Chapters
28 Chapters
|
2:51:42
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^3.0", // v3.0.8
"doctrine/annotations": "^1.0", // 1.14.2
"doctrine/doctrine-bundle": "^2.8", // 2.8.0
"doctrine/doctrine-migrations-bundle": "^3.2", // 3.2.2
"doctrine/orm": "^2.14", // 2.14.0
"nelmio/cors-bundle": "^2.2", // 2.2.0
"nesbot/carbon": "^2.64", // 2.64.1
"phpdocumentor/reflection-docblock": "^5.3", // 5.3.0
"phpstan/phpdoc-parser": "^1.15", // 1.15.3
"symfony/asset": "6.2.*", // v6.2.0
"symfony/console": "6.2.*", // v6.2.3
"symfony/dotenv": "6.2.*", // v6.2.0
"symfony/expression-language": "6.2.*", // v6.2.2
"symfony/flex": "^2", // v2.2.4
"symfony/framework-bundle": "6.2.*", // v6.2.3
"symfony/property-access": "6.2.*", // v6.2.3
"symfony/property-info": "6.2.*", // v6.2.3
"symfony/runtime": "6.2.*", // v6.2.0
"symfony/security-bundle": "6.2.*", // v6.2.3
"symfony/serializer": "6.2.*", // v6.2.3
"symfony/twig-bundle": "6.2.*", // v6.2.3
"symfony/ux-react": "^2.6", // v2.6.1
"symfony/validator": "6.2.*", // v6.2.3
"symfony/webpack-encore-bundle": "^1.16", // v1.16.0
"symfony/yaml": "6.2.*" // v6.2.2
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.4", // 3.4.2
"symfony/debug-bundle": "6.2.*", // v6.2.1
"symfony/maker-bundle": "^1.48", // v1.48.0
"symfony/monolog-bundle": "^3.0", // v3.8.0
"symfony/stopwatch": "6.2.*", // v6.2.0
"symfony/web-profiler-bundle": "6.2.*", // v6.2.4
"zenstruck/foundry": "^1.26" // v1.26.0
}
}
14 Comments
Help me with
"hydra:description": "The total number of joined relations has exceeded the specified maximum. Raise the limit if necessary with the \"api_platform.eager_loading.max_joins\" configuration key (https://api-platform.com/docs/core/performance/#eager-loading), or limit the maximum serialization depth using the \"enable_max_depth\" option of the Symfony serializer (https://symfony.com/doc/current/components/serializer.html#handling-serialization-depth).",
Hey @GM
That's an unexpected error. Did you change the default config? Did you download the course code from this page?
Cheers!
Do I get it right that i'ts not possible to update an embedded resource?
I tried to call patch with this:
but instead it removed the old one and created the new one completly ignoring @id. As there was no video on updating related entities I get you can only add, assign, delete embedded objects?
Hey @Fireball!
Sorry for the slow reply! I think you’re correct and I think it’s by design.
If you think of the dragonTreasures property like any other property, like an array of “favorite sports”, it starts to make sense. You are updating a user by setting a new value for the dragonTreasures property. For simple values like a string, it’s obvious what should happen to the old value: it’s replaced. For array properties, it’s the same (the new value replaces the old value), but it’s less obvious that this should be the case. Actually, I believe that different PATCH content types can be used to control this behavior, though this is theoretical as API Platform, I believe, doesn’t support any wilder PATCH types.
tl;dr Pretty sure you’re right: this is just an explanation into the “why”. Hopefully it’s at least interesting ;).
Cheers!
Hi! Great work on the courses!
Regarding the coding challenge for this video, asking us which of the options are not required to make the code work, I would argue that this
is not necessarily required for the code to work, it's just good practice to have it. Did I understand it wrong?
Thank you!
Hey @Iulian-L
That's a very good point. Technically you're correct, if we remove validations, the code will still run and will work but only if you submit valid data. If you submit invalid data it will eventually fail when trying to save it into the database, so in my opinion and from the point of view of the feature, validations are required. What do you think?
Cheers!
On the latest version of API Platform (3.2) it looks like Virtual Properties don't seem to work correctly when creating embedded objects. I've added group "user:write" to the "name" and "value" properties in DragonTreasure and they show up in the API Docs correctly and update as expected, however after adding that group to the "setTextDescription" virtual property (with the SerializedName set to "description") it doesn't show up in the docs for the nested object which means a null value error is thrown for the "description" column even if it's added to the payload.
Not sure if it's a bug or configuration issue.
Edit: After further testing it looks like there's just some general weirdness going on with the description property; deleting the virtual property and moving the write groups to it still doesn't allow any User endpoints to update the field. Also adding the "user:read" group to the property doesn't allow the User Get endpoints to see the description. It doesn't make any sense; adding all other fields works exactly as expected so what's so wrong with "description" that it can't be exposed in the nested object?
Edit 2: Turns out that the "description" field is only recognised as writable by if the only group set on the property is "user:write". This makes absolutely no sense and would greatly appreciate any insight into why this would be the case.
Hey @opalint!
So using
#[Groups(['user:write'])]works, right? But#[Groups(['user:write', 'foo:bar'])]suddenly does not work? That, indeed, does not make sense. As soon as you have even 1 group, adding additional groups should only make the field MORE readable or MORE writable... not less-so (unless I'm completely mis-thinking at the moment). So if this is what you are experiencing, that is not the behavior I would expect either and I can't explain it :/Cheers!
Hello,
Is it allowed to update embedded objects in ManyToMany relation?
For now if I do it. There is new object created and swapped to relation. Im not sure if it's correct result, or I'm doing something wrong.
I think same thing happen to me in OneToMany relation. even I add "@id": it's creating new object with new Id and remove old one.
I think there is some different in PUT and PATCH working, seems like PUT works fine for it.
Hey @Lukasz-W!
You're right that
ManyToManyshould work the same asOneToMany: setting the "many" side of the relationship is really the same for both of these cases.Hmm, yea, that should not be happening.
It's possible. So, you have no problems with
PUT? Things work as expected? But as soon as you change toPATCHit always creates a new object? That's possible - but it would be surprising. The logic for that is in the normalizer - https://github.com/api-platform/core/blob/main/src/JsonLd/Serializer/ItemNormalizer.php#L143-L151 - which doesn't, generally-speaking, operate differently based on which operation is being used.So.... I'm not sure what's going on here to be honest - it looks like the wrong behavior...
Cheers!
Oh it's looks like api platform known error
https://github.com/api-platform/core/issues/4293
Adding PatchAwareItemNormalizer seems to fix the problem.
Thanks for answer :)
Ah, good find! So this is a "this is how PATCH is meant to work" situation... which is probably not what you want, but at least we know now!
Hi!
How can you prevent from stealing while allowing to edit collections like you did here?
For now, I prevent writing in collections like this (when there is ownership-like stuff) and manage to handle it in opposite side.
Cheers
Hey @Jeremy!
First, good job spotting this potential issue! Honestly, what you said is the safest and simplest way. We CAN prevent stealing, but it adds complexity (both to the code and... just to my brain, lol). We talk about how to prevent stealing in the next tutorial - https://symfonycasts.com/screencast/api-platform-security/unit-of-work-validator
Cheers!
"Houston: no signs of life"
Start the conversation!