from SensioFrameworkExtraBundle has been removed in latest version. Instead, the Symfony #Route annotation defines a methods option to restrict the HTTP methods of the route:
*
* #Route("/show/{id}", methods={"GET","HEAD"})
*
But in your case, if you're using HTML forms and HTTP methods other than GET and POST, you'll need to include a _method parameter to fake the HTTP method.
See How to Change the Action and Method of a Form for more information.
I think you have to add route name and it must be unique.
Try with following way:
/**
* #Route("/{game}",name="api_remove")
* #Method({"DELETE"})
*/
public function remove(Request $request, Game $game) {
...
}
/**
* #Route("/{game}",name="single_remove")
* #Method({"GET"})
*/
public function single(Request $request, GameSerializer $gameSerializer, Game $game) {
...
}
Related
I have a ArgumentValueResolverInterface that creates and validates DTOs.
I have also setup a firewall to protect routes and additionally use IsGranted attribute for fine grained access control.
Problem is that the value resolver and validation runs before the security firewall and show validation errors even if the request is unauthenticated.
How can I change the value resolver to run after security is resolved?
Is this even possible?
class RequestDTOValueResolver implements ArgumentValueResolverInterface
{
/**
* RequestDTOValueResolver constructor.
* #param ValidatorInterface $validator
*/
public function __construct(protected ValidatorInterface $validator)
{}
/**
* #inheritDoc
*/
public function supports(Request $request, ArgumentMetadata $argument): bool
{
return is_subclass_of($argument->getType(), RequestDTOInterface::class);
}
/**
* #inheritDoc
* #throws ValidationException
* #throws Exception
*/
public function resolve(Request $request, ArgumentMetadata $argument): iterable
{
$className = $argument->getType();
/** #var AbstractRequestDTO $dto */
$dto = new $className($request); //$this->parseRequest($request, $argument);
$groups = $dto->getGroups();
$errors = $this->validator->validate($dto, null, !empty($groups) ? $groups : null);
if ($errors->count()) {
throw ValidationException::create($errors, "One or more fields are invalid.");
}
yield $dto;
}
}
According to the official documentation, which is available here (it's not so different across different SF versions) : https://symfony.com/doc/5.2/controller/argument_value_resolver.html
You could probably achieve your goal by setting the proper priority
App\ArgumentResolver\UserValueResolver:
tags:
- { name: controller.argument_value_resolver, priority: 50 }
I would also advice to check in which order each service is being run. Here you can see how it's done by SF:
https://symfony.com/doc/current/introduction/http_fundamentals.html
I have an entity in Api Platform such as a team:
<?php
namespace App\Entity;
/**
* #ORM\Entity(repositoryClass="App\Repository\Basketball\TeamRepository")
* #ApiResource(
* routePrefix="/v2",
* normalizationContext={"groups"={"public:read"}, "enable_max_depth"=true},
* iri="http://schema.org/Team",
* collectionOperations={
* "get",
* },
* itemOperations={
* "get",
* },
* )
*/
class Team implements ObjectManagerAware
{
use \App\Entity\Traits\UUIDTrait;
/**
* #ORM\ManyToMany(targetEntity="App\Entity\Basketball\Event", mappedBy="teams")
*/
private $events;
public function __construct()
{
$this->events = new ArrayCollection();
}
/**
* #return Collection|Event[]
*/
public function getEvents(): Collection
{
return $this->events;
}
public function addEvent(Event $event): self
{
if (!$this->events->contains($event)) {
$this->events[] = $event;
$event->addTeam($this);
}
return $this;
}
public function removeEvent(Event $event): self
{
if ($this->events->contains($event)) {
$this->events->removeElement($event);
$event->removeTeam($this);
}
return $this;
}
}
This all works and I can load teams and events. What I'd like to do is have a property on the API result that returns only upcoming events (not past events). What is the "proper" way to do that? I've tried adding a custom method such as
/**
* #return Collection|Event
* #Groups({"public:read"})
*/
public function getRemainingEvents(): ?Collection
{
$qb = $this->em->createQueryBuilder();
$qb->select('e')->from(Event::class, 'e');
$qb->where(
$qb->expr()->orX($qb->expr()->eq('IDENTITY(e.home)', $this->getId()), $qb->expr()->eq('IDENTITY(e.away)', $this->getId()))
);
$qb->andWhere('e.startDate >= :d');
$qb->andWhere('e.startDate >= :d');
$qb->setParameter('d', (new \DateTime())->format('Y-m-d'));
$qb->orderBy('e.startDate', 'ASC');
$query = $qb->getQuery();
return new ArrayCollection($query->getResult());
}
which does do sort of what I want but the api result using application/vnd.api+json doesn't list the events in the "relationships" the same way that the "events" property does. I've tried looking at the custom filters (https://api-platform.com/docs/core/filters/#creating-custom-filters) but don't understand how that would work for a custom method on the entity.
