vendor/api-platform/core/src/Symfony/EventListener/DeserializeListener.php line 63

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the API Platform project.
  5.  *
  6.  * (c) Kévin Dunglas <dunglas@gmail.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace ApiPlatform\Symfony\EventListener;
  16. use ApiPlatform\Api\FormatMatcher;
  17. use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
  18. use ApiPlatform\Serializer\SerializerContextBuilderInterface;
  19. use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
  20. use ApiPlatform\Symfony\Util\RequestAttributesExtractor;
  21. use ApiPlatform\Symfony\Validator\Exception\ValidationException;
  22. use Symfony\Component\HttpFoundation\Request;
  23. use Symfony\Component\HttpKernel\Event\RequestEvent;
  24. use Symfony\Component\HttpKernel\Exception\UnsupportedMediaTypeHttpException;
  25. use Symfony\Component\Serializer\Exception\NotNormalizableValueException;
  26. use Symfony\Component\Serializer\Exception\PartialDenormalizationException;
  27. use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
  28. use Symfony\Component\Serializer\SerializerInterface;
  29. use Symfony\Component\Validator\Constraints\Type;
  30. use Symfony\Component\Validator\ConstraintViolation;
  31. use Symfony\Component\Validator\ConstraintViolationList;
  32. use Symfony\Contracts\Translation\LocaleAwareInterface;
  33. use Symfony\Contracts\Translation\TranslatorInterface;
  34. use Symfony\Contracts\Translation\TranslatorTrait;
  36. /**
  37.  * Updates the entity retrieved by the data provider with data contained in the request body.
  38.  *
  39.  * @author Kévin Dunglas <dunglas@gmail.com>
  40.  */
  41. final class DeserializeListener
  42. {
  43.     use OperationRequestInitiatorTrait;
  45.     public const OPERATION_ATTRIBUTE_KEY 'deserialize';
  47.     public function __construct(private readonly SerializerInterface $serializer, private readonly SerializerContextBuilderInterface $serializerContextBuilder, ?ResourceMetadataCollectionFactoryInterface $resourceMetadataFactory null, private ?TranslatorInterface $translator null)
  48.     {
  49.         $this->resourceMetadataCollectionFactory $resourceMetadataFactory;
  50.         if (null === $this->translator) {
  51.             $this->translator = new class() implements TranslatorInterfaceLocaleAwareInterface {
  52.                 use TranslatorTrait;
  53.             };
  54.             $this->translator->setLocale('en');
  55.         }
  56.     }
  58.     /**
  59.      * Deserializes the data sent in the requested format.
  60.      *
  61.      * @throws UnsupportedMediaTypeHttpException
  62.      */
  63.     public function onKernelRequest(RequestEvent $event): void
  64.     {
  65.         $request $event->getRequest();
  66.         $method $request->getMethod();
  68.         if (
  69.             'DELETE' === $method
  70.             || $request->isMethodSafe()
  71.             || !($attributes RequestAttributesExtractor::extractAttributes($request))
  72.             || !$attributes['receive']
  73.             || $request->attributes->get('_api_platform_disable_listeners')
  74.         ) {
  75.             return;
  76.         }
  78.         $operation $this->initializeOperation($request);
  80.         if ('api_platform.symfony.main_controller' === $operation?->getController()) {
  81.             return;
  82.         }
  84.         if (!($operation?->canDeserialize() ?? true)) {
  85.             return;
  86.         }
  88.         $context $this->serializerContextBuilder->createFromRequest($requestfalse$attributes);
  90.         $format $this->getFormat($request$operation?->getInputFormats() ?? []);
  91.         $data $request->attributes->get('data');
  92.         if (
  93.             null !== $data
  94.             && (
  95.                 'POST' === $method
  96.                 || 'PATCH' === $method
  97.                 || ('PUT' === $method && !($operation->getExtraProperties()['standard_put'] ?? false))
  98.             )
  99.         ) {
  100.             $context[AbstractNormalizer::OBJECT_TO_POPULATE] = $data;
  101.         }
  102.         try {
  103.             $request->attributes->set(
  104.                 'data',
  105.                 $this->serializer->deserialize($request->getContent(), $context['resource_class'], $format$context)
  106.             );
  107.         } catch (PartialDenormalizationException $e) {
  108.             $violations = new ConstraintViolationList();
  109.             foreach ($e->getErrors() as $exception) {
  110.                 if (!$exception instanceof NotNormalizableValueException) {
  111.                     continue;
  112.                 }
  113.                 $message = (new Type($exception->getExpectedTypes() ?? []))->message;
  114.                 $parameters = [];
  115.                 if ($exception->canUseMessageForUser()) {
  116.                     $parameters['hint'] = $exception->getMessage();
  117.                 }
  118.                 $violations->add(new ConstraintViolation($this->translator->trans($message, ['{{ type }}' => implode('|'$exception->getExpectedTypes() ?? [])], 'validators'), $message$parametersnull$exception->getPath(), nullnullType::INVALID_TYPE_ERROR));
  119.             }
  120.             if (!== \count($violations)) {
  121.                 throw new ValidationException($violations);
  122.             }
  123.         }
  124.     }
  126.     /**
  127.      * Extracts the format from the Content-Type header and check that it is supported.
  128.      *
  129.      * @throws UnsupportedMediaTypeHttpException
  130.      */
  131.     private function getFormat(Request $request, array $formats): string
  132.     {
  133.         /** @var ?string $contentType */
  134.         $contentType $request->headers->get('CONTENT_TYPE');
  135.         if (null === $contentType || '' === $contentType) {
  136.             throw new UnsupportedMediaTypeHttpException('The "Content-Type" header must exist.');
  137.         }
  139.         $formatMatcher = new FormatMatcher($formats);
  140.         $format $formatMatcher->getFormat($contentType);
  141.         if (null === $format) {
  142.             $supportedMimeTypes = [];
  143.             foreach ($formats as $mimeTypes) {
  144.                 foreach ($mimeTypes as $mimeType) {
  145.                     $supportedMimeTypes[] = $mimeType;
  146.                 }
  147.             }
  149.             throw new UnsupportedMediaTypeHttpException(sprintf('The content-type "%s" is not supported. Supported MIME types are "%s".'$contentTypeimplode('", "'$supportedMimeTypes)));
  150.         }
  152.         return $format;
  153.     }
  154. }