vendor/api-platform/core/src/Symfony/EventListener/QueryParameterValidateListener.php line 42

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the API Platform project.
  5.  *
  6.  * (c) Kévin Dunglas <dunglas@gmail.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace ApiPlatform\Symfony\EventListener;
  16. use ApiPlatform\Api\QueryParameterValidator\QueryParameterValidator;
  17. use ApiPlatform\Doctrine\Odm\State\Options as ODMOptions;
  18. use ApiPlatform\Doctrine\Orm\State\Options;
  19. use ApiPlatform\Metadata\CollectionOperationInterface;
  20. use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
  21. use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
  22. use ApiPlatform\State\Util\RequestParser;
  23. use ApiPlatform\Symfony\Util\RequestAttributesExtractor;
  24. use Symfony\Component\HttpKernel\Event\RequestEvent;
  26. /**
  27.  * Validates query parameters depending on filter description.
  28.  *
  29.  * @author Julien Deniau <julien.deniau@mapado.com>
  30.  */
  31. final class QueryParameterValidateListener
  32. {
  33.     use OperationRequestInitiatorTrait;
  35.     public const OPERATION_ATTRIBUTE_KEY 'query_parameter_validate';
  37.     public function __construct(private readonly QueryParameterValidator $queryParameterValidator, ?ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory null)
  38.     {
  39.         $this->resourceMetadataCollectionFactory $resourceMetadataCollectionFactory;
  40.     }
  42.     public function onKernelRequest(RequestEvent $event): void
  43.     {
  44.         $request $event->getRequest();
  46.         if (
  47.             !$request->isMethodSafe()
  48.             || !($attributes RequestAttributesExtractor::extractAttributes($request))
  49.             || 'GET' !== $request->getMethod()
  50.             || $request->attributes->get('_api_platform_disable_listeners')
  51.         ) {
  52.             return;
  53.         }
  55.         $operation $this->initializeOperation($request);
  56.         if ('api_platform.symfony.main_controller' === $operation?->getController()) {
  57.             return;
  58.         }
  60.         if (!($operation?->getQueryParameterValidationEnabled() ?? true) || !$operation instanceof CollectionOperationInterface) {
  61.             return;
  62.         }
  64.         $queryString RequestParser::getQueryString($request);
  65.         $queryParameters $queryString RequestParser::parseRequestParams($queryString) : [];
  67.         $class $attributes['resource_class'];
  69.         if ($options $operation->getStateOptions()) {
  70.             if ($options instanceof Options && $options->getEntityClass()) {
  71.                 $class $options->getEntityClass();
  72.             }
  74.             if ($options instanceof ODMOptions && $options->getDocumentClass()) {
  75.                 $class $options->getDocumentClass();
  76.             }
  77.         }
  79.         $this->queryParameterValidator->validateFilters($class$operation->getFilters() ?? [], $queryParameters);
  80.     }
  81. }