vendor/api-platform/core/src/Symfony/EventListener/DeserializeListener.php line 83

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the API Platform project.
  5.  *
  6.  * (c) Kévin Dunglas <dunglas@gmail.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace ApiPlatform\Symfony\EventListener;
  16. use ApiPlatform\Api\FormatMatcher;
  17. use ApiPlatform\Core\Api\FormatsProviderInterface;
  18. use ApiPlatform\Core\Metadata\Resource\Factory\ResourceMetadataFactoryInterface;
  19. use ApiPlatform\Core\Metadata\Resource\ToggleableOperationAttributeTrait;
  20. use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
  21. use ApiPlatform\Serializer\SerializerContextBuilderInterface;
  22. use ApiPlatform\Util\OperationRequestInitiatorTrait;
  23. use ApiPlatform\Util\RequestAttributesExtractor;
  24. use Symfony\Component\HttpFoundation\Request;
  25. use Symfony\Component\HttpKernel\Event\RequestEvent;
  26. use Symfony\Component\HttpKernel\Exception\UnsupportedMediaTypeHttpException;
  27. use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
  28. use Symfony\Component\Serializer\SerializerInterface;
  30. /**
  31.  * Updates the entity retrieved by the data provider with data contained in the request body.
  32.  *
  33.  * @author Kévin Dunglas <dunglas@gmail.com>
  34.  */
  35. final class DeserializeListener
  36. {
  37.     use OperationRequestInitiatorTrait;
  38.     use ToggleableOperationAttributeTrait;
  40.     public const OPERATION_ATTRIBUTE_KEY 'deserialize';
  42.     private $serializer;
  43.     private $serializerContextBuilder;
  44.     private $formats;
  45.     private $formatsProvider;
  47.     /**
  48.      * @param ResourceMetadataCollectionFactoryInterface|ResourceMetadataFactoryInterface|FormatsProviderInterface|array $resourceMetadataFactory
  49.      */
  50.     public function __construct(SerializerInterface $serializerSerializerContextBuilderInterface $serializerContextBuilder$resourceMetadataFactory)
  51.     {
  52.         $this->serializer $serializer;
  53.         $this->serializerContextBuilder $serializerContextBuilder;
  55.         $this->resourceMetadataFactory $resourceMetadataFactory;
  57.         if ($resourceMetadataFactory) {
  58.             if (!$resourceMetadataFactory instanceof ResourceMetadataFactoryInterface && !$resourceMetadataFactory instanceof ResourceMetadataCollectionFactoryInterface) {
  59.                 @trigger_error(sprintf('Passing an array or an instance of "%s" as 3rd parameter of the constructor of "%s" is deprecated since API Platform 2.5, pass an instance of "%s" instead'FormatsProviderInterface::class, __CLASS__ResourceMetadataFactoryInterface::class), \E_USER_DEPRECATED);
  60.             }
  62.             if ($resourceMetadataFactory instanceof ResourceMetadataFactoryInterface && !$resourceMetadataFactory instanceof ResourceMetadataCollectionFactoryInterface) {
  63.                 trigger_deprecation('api-platform/core''2.7'sprintf('Use "%s" instead of "%s".'ResourceMetadataCollectionFactoryInterface::class, ResourceMetadataFactoryInterface::class));
  64.             }
  66.             if ($resourceMetadataFactory instanceof ResourceMetadataCollectionFactoryInterface) {
  67.                 $this->resourceMetadataCollectionFactory $resourceMetadataFactory;
  68.             }
  69.         }
  71.         if (\is_array($resourceMetadataFactory)) {
  72.             $this->formats $resourceMetadataFactory;
  73.         } elseif ($resourceMetadataFactory instanceof FormatsProviderInterface) {
  74.             $this->formatsProvider $resourceMetadataFactory;
  75.         }
  76.     }
  78.     /**
  79.      * Deserializes the data sent in the requested format.
  80.      *
  81.      * @throws UnsupportedMediaTypeHttpException
  82.      */
  83.     public function onKernelRequest(RequestEvent $event): void
  84.     {
  85.         $request $event->getRequest();
  86.         $method $request->getMethod();
  88.         $operation $this->initializeOperation($request);
  90.         if (
  91.             'DELETE' === $method
  92.             || $request->isMethodSafe()
  93.             || !($attributes RequestAttributesExtractor::extractAttributes($request))
  94.         ) {
  95.             return;
  96.         }
  98.         if ($this->resourceMetadataFactory instanceof ResourceMetadataCollectionFactoryInterface &&
  99.             (!$operation || !($operation->canDeserialize() ?? true) || !$attributes['receive'])
  100.         ) {
  101.             return;
  102.         }
  104.         if ($this->resourceMetadataFactory instanceof ResourceMetadataFactoryInterface && (
  105.             !$attributes['receive']
  106.             || $this->isOperationAttributeDisabled($attributesself::OPERATION_ATTRIBUTE_KEY)
  107.         )) {
  108.             return;
  109.         }
  111.         $context $this->serializerContextBuilder->createFromRequest($requestfalse$attributes);
  113.         $formats $operation $operation->getInputFormats() ?? null null;
  115.         if (!$formats) {
  116.             // BC check to be removed in 3.0
  117.             if ($this->resourceMetadataFactory instanceof ResourceMetadataFactoryInterface) {
  118.                 @trigger_error('When using a "route_name", be sure to define the "_api_operation" route defaults as we will not rely on metadata in API Platform 3.0.'\E_USER_DEPRECATED);
  119.                 $formats $this->resourceMetadataFactory
  120.                     ->create($attributes['resource_class'])
  121.                     ->getOperationAttribute($attributes'input_formats', [], true);
  122.             } elseif ($this->formatsProvider instanceof FormatsProviderInterface) {
  123.                 $formats $this->formatsProvider->getFormatsFromAttributes($attributes);
  124.             } else {
  125.                 $formats $this->formats;
  126.             }
  127.         }
  129.         $format $this->getFormat($request$formats);
  130.         $data $request->attributes->get('data');
  131.         if (null !== $data) {
  132.             $context[AbstractNormalizer::OBJECT_TO_POPULATE] = $data;
  133.         }
  135.         $request->attributes->set(
  136.             'data',
  137.             $this->serializer->deserialize($request->getContent(), $context['resource_class'], $format$context)
  138.         );
  139.     }
  141.     /**
  142.      * Extracts the format from the Content-Type header and check that it is supported.
  143.      *
  144.      * @throws UnsupportedMediaTypeHttpException
  145.      */
  146.     private function getFormat(Request $request, array $formats): string
  147.     {
  148.         /**
  149.          * @var string|null
  150.          */
  151.         $contentType $request->headers->get('CONTENT_TYPE');
  152.         if (null === $contentType) {
  153.             throw new UnsupportedMediaTypeHttpException('The "Content-Type" header must exist.');
  154.         }
  156.         $formatMatcher = new FormatMatcher($formats);
  157.         $format $formatMatcher->getFormat($contentType);
  158.         if (null === $format) {
  159.             $supportedMimeTypes = [];
  160.             foreach ($formats as $mimeTypes) {
  161.                 foreach ($mimeTypes as $mimeType) {
  162.                     $supportedMimeTypes[] = $mimeType;
  163.                 }
  164.             }
  166.             throw new UnsupportedMediaTypeHttpException(sprintf('The content-type "%s" is not supported. Supported MIME types are "%s".'$contentTypeimplode('", "'$supportedMimeTypes)));
  167.         }
  169.         return $format;
  170.     }
  171. }
  173. class_alias(DeserializeListener::class, \ApiPlatform\Core\EventListener\DeserializeListener::class);