Chapters
37 Chapters
|
3:43:31
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^3.0", // v3.1.2
"doctrine/annotations": "^2.0", // 2.0.1
"doctrine/doctrine-bundle": "^2.8", // 2.8.3
"doctrine/doctrine-migrations-bundle": "^3.2", // 3.2.2
"doctrine/orm": "^2.14", // 2.14.1
"nelmio/cors-bundle": "^2.2", // 2.2.0
"nesbot/carbon": "^2.64", // 2.66.0
"phpdocumentor/reflection-docblock": "^5.3", // 5.3.0
"phpstan/phpdoc-parser": "^1.15", // 1.16.1
"symfony/asset": "6.2.*", // v6.2.5
"symfony/console": "6.2.*", // v6.2.5
"symfony/dotenv": "6.2.*", // v6.2.5
"symfony/expression-language": "6.2.*", // v6.2.5
"symfony/flex": "^2", // v2.2.4
"symfony/framework-bundle": "6.2.*", // v6.2.5
"symfony/property-access": "6.2.*", // v6.2.5
"symfony/property-info": "6.2.*", // v6.2.5
"symfony/runtime": "6.2.*", // v6.2.5
"symfony/security-bundle": "6.2.*", // v6.2.6
"symfony/serializer": "6.2.*", // v6.2.5
"symfony/twig-bundle": "6.2.*", // v6.2.5
"symfony/ux-react": "^2.6", // v2.7.1
"symfony/ux-vue": "^2.7", // v2.7.1
"symfony/validator": "6.2.*", // v6.2.5
"symfony/webpack-encore-bundle": "^1.16", // v1.16.1
"symfony/yaml": "6.2.*" // v6.2.5
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.4", // 3.4.2
"mtdowling/jmespath.php": "^2.6", // 2.6.1
"phpunit/phpunit": "^9.5", // 9.6.3
"symfony/browser-kit": "6.2.*", // v6.2.5
"symfony/css-selector": "6.2.*", // v6.2.5
"symfony/debug-bundle": "6.2.*", // v6.2.5
"symfony/maker-bundle": "^1.48", // v1.48.0
"symfony/monolog-bundle": "^3.0", // v3.8.0
"symfony/phpunit-bridge": "^6.2", // v6.2.5
"symfony/stopwatch": "6.2.*", // v6.2.5
"symfony/web-profiler-bundle": "6.2.*", // v6.2.5
"zenstruck/browser": "^1.2", // v1.2.0
"zenstruck/foundry": "^1.26" // v1.28.0
}
}
15 Comments
process method should return the result, otherwise you get NULL response in the response body
Hey @Nuri!
I think you're right - it was a (I believe) non-intentional change in API Platform 3.2. I've just added a note for this (I had a note in an earlier chapter already). And you weren't the only one tripping over this :) - https://github.com/SymfonyCasts/api-platform3/issues/43 - I appreciate the reports.
Cheers!
hi i'm stuck here
i'm using api 3.3.1 and symfony 7.1
my test:
the owner part on my Park entity:
i'm getting an error i can't understand:
i finally manage to make it works. To make it i had to add an Authorization Header (i'm using JWT). But in the tutorial i don't how the user is authenticated in the test:
you have :
`public function testPostToCreateTreasure(): void
So where is the authentication happening ? how could the test pass if you don't authenticate ? i am missing something ?
Thanks and great tut by the way.
Ok i think i found the "problem".
It is because i am using JWT for the connexion and actingAs apparently is using the PHP sessions as far as i understand.
I tried without actingAS and put only the authorisation header with my token and the test pass.
thanks
Hey @Zaz
Thank you for sharing your solution. As far as I know, the
actingAs()method is a quick way to log in as any user in your tests, but it does not goes through the login process, it's more like a hackCheers!
It appears that the custom processor runs after the security annotations. So when this is set: object.getOwnerUser() on an entity's security annotation - the test just fails :-(
I could put security logic into the processor, but it feels like it belongs in the security annotations as: 'object.getOwnerUser() == user'.
ideally the processor would set ownerUser to: the currently logged in user (when it's not set explicitly via the post) and throw a 403 when the owner is set incorrectly. Or is this not the right approach? I'm just a little confused about how these two concepts work together in a real app.
Hey @Cameron
Sorry for the late reply. Yea, sometimes the execution order can cause you trouble. Have you tried moving your security logic into a voter? Or, in this case, it may make sense to use a constraint validation on the
ownerproperty.Cheers!
I was able to get it it work by gwtting the voter to only act if there was an error, then it passes through to the processor. But it wasnt clear how to design api logic for both of these elements as theres some interplay / considerations
Yea, it seems to me this is a flaw on ApiPlatform, and this is not the only case. In this video Ryan talks about another runtime condition that may cause you trouble. I think your approach is correct unless we're missing something. Have you tried asking in the ApiPlatform slack channel? They may know more about how to handle this edge-case
When will this finally be ready?
Hey @Rsteuber!
I JUST recorded the audio today - it'll probably be a week or two before the video is out, but you refresh, you'll see the final "script" for this chapter (though, code blocks will come later). Also, if you download the code, what we do in this chapter is already in there. I hope that helps!
Cheers!
Hmm, it seems I can't download the source code yet. Guess i have to wait when it is released.
Cheers :)
Hey @Rsteuber
Yea, the download button it's disabled for non-published chapters, but if you only want to download the course code, you can go to any other chapter and download it there
Cheers!
Hey Ryan, Yes thank you so very much! It really helps :)
"Houston: no signs of life"
Start the conversation!