The symfony validator throws an exception when I attempt to validate a scalar using a Collection constraint. I would expect it to return a violation instead.
Example code:
use Symfony\Component\Validator\Validation;
use Symfony\Component\Validator\Constraints\Length;
use Symfony\Component\Validator\Constraints\Collection;
$validator = Validation::createValidator();
$input = 'testtesttest';
$constraints = [
new Collection([
'fields' => [
'one' => new Length(array('min' => 10))
]
])
];
$violationList = $validator->validate($input, $constraints);
throws
PHP Fatal error: Uncaught Symfony\Component\Validator\Exception\UnexpectedTypeException: Expected argument of type "array or Traversable and ArrayAccess", "string" given in vendor/symfony/validator/Constraints/CollectionValidator.php:37
Am I doing something wrong here?
For other Constraint classes (e.g. NotBlank, Type) the validator adds to the violation list when it encounters something invalid. To have it throw an exception instead in the case of a Collection seems bizarre to me. Am I doing something obviously wrong?
Sorry for responding a year after but I was stuck with the same issue.
The solution for me was to create a custom Validation Constraint.
Firstly you have to create a custom constraint: CustomCollection which will contain the following code (note that my class is extending the Collection constraint and not the default Constraint class):
<?php
namespace AppBundle\Validator\Constraints;
use Symfony\Component\Validator\Constraints\Collection;
class CustomCollection extends Collection
{
public $message = 'You must provide an array.';
}
Then you have to implement your custom constraint's logic (in this case validate that your value is a valid array) :
<?php
namespace AppBundle\Validator\Constraints;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\Constraints\CollectionValidator;
class CustomCollectionValidator extends CollectionValidator
{
public function validate($value, Constraint $constraint)
{
if (!\is_array($value)) {
$this->context->buildViolation($constraint->message)
->addViolation();
return;
}
parent::validate($value, $constraint);
}
}
Now if I take your code as example, you have to change the constraint from Collection to CustomCollection in order to get a violation :
$input = 'testtesttest';
$constraints = [
new CustomCollection([
'fields' => [
'one' => new Length(array('min' => 10))
]
])
];
$violationList = $validator->validate($input, $constraints);
You are misusing the Collection constraint. This constraint is meant for validating collections (e.g. array, a traversable object).
You should pass an array of constraints to the validate method.
E.g.:
use Symfony\Component\Validator\Validation;
use Symfony\Component\Validator\Constraints\Length;
$validator = Validation::createValidator();
$input = 'testtesttest';
$constraints = [
new Length(array('min' => 10)),
// ... And other constraints
];
$violationList = $validator->validate($input, $constraints);
You can see more info about the validator here: https://symfony.com/doc/current/components/validator.html#usage
Related
Hello Stackers,
After readling a lot of documentation, SymfonyCasts and other questions here I still didn't find a cause to my problem. In my opinion, and I could of course be very wrong since the product is so big, I followed the steps as given by the Symfony Docs I still cannot seem to get a Custom Validator Constraint working.
We have a form controller, which I hereby call BasicFormController.php. This is where the actual form submission is sent at. At the end I added an empty response, just to see if it can continue. The problem here is with the the EmailNotFiltered constraint. It get's called here, but after that it just stops.
$constraint = new Assert\Collection([
'firstName' => new Assert\Length(['min' => 1, 'max' => 50]),
'lastName' => new Assert\Length(['min' => 1, 'max' => 50]),
'email' => new ProductAssert\EmailNotFiltered(),
'textWhy' => new Assert\Length(['min' => 20, 'max' => 1000]),
]);
# Validate for all violations.
$violations = $validatorInterface->validate($request->get('data'), $constraint);
# Form contains violations
if (count($violations) >= 1) {
return new JsonResponse(['data' => $violations, 'status' => "error"]);
}
return new JsonResponse([]);
Then the Validator Constraint itself. EmailNotFiltered.php. Nothing weird, just as in the instructions.
namespace App\Validator;
use Symfony\Component\Validator\Constraint;
#[\Attribute]
class EmailNotFiltered extends Constraint
{
public $message = "Invalid email address. Declined by filter.";
public function __construct(array $groups = null, mixed $payload = null)
{
parent::__construct([], $groups, $payload);
}
public function validatedBy()
{
return static::class.'Validator';
}
}
Followed with the Validator, in the same Folder, EmailNotFilteredValidator.php. I've just removed all my own logic to test if I can even get a violation to build.
