Skip to content

feat(serializer): set the object-to-populate in deserializer context as soon as data !== null #7124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(serializer): set the object-to-populate in deserializer context as soon as data !== null #7124

wants to merge 5 commits into from
+147 −11

Conversation

lyrixx
Copy link
Contributor

@lyrixx lyrixx commented May 6, 2025

Q A
Branch? main
Tickets alternative to #7123
License MIT
Doc PR

I have a use case where I need to send a "code" (2FA code) when deleting a resource.

With this PR, I'm able to send the code along with a DELETE request:

curl --request DELETE \
  --url https://redirection-io.test/app_dev.php/api/users/424e19b0-0db9-4595-bc43-f03632b3fe65/two-factor/devices/4d9853c3-f53c-422d-80cd-6c4c4fa64650 \
  --header 'Authorization: Bearer .....'
  --header 'Content-Type: application/json' \
  --header 'accept: application/ld+json' \
  --data '{
    "code": "610432"
}'

I use a custom DTO to do so:

#[ApiResource(
    operations: [
        new Delete(
            uriTemplate: '/users/{id}/two-factor/devices/{deviceId}',
            provider: RemoveDeviceProvider::class,
            input: RemoveDeviceInput::class,
            deserialize: true, // We force since it's delete
            validate: true, // We force since it's delete
            processor: RemoveDeviceProcessor::class,
            // More properties, but not relevant here
        ),
    ]
)]
final class RemoveDevice
{
}

The input:

#[AssertTwoFactorCode(withDeviceId: true)]
final class RemoveDeviceInput
{
    #[Assert\NotBlank]
    public string $code;

    public function __construct(
        #[Ignore]
        #[Assert\NotBlank]
        public ?User $user,
        #[Ignore]
        #[Assert\NotBlank]
        public string $deviceId,
    ) {
    }
}

with a custom provider:

class RemoveDeviceProvider implements ProviderInterface
{
    public function __construct(
        private UserRepository $userRepository,
    ) {
    }

    public function provide(Operation $operation, array $uriVariables = [], array $context = []): RemoveDeviceInput
    {
        return new RemoveDeviceInput(
            user: $this->userRepository->find($uriVariables['id']),
            deviceId: $uriVariables['deviceId'],
        );
    }
}

So I want APIP to create the RemoveDeviceInput with the RemoveDeviceProvider (it's works)
But then I want it to hydrates this object from the request body (it's not, this PR fix that)

@lyrixx lyrixx force-pushed the object-to-populate branch from 4ca4545 to 17fbfe2 Compare May 6, 2025 12:35
lyrixx
lyrixx commented May 6, 2025
View reviewed changes
src/Symfony/Controller/MainController.php
if (null === $operation->canRead() && $operation instanceof HttpOperation) {
if ($operation instanceof HttpOperation) {

if (null === $operation->canRead()) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CS seems broken here

@soyuka soyuka mentioned this pull request May 6, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lyrixx @soyuka