Login to bookmark this video
Buy Access to Course

Validation Groups: Conditional Validation

Share this awesome video!


Keep on Learning!

Ready for the problem? Right now, we need the plainPassword to be required. But later when we create an edit profile page, we don't want to make plainPassword required. Remember, this is not saved to the database. So if the user leaves it blank on the edit form, it just means they don't want to change their password. And that should be allowed.

So, we need this annotation to only work on the registration form.

Validation Groups to the Rescue!

Here's how you do it: take advantage of something called validation groups. On the NotBlank constraint, add groups={"Registration"}:

118 lines | src/AppBundle/Entity/User.php
// ... lines 1 - 15
class User implements UserInterface
// ... lines 18 - 38
// ... line 40
* @Assert\NotBlank(groups={"Registration"})
// ... lines 42 - 43
private $plainPassword;
// ... lines 46 - 116

This "Registration" is a string I just invented: there's no significance to it.

Without doing anything else, go back, hit register, and check it out! The error went away. Here's what's happening: by default, all constraints live in a group called Default. And when your form is validated, it validates all constraints in this Default group. So now that we've put this into a different group called Registration, when the form validates, it doesn't validate using this constraint.

To use this annotation only on the registration form, we need to make that form validate everything in the Default group and the Registration group. Open up UserRegistrationForm and add a second option to setDefaults(): validation_groups set to Default - with a capital D and then Registration:

// ... lines 1 - 12
class UserRegistrationForm extends AbstractType
// ... lines 15 - 23
public function configureOptions(OptionsResolver $resolver)
// ... line 27
'validation_groups' => ['Default', 'Registration']

That should do it. Refresh: validation is back.

Ok team: one final mission: automatically authenticate the user after registration. Because really, that's what our users want.