namespace App\Validator;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
use Symfony\Component\Validator\Exception\UnexpectedTypeException;
use Symfony\Component\Validator\Exception\UnexpectedValueException;
#[\Attribute]
class EmailNotFilteredValidator extends ConstraintValidator
{
public function validate($value, Constraint $constraint): void{
$this->context->buildViolation($constraint->message)
->setParameter('{{ string }}', $value)
->addViolation();
}
}
However, if I throw an exception there, it's not seen. The last place an exception can be thrown and where it will be seen is at the Constraint base file, in the constructor. After that it's done.
I removed all the default logic from the Validator too, just to be sure. But with that, it does not work too. It doesn't really matter, it just doesn't seem to even build up a single violation.
Am I understanding the step-by-step documentation wrong? Or what is the thing I'm doing wrong here?
I am trying to create a custom symfony form validator constraint. I created two class, one constraint and one validator and it works fine. But I need to pass doctrine entitymanager instance to validator class, as I am using them standalone and not framework, I don't have yaml configuration file. I created a constructor in validator class to have $em, and in controller I have:
->add('email', EmailType::class, [
'constraints' => [
new Assert\Email(['message' => 'invalid.email', 'mode' => 'strict', 'normalizer' => 'trim']),
new Assert\EmailExists($em),
],
]);
But I am not getting $em, in my validator class, what should I do? I also tried to have constructor in main constraint class, then in validator I had parent::construct(), still not working.
I did read this too How to configure dependencies on custom validator with Symfony Components? but instead of making the factory class, I used the current factor class and used this:
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Validator\ContainerConstraintValidatorFactory;
$container = new ContainerBuilder();
$container
->register('customEmailUniqueEntity', 'EmailExistsValidator')
->addArgument($em);
$validatorBuilder = Validation::createValidatorBuilder();
$validatorBuilder->setConstraintValidatorFactory(
new ContainerConstraintValidatorFactory($container)
);
$validator = $validatorBuilder->getValidator();
$violations = $validator->validate('email address', [
new EmailExists()
]);
if (0 !== count($violations)) {
// there are errors, now you can show them
foreach ($violations as $violation) {
echo $violation->getMessage().'<br>';
}
}
With this code both dependency injection and validation works fine, but is there a trick to have this custom constraint as 'constraint' array argument within form builder rather than validating it manually?
->add('email', EmailType::class, [
'constraints' => [
new Assert\Email(['message' => 'invalid.email', 'mode' => 'strict', 'normalizer' => 'trim']),
new Assert\EmailExists($em),
],
]);
With code above I cannot pass $em to the constructor of my custom Validator. Any trick possible?
EDIT:
In order to inject doctrine EntityManager, in EmailExists class I had:
public function validatedBy()
{
return 'customEmailUniqueEntity';
//return \get_class($this).'Validator';
}
then I had:
$container = new ContainerBuilder();
$container
->register('customEmailUniqueEntity', 'EmailExistsValidator')
->addArgument($em);
because if I was returning validator class from validatedBy() I could not inject $em to the constructor of validator. With the answer below I used:
->addTag('validator.constraint_validator');
But now I am getting customEmailUniqueEntity class not found error, as if I return validator from validatedBy(), injection will not work, what should I do? I tried to return
public function validatedBy()
{
return 'EmailExists';
//return \get_class($this).'Validator';
}
but this one, of course I am getting initialize() error. Please advise.
EDIT2:
I added addTag to:
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Validator\ContainerConstraintValidatorFactory;
$container = new ContainerBuilder();
$container
->register('customEmailUniqueEntity', 'EmailExistsValidator')
->addArgument($em),
->addTag('validator.constraint_validator');
$validatorBuilder = Validation::createValidatorBuilder();
$validatorBuilder->setConstraintValidatorFactory(
new ContainerConstraintValidatorFactory($container)
);
$validator = $validatorBuilder->getValidator();
$violations = $validator->validate('email address', [
new EmailExists()
]);
if (0 !== count($violations)) {
// there are errors, now you can show them
foreach ($violations as $violation) {
echo $violation->getMessage().'<br>';
}
}
and in constructor of EmailExistsValidator I have:
var_dump($em);
and I got $em object in validator, so $em is injected and adding addTag() did not cause any error. If I remove validatedBy() of EmailExists contsraint, injection will not be done. In that method I am doing
return `customEmailUniqueEntity;`
because if I return EmailExistsValidator, injection will not be done.
