Skip to content

feat(serializer): set the object-to-populate in deserializer context as soon as data !== null #7124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 12, 2025
Merged

feat(serializer): set the object-to-populate in deserializer context as soon as data !== null #7124

merged 1 commit into from
May 12, 2025

Conversation

lyrixx
Copy link
Contributor

@lyrixx lyrixx commented May 6, 2025

Q A
Branch? main
Tickets alternative to #7123
License MIT
Doc PR

I have a use case where I need to send a "code" (2FA code) when deleting a resource.

With this PR, I'm able to send the code along with a DELETE request:

curl --request DELETE \
  --url https://redirection-io.test/app_dev.php/api/users/424e19b0-0db9-4595-bc43-f03632b3fe65/two-factor/devices/4d9853c3-f53c-422d-80cd-6c4c4fa64650 \
  --header 'Authorization: Bearer .....'
  --header 'Content-Type: application/json' \
  --header 'accept: application/ld+json' \
  --data '{
    "code": "610432"
}'

I use a custom DTO to do so:

#[ApiResource(
    operations: [
        new Delete(
            uriTemplate: '/users/{id}/two-factor/devices/{deviceId}',
            provider: RemoveDeviceProvider::class,
            input: RemoveDeviceInput::class,
            deserialize: true, // We force since it's delete
            validate: true, // We force since it's delete
            processor: RemoveDeviceProcessor::class,
            // More properties, but not relevant here
        ),
    ]
)]
final class RemoveDevice
{
}

The input:

#[AssertTwoFactorCode(withDeviceId: true)]
final class RemoveDeviceInput
{
    #[Assert\NotBlank]
    public string $code;

    public function __construct(
        #[Ignore]
        #[Assert\NotBlank]
        public ?User $user,
        #[Ignore]
        #[Assert\NotBlank]
        public string $deviceId,
    ) {
    }
}

with a custom provider:

class RemoveDeviceProvider implements ProviderInterface
{
    public function __construct(
        private UserRepository $userRepository,
    ) {
    }

    public function provide(Operation $operation, array $uriVariables = [], array $context = []): RemoveDeviceInput
    {
        return new RemoveDeviceInput(
            user: $this->userRepository->find($uriVariables['id']),
            deviceId: $uriVariables['deviceId'],
        );
    }
}

So I want APIP to create the RemoveDeviceInput with the RemoveDeviceProvider (it's works)
But then I want it to hydrates this object from the request body (it's not, this PR fix that)

@lyrixx lyrixx force-pushed the object-to-populate branch from 4ca4545 to 17fbfe2 Compare May 6, 2025 12:35
lyrixx
lyrixx commented May 6, 2025
View reviewed changes
@soyuka soyuka mentioned this pull request May 6, 2025
Closed
@soyuka soyuka force-pushed the object-to-populate branch 2 times, most recently from d02b68b to b853e32 Compare May 12, 2025 09:37
@soyuka soyuka force-pushed the object-to-populate branch from b853e32 to 4099342 Compare May 12, 2025 09:50
@soyuka soyuka merged commit 2a13100 into api-platform:main May 12, 2025
94 of 97 checks passed
@lyrixx lyrixx deleted the object-to-populate branch May 12, 2025 13:18
alexndlm pushed a commit to alexndlm/core that referenced this pull request May 26, 2025
@lyrixx @alexndlm
feat(serializer): (un)set object-to-populate through denormalization …
dd16b5a 
…context (api-platform#7124)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lyrixx @soyuka