I'd like the remainingEvents to act the same as events and list the related items in the "relationships" of the response.
Is there some way to annotate it for the serializer or use the filter?
I think you realize that using that approach (a method within an Entity retrieving data from Database) is wrong. Entities should be dummy.
About what are you trying to do, I think your best solution should be adding a DateFilter (https://api-platform.com/docs/core/filters/#date-filter) to the "Events" Resource, allowing you to do a GET events?startDate[after]=2019-09-18
And if you want to filter Events from a specific "Team" Resource, simply add another filter to the Event resource, a Search Filter (https://api-platform.com/docs/core/filters/#search-filter) to specify the Team, allowing you to do a:
GET events?startDate[after]=2019-09-18&team=IRIofteam_OR_ID
I have 2 services, BlueWorkerService and YellowWorkerService, both implementing the same interface, WorkerServiceInterface. Each of these services use the same entities but with different required logic.
I need to inject one of, but not both, of these classes and use them in ProcessorService so that the interface methods are called using on correct Worker. Which worker service to use is dependent on which Worker is currently being processed. I'll break it down:
Class WorkerProcessor {
private $workerService;
public function __construct(WorkerServiceInterface $workerServiceInterface)
{
$this->workerService = $workerServiceInterface;
}
public function getMixedColourWithRed() {
return $this->workerService->mixWithRed();
}
}
The worker service that is being used would be based on whether the worker being processed has the colour property of Blue or Yellow.
I know I can probably use a Factory to achieve this as described here but my problem is how to tell the factory which Worker colour I am processing?
Running on Symfony 3.4
If you need more info, just ask and I will update the question.
NOTE: I'm using Symfony 4.3.1. I'll post it like that, then I'll help you to move all code from this architecture to Symfony 3.4.
I'm using a similar concept to load different classes in my project. Let me explain first, then I'll add code under this text.
Firstly, I'm loading a custom compiler pass under src/Kernel.php (your file is app/AppKernel.php):
/**
* {#inheritDoc}
*/
public function build(ContainerBuilder $container)
{
$container->addCompilerPass(new BannerManagerPass());
}
BannerManagerPass its created under src/DependencyInjection/Compiler (in your case should be src/BUNDLE/DependencyInjection/Compiler`).
class BannerManagerPass implements CompilerPassInterface
{
/**
* {#inheritDoc}
*/
public function process(ContainerBuilder $container)
{
if (!$container->has(BannerManager::class)) {
return;
}
$definition = $container->findDefinition(BannerManager::class);
$taggedServices = $container->findTaggedServiceIds('banner.process_banners');
foreach (array_keys($taggedServices) as $id) {
$definition->addMethodCall('addBannerType', [new Reference($id)]);
}
}
}
As you see, this class should implement CompilerPassInterface. You can observe that I'm looking for specific services tagged as banner.process_banners. I'll show how I tagged services a little bit later. Then, I'm calling addBannerType method from BannerManager.
App\Service\BannerManager.php: (in your case src/BUNDLE/Service/BannerManager.php)
class BannerManager
{
/**
* #var array
*/
private $bannerTypes = [];
/**
* #param BannerInterface $banner
*/
public function addBannerType(BannerInterface $banner)
{
$this->bannerTypes[$banner->getType()] = $banner;
}
/**
* #param string $type
*
* #return BannerInterface|null
*/
public function getBannerType(string $type)
{
if (!array_key_exists($type, $this->bannerTypes)) {
return null;
}
return $this->bannerTypes[$type];
}
/**
* Process request and return banner.
*
* #param string $type
* #param Server $server
* #param Request $request
*
* #return Response
*/
public function process(string $type, Server $server, Request $request)
{
return $this->getBannerType($type)->process($request, $server);
}
}
This class has a custom method (created by me) called process(). You can name it whatever you want it, but I think that's pretty verbose. All parameters are sent by me, so don't mind. You can send whatever you want.