Now how to use validator.constraint_validator or EmailExists() as constraints array param of the form? if I use new EmailExists() I will get Two Few Aguments for validator class as $em wll not be injected this way. What to do?
Constraints are not validators.
Symfony will take a constraint and search for its validator by attaching Validator to the classname.
So in symfony you register your constraint by EmailExists but the class/service which actually does validation is EmailExistsValidator.
And this is also the place to inject EntityManagerInterface into it.
All information can be found here: Symfony - How to Create a custom Validation Constraint
Your customEmailUniqueEntity service will never be taken into account by the ContainerConstraintValidatorFactory when it determines the actual validator to be used for the EmailExists constraint.
In order to let the factory know which services are constraint validators you need to tag it with the validator.constraint_validator tag like this:
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\Validator\DependencyInjection\AddConstraintValidatorsPass;
$container = new ContainerBuilder();
$container
->register('customEmailUniqueEntity', 'EmailExistsValidator')
->addArgument($em)
->addTag('validator.constraint_validator');
$container->addCompilerPass(new AddConstraintValidatorPass());
$container->compile();
I start with Laravel, I write API. I have a method in TestController that checks if the student has correctly inserted data and has access to the exam solution. I do not think it's a good idea to have the whole method in the controller, but I have no idea how to separate it. I think about politics, but I have to have several models for one policy, maybe I can try to put part of the method on AuthorizeStudentRequest or try it in a different way? Of course, now I am returning 200 with the message, but I have to return 422 or another code with errors, but I have not done it because of my problem.
public function authorizeStudent(AuthorizeStudentRequest $request)
{
$hash = $request->input('hash');
$token = $request->input('token');
$exam = Exam::where([['hash', $hash], ['token', $token]])->first();
if($exam == null)
return ['message' => 'Exam does not exist.'];
$user = $exam->user_id;
$studentFirstname = $request->input('firstname');
$studentLastname = $request->input('lastname');
$student = Student::where([
['firstname', $studentFirstname],
['lastname', $studentLastname],
['user_id', $user]
])->first();
if($student == null)
return ['message' => 'Student does not exist.'];
$classroom = Classroom::where([
['name', $classroomName],
['user_id', $user]
])->first();
if($classroom == null)
return ['message' => 'Classroom does not exist.'];
if($student->classroom_id != $classroom->id)
return ['message' => 'Student is not in classroom.'];
if($exam->classrooms()->where(['classroom_id', $classroom->id], ['access', 1])->first() == null)
return ['message' => 'Class does not access to exam yet.'];
}
I would suggest you rather pass the primary keys of the selected $exam, $student and $classroom models to your controller from the form and validate whether they exist in the corresponding tables, rather than having to check their existence using a bunch of different columns.
If you pass the primary keys, you could use the 'exists' validation rule to check if they exist. For example, in your AuthorizeStudentRequest class you could have the following function:
public function rules()
{
return [
'exam_id' => 'required|exists:exams',
'student_id' => 'required|exists:students',
'classroom_id' => 'required|exists:classrooms',
];
}
Otherwise, if you really need to use the different columns to check the existence of the exam, student and classroom, you could create custom validation rules and use them in your AuthorizeStudentRequest class. For example, create a custom validation rule that checks whether the exam exists as follows:
$php artisan make:rule ExamExists
class ExamExists implements Rule
{
private $token;
private $hash;
public function __construct($token, $hash)
{
$this->token = $token;
$this->hash = $hash;
}
public function passes($attribute, $value)
{
return Exam::where([['hash', $hash], ['token', $token]])->count() > 0;
}
}
And then you can use the custom validation rule in your request as follows:
public function rules()
{
return [
'hash' => ['required', new ExamExists($this->hash, $this->token)],
... other validation rules ...
]
}
For checking whether a student has access to a classroom or a class has access to an exam, you could use policies.
API resources present a way to easily transform our models into JSON responses. It acts as a transformation layer that sits between our Eloquent models and the JSON responses that are actually returned by our API. API resources is made of two entities: a resource class and a resource collection. A resource class represents a single model that needs to be transformed into a JSON structure, while a resource collection is used for transforming collections of models into a JSON structure.
