Closed
Description
API Platform version(s) affected: 2.6.4
Everything ok when you downgrade to 2.6.3
Description
ApiResource parameters denormalizationContext and normalizationContext doesn't affect.
How to reproduce
In version 2.6.4 - swagger shows all fields and ignores denormalizationContext and normalizationContext
But In versions before that, for example 2.6.3 - everything is ok. Swagger shows considering denormalizationContext and normalizationContext goups
How swagger looks with ApiPlatform version 2.6.3
Same code with 2.6.4
Original file is there: https://github.com/kadirov/api-starter-kit/blob/master/src/Entity/User.php
#[ApiResource(
collectionOperations: [
'get' => [
'security' => "is_granted('ROLE_ADMIN')",
'normalization_context' => ['groups' => ['users:read']],
],
'post' => [
'controller' => UserCreateAction::class,
],
'aboutMe' => [
'controller' => UserAboutMeAction::class,
'method' => 'get',
'path' => 'users/about_me',
'openapi_context' => [
'summary' => 'Shows info about the authenticated user',
],
],
'auth' => [
'controller' => UserAuthAction::class,
'method' => 'post',
'path' => 'users/auth',
'openapi_context' => ['summary' => 'Authorization'],
],
'authByRefreshToken' => [
'controller' => UserAuthByRefreshTokenAction::class,
'method' => 'post',
'path' => 'users/auth/refreshToken',
'openapi_context' => ['summary' => 'Authorization by refreshToken'],
'input' => RefreshTokenRequestDto::class,
],
'isUniqueEmail' => [
'controller' => UserIsUniqueEmailAction::class,
'method' => 'post',
'path' => 'users/is_unique_email',
'openapi_context' => ['summary' => 'Checks email for uniqueness'],
'denormalization_context' => ['groups' => ['user:isUniqueEmail:write']],
],
],
itemOperations: [
'changePassword' => [
'controller' => UserChangePasswordAction::class,
'method' => 'put',
'path' => 'users/{id}/password',
'security' => "object == user || is_granted('ROLE_ADMIN')",
'openapi_context' => ['summary' => 'Changes password'],
'denormalization_context' => ['groups' => ['user:changePassword:write']],
],
'delete' => [
'controller' => DeleteAction::class,
'security' => "object == user || is_granted('ROLE_ADMIN')",
],
'get' => [
'security' => "object == user || is_granted('ROLE_ADMIN')",
],
'put' => [
'security' => "object == user || is_granted('ROLE_ADMIN')",
'denormalization_context' => ['groups' => ['user:put:write']],
],
],
denormalizationContext: ['groups' => ['user:write']],
normalizationContext: ['groups' => ['user:read', 'users:read']],
)]
#[ApiFilter(OrderFilter::class, properties: ['id', 'createdAt', 'updatedAt', 'email'])]
#[ApiFilter(SearchFilter::class, properties: ['id' => 'exact', 'email' => 'partial'])]
#[UniqueEntity('email', message: 'This email is already used')]
/**
* @ORM\Entity(repositoryClass=UserRepository::class)
*/
class User implements
UserInterface,
UpdatedAtSettableInterface,
CreatedAtSettableInterface,
IsDeletedSettableInterface
{
/**
* @ORM\Id
* @ORM\GeneratedValue
* @ORM\Column(type="integer")
*/
#[Groups(['users:read'])]
private $id;
/**
* @ORM\Column(type="string", length=255)
*/
#[Assert\Email]
#[Groups(['users:read', 'user:write', 'user:put:write', 'user:isUniqueEmail:write'])]
private $email;
/**
* @ORM\Column(type="string", length=255)
*/
#[Groups(['user:write', 'user:changePassword:write'])]
private $password;
/**
* @ORM\Column(type="array")
*/
#[Groups(['user:read'])]
private $roles = [];
/**
* @ORM\Column(type="datetime")
*/
#[Groups(['user:read'])]
private $createdAt;
/**
* @ORM\Column(type="datetime", nullable=true)
* @Groups({"user:read"})
*/
#[Groups(['user:read'])]
private $updatedAt;
/**
* @ORM\Column(type="boolean")
*/
private $isDeleted = false;
// here getter and setter methods...
}Possible Solution
Downgrade to 2.6.3
Additional Context
Symfony version 5.2.6
PHP version 8.0.3
OS: tested on windows 10, Fedora 33, docker with Debian 10
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity
rabraghib commentedon Apr 25, 2021
I have the same issus, but if you checked the respenses schemas
normalization_context's have been applied, OnlydenormalizationContext's that dont workpapylhomme commentedon Apr 27, 2021
Same problem here, downgrading to 2.6.3 works
lebadapetru commentedon Apr 28, 2021
I feel a bit relieved that i'm not the only one facing this issue. i've opened a bug here but i think it's the wrong place for it.
papylhomme commentedon Apr 29, 2021
for what it's worth the controllers seem to be working just fine, the only real problem is the swagger UI displaying the wrong schema
kadirov commentedon Apr 29, 2021
No, if you send for example password field which not showed in swagger then api-platfoem ignores it
imsheng commentedon Apr 29, 2021
Same problem here
aglou commentedon Apr 29, 2021
just to follow!
miguelBarreiro85 commentedon May 3, 2021
same problem
weaverryan commentedon May 3, 2021
Btw, if anyone wants to do some digging, since the problem occurs between 2.6.3 and 2.6.4, here is the diff: api-platform/core@v2.6.3...v2.6.4
From that diff, api-platform/core#4138 looks particularly interesting. If someone having this issue could try to "revert" that PR manually on their local copy... to see if it makes any difference, that might help things :).
Cheers!
guilliamxavier commentedon May 4, 2021
Indeed, several issues popped up after api-platform/core#4138 (more precisely the commit "Improve openapi performances"), for which the latest fix is api-platform/core#4247
raph35 commentedon Jun 3, 2021
Swagger display the wrong schema in the method but the controller still follow the right schema that is created with normalizationContext and denormalizationContext
(It seems that Swagger UI only display the wrong schema but the controllers still working and filter the data that have been posted
Renrhaf commentedon Jun 7, 2021
Same issue here, everything still works fine in the backend but the Swagger/ReDoc is not using the denormalization context data to show the right parameters.
17 remaining items