Now we have our Manager and compiler pass is set. It's time to set our banner types (based on my example) and tag them!
My banner types are under src/Service/Banner/Types (in your case should be src/BUNDLE/Service/WhateverYouWant/Type. This does not matter! You can change it later from services.yaml).
These types are implementing my BannerInterface. It does not matter the code under the class in this instance. One more thing that I should warn you! You should see that under BannerManager, inside the addBannerType() I'm calling $banner->getType(). This is one method inherited from BannerInterface in my case and it has a unique string (in my example I have three banner types: small, normal, large). This method can have any name, but don't forget to update it as well in your manager.
We are almost ready! We should tag them, then we are ready to try them!
Go to your services.yaml and add these lines:
App\Service\Banner\Types\:
resource: '../src/Service/Banner/Types/'
tags: [banner.process_banners]
Please see the tag!
Whatever I want to show a custom banner, I'm using a simple URL with $_GET where I keep my banner type, then I load it like this:
public function view(?Server $server, Request $request, BannerManager $bannerManager)
{
...
return $bannerManager->getBannerType($request->query->get('slug'))->process($request, $server);
}
I have a controller which handles a GET request. I need to set requirement parameters for GET request, e.g.: 'http://localhost/site/main?id=10&sort=asc
My controller class
class IndexController extends Controller {
` /**
* #Route
* (
* "/site/main",
* name="main"
* )
*
* #Method("GET")
*/
public function mainAction(Request $request)
{
return new Response('', 200);
}
}
How could I do that?
UPD: I need to set requirement for URL parameters like
id: "\d+",
sort: "\w+"
Etc.
The same as symfony allows to do with POST request.
You can specify the requirements in the "#Route" annotation like this:
class IndexController extends Controller {
` /**
* #Route
* (
* "/site/main",
* name="main",
* requirements={
* "id": "\d+",
* "sort": "\w+"
* })
* )
*
* #Method("GET")
*/
public function mainAction(Request $request)
{
return new Response('', 200);
}
}
#Method is what you need http://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/annotations/routing.html#route-method
If you try to use this route with POST, you will have 404
I couldn't understand your question well.
However, if what you need is to set up a filter mechanism for the GET method parameters as it is already available for the URL using route requirements, I think there is no ready to use tools for this in the Route component, as commented #Yoshi.
I had to do this kind of work myself and used this. I hope it helps you too
public function indexAction(Request $request)
{
// Parameter names used in the current request
$current_request_params=array_keys($request->query->all());
// $ALLOWED_INDEX_PARAMS should be declared as Class static property array and hold names of the query parameters you want to allow for this method/action
$unallowed_request_params=array_diff($current_request_params,PersonController::$ALLOWED_INDEX_PARAMS);
if (!empty($unallowed_request_params))
{
$result=array("error"=>sprintf("Unknown parameters: %s. PLease check the API documentation for more details.",implode($unallowed_request_params,", ")));
$jsonRsp=$this->get("serializer")->serialize($result,"json");
return new Response($jsonRsp,Response::HTTP_BAD_REQUEST,array("Content-Type"=>"application/json"));
}
// We are sure all parameters are correct, process the query job ..
}
I get this exeption when I submit my form:
Found the public method "addRemote", but did not find a public "removeRemote" on class App\CoreBundle\Entity\Scene
The weired think is that the remove method exist ...
But i wrote it myself (When I did php app/console doctrine:generate:entities) doctrine didn't generated it. Did I make something wrong ?
/**
* #var array $remote
*
* #ORM\Column(name="remote", type="array", nullable=true)
*/
private $remote;
/**
* Set remote
*
* #param array $remote
* #return Scene
*/
public function addRemote($value, $key=null) {
if($key!=null){
$this->remote[$key] = $value;
}else{
$this->remote[] = $value;
}
return $this;
}
/**
* Remove remote
*/
public function removeRemote(){
unset($this->remote);
}
I allso tried:
/**
* Remove remote
*/
public function removeRemote($key=null){
if($key!=null && array_key_exists($key, $this->remote)){
unset($this->remote[$key]);
}
unset($this->remote);
return $this;
}
You have bigger problem than this; you are abusing your forms :)
Add.. and Remove... methods should be used for relations, not columns as per your code. Also, both add and remove methods must accept parameter that will be either added or removed.
If you still need an array, than getRemotes() method should return key=>value array. Adder and remover will later get that key, based on what user have picked in choice form type.