Both the resource class and the resource collection can be created using artisan commands:
// create a resource class
$ php artisan make:resource UserResource
// create a resource collection using either of the two commands
$ php artisan make:resource Users --collection
$ php artisan make:resource UserCollection
Before diving into all of the options available to you when writing resources, let's first take a high-level look at how resources are used within Laravel. A resource class represents a single model that needs to be transformed into a JSON structure. For example, here is a simple User resource class:
public function toArray($request)
{
return [
'id' => $this->id,
'name' => $this->name,
'email' => $this->email,
'created_at' => $this->created_at,
'updated_at' => $this->updated_at,
];
}
Every resource class defines a toArray method which returns the array of attributes that should be converted to JSON when sending the response. Notice that we can access model properties directly from the $this variable. More information here
https://laravel.com/docs/5.7/eloquent-resources
(using Zend Framework 2.2.4)
My validator factory, doesn't seem to "exist" at validation time. If I attempt to instantiate the validator from the controller in which the form is housed, it conversely works fine:
This works...
$mycustomvalidator = $this->getServiceLocator()
->get('ValidatorManager')
->get('LDP_PinAvailable');
Here's how things are set up otherwise in the code, I can't seem to find the problem, and was hopeful to avoid opening up ZF2 source to understand. By way of documentation, it seems right.
Module Config
public function getValidatorConfig()
{
return array(
'abstract_factories' => array(
'\LDP\Form\Validator\ValidatorAbstractFactory',
),
);
}
Factory Class
namespace LDP\Form\Validator;
use Zend\ServiceManager\AbstractFactoryInterface,
Zend\ServiceManager\ServiceLocatorInterface;
class ValidatorAbstractFactory implements AbstractFactoryInterface
{
public function canCreateServiceWithName(ServiceLocatorInterface $serviceLocator, $name, $requestedName)
{
return stristr($requestedName, 'LDP_PinAvailable') !== false;
}
public function createServiceWithName(ServiceLocatorInterface $locator, $name, $requestedName)
{
// baked in for sake of conversation
$validator = new \LDP\Form\Validator\PinAvailable();
if( $validator instanceof DatabaseFormValidatorInterface )
$validator->setDatabase( $locator->get('mysql_slave') );
return $validator;
}
}
Custom Validator
namespace LDP\Form\Validator;
class PinAvailable extends \Zend\Validator\AbstractValidator implements DatabaseFormValidatorInterface
{
/**
* #var \Zend\Db\Sql\Sql
*/
private $database;
public function setDatabase( \Zend\Db\Sql\Sql $db )
{
$this->database = $db;
}
public function isValid( $value )
{
$DBA = $this->database->getAdapter();
// do the mixed database stuff here
return true;
}
}
Lastly, the form field validator config part of the array:
'pin' => array(
'required' => true,
'filters' => array(
array('name' => 'alnum'),
array('name' => 'stringtrim'),
),
'validators' => array(
array( 'name' => 'LDP_PinAvailable' )
),
),
),
Piecing it all together, the form loads, and when submitted, it does with the stack trace below:
2013-10-28T17:09:35-04:00 ERR (3): Exception:
1: Zend\Validator\ValidatorPluginManager::get was unable to fetch or create an instance for LDP_PinAvailable
Trace:
#0 /Users/Saeven/Documents/workspace/Application/vendor/zendframework/zendframework/library/Zend/ServiceManager/AbstractPluginManager.php(103): Zend\ServiceManager\ServiceManager->get('LDP_PinAvailabl...', true)
#1 /Users/Saeven/Documents/workspace/Application/vendor/zendframework/zendframework/library/Zend/Validator/ValidatorChain.php(82): Zend\ServiceManager\AbstractPluginManager->get('LDP_PinAvailabl...', Array)
The ValidatorPluginManager extends the Zend\ServiceManager\AbstractPluginManager. The AbstractPluginManager has a feature called "autoAddInvokableClass", which is enabled by default.
Basically, what this means, is that if the service name requested can't be resolved by the ValidatorPluginManager, it will then check if the name is a valid class name. If so, it will simply add it as an invokable class right there, on-demand, which of course means that it will never fall back to your abstract factory.
To circumvent this behavior, the easiest method is to simply make your abstract factory respond to service names that do not actually resolve to the actual class names.
See: AbstractPluginManager.php#L98-L100
Digging some more, I've found the problem. It distilled to these lines in Zend\Validator\ValidatorChain circa line 80:
public function plugin($name, array $options = null)
{
$plugins = $this->getPluginManager();
return $plugins->get($name, $options);
}
There was no plugin manager available in context.
It took about three seconds of Googling to find that I had to do this when I prepared the form in the controller:
$validators = $this->getServiceLocator()->get('ValidatorManager');
$chain = new ValidatorChain();
$chain->setPluginManager( $validators );
$form->getFormFactory()->getInputFilterFactory()->setDefaultValidatorChain( $chain );
Hopefully this helps someone else. You are able to use regular old classnames when setting it up this way, no need to warp the classnames.
In ZF3/Laminas, if a validator is registered as an invokable, you can call the validator in the getInputFilterSpecification() of your form, and no problem. If a validator is instantiated using a factory, you get into trouble. If I understand correctly, even if your form is registered like this
'form_elements' => [
'factories' => [
SomeForm::class => SomeFormFactory::class,
]
]
and your validator:
'validators' => [
'factories' => [
SomeValidator::class => SomeValidatorFactory::class,
]
]
you won't be instantiating the validator via factory. The reason is that the form factory (the one you get like $form->getFormFactory()) has an input filter factory and in there sits default validator chain. And this validator chain has no ValidatorManager attached. And without the ValidatorManager, the default chain cannot map the validator name to the validator factory.
To solve all this headache, in your controller factory do this:
$form->('FormElementManager')->get(SomeForm::class);
$form->getFormFactory()->getInputFilterFactory()
->getDefaultValidatorChain()->setPluginManager($container->get('ValidatorManager'));
and your troubles are over.
I have created a form using Propel which submits fine, and validates. The problem comes when I try to commit the $user object - I get a MappingException. I really have no idea where this is coming from as previous references to $user seem to be fine.
Note that the commented line is taken from some of the form guides, but inserts an empty row into the database (though a var_dump of $user shows it has all of the information. I would be happy if I could get that to work as an alternative.
Here's my code:
namespace LifeMirror\APIBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Response;
use LifeMirror\APIBundle\Model\Users;
use LifeMirror\APIBundle\Model\UsersQuery;
use LifeMirror\APIBundle\Form\Type\UsersType;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use FOS\RestBundle\View\View;
class RegisterController extends Controller
{
public function indexAction()
{
return $this->processForm(new Users());
}
private function processForm(Users $user)
{
$statusCode = $user->isNew() ? 201 : 204;
$em = $this->getDoctrine()->getEntityManager();
$form = $this->createForm(new UsersType(), $user);
//die(phpinfo());
$form->bind(array(
"firstName" => $this->getRequest()->request->get('firstName'),
"lastName" => $this->getRequest()->request->get('lastName'),
"email" => $this->getRequest()->request->get('email'),
"password" => $this->getRequest()->request->get('password'),
"dob" => array(
"year" => json_decode($this->getRequest()->request->get('dob'))->year,
"month" => json_decode($this->getRequest()->request->get('dob'))->month,
"day" => json_decode($this->getRequest()->request->get('dob'))->day
),
"location" => $this->getRequest()->request->get('location'),
"tutorialWatched" => $this->getRequest()->request->get('tutorialWatched'),
"challengeEmails" => $this->getRequest()->request->get('challengeEmails'),
"mailingList" => $this->getRequest()->request->get('mailingList')
));
if ($form->isValid()) {
//$user->save();
$em->persist($user);
$em->flush();
$response = new Response();
$response->setStatusCode($statusCode);
return $response;
}
$view = View::create($form, 400);
$view->setFormat('json');
return $view;
}
}
Are you sure that you're field names are firstName, lastName and so on? Typically Propel generates field names in capitalized CamelCase, thus I would expect to see FirstName and LastName. If the field names don't match exactly then Propel will not assign the values, and thus result in an empty INSERT. You can dump a list of the User field names like so:
var_dump(BaseUserPeer::getFieldNames());
It seems you try to persist a Propel object using doctrine.
That's surely not what you want, even if it's theorically possible, if you add some doctrine mapping for the Model\Users class.
What you surely want is to persist the $user's state:
if ($form->isValid()) {
$user->save(); // propel object implements Active Record pattern, they can save themselves, no doctrine entityManager needed.
}