Respect Constraint Validation Groups When Describing Models #1902
Conversation
This support is gated behind a flag as turning it on seems like it would be a large backwards incompatible change.
If this was turned on by default, that seems like a _large_ BC break as folks entire OpenAPI doc could change underneath them. The config option defaults to false and users can enable it if they desire.
chrisguitarguy
force-pushed
the
constraint_groups
branch
from
fab1e75
to
1e45fdf
Compare
|
Sorry it took me quite a while to leave a comment, I was not sure what to do as this is a fairly large change. I wonder if it would not be safer to instead add a separate |
I honestly don't know enough about how the combo of serializer + validator is used in the wider community to give a good answer to that. I can tell you that mine are always the same. Eg I have properties in a If |
The added config option makes this disabled by default, at least, so it's not changing everything out from under users in one go. |
|
I fixed the conflicts :) Actually I don't have a strong opinion here, I guess if this disabled by default this should be fine. But then I guess we should insist in the docs that this exists, shouldn't we? |
Yep, I need to write something up on it. I don't disagree with you on the |
|
We've just stumbled upon this problem as well. It sort of blocks us in development at this point. This MR looks pretty good to me and solves the issues, when Generated OpenAPI has model restrictions, that should not be present for given endpoint, based on those groups. I also like, that you can enable / disable this feature, to preserve BC. Regarding WDYT @GuilhemN @chrisguitarguy ? |
|
Hi @chrisguitarguy I slightly edited your work in my fork, specifically Other issue is that if I don't have any groups specified in validation constraint they should run for every group regardless of deserializationContext so I added that as well. Feel free to review my changes, but otherwise great work thanks 👍 |
chrisguitarguy
force-pushed
the
constraint_groups
branch
from
f94cbb1
to
6b2ef45
Compare
I'm not sure that's true. When groups are not passed, it falls back to the default group in the validator.
Which is why empty groups default to the default group -- granted this is not great since default groups can depend on the validator context.
So someone set groups like this? Symfony has some stuff in constraints that should prevent
|
With some examples of objects and the use of model as well as some implications for generated code.
|
@GuilhemN I updated the docs here, but I'm not sure how I can verify that they look okay. Seems like the Symfony.com docs have some of their RST extension stuff. |
|
I think there has been a little misunderstanding let me explain on example. final class CreateCard
{
/**
* @Assert\NotNull
* @Assert\NotBlank
* @Groups({"api", "detail"})
* @OA\Property(example="123456")
*/
public int $userId;
/**
* @Assert\NotNull
* @Assert\NotBlank
* @Groups({"api", "detail"})
* @OA\Property(example="nets")
*/
public PaymentGateway $paymentGateway;
/**
* @Assert\NotNull
* @Assert\NotBlank
* @Groups({"api"})
* @OA\Property(example="Visa")
*/
public CardIssuer $issuer;and my route is defined like this: /**
* Card should be created for a user through the purchase process (PaymentController::purchase).
* Saves an active credit card for the migrated user. Used only for user migration purposes.
*
* @Route("", methods={"POST"})
* @OA\Response(response=201, description="Active card created")
* @ParamConverter("createCard", options={"deserializationContext"={"groups"={"api"}}})
*/
public function createCard(CreateCard $createCard, ConstraintViolationList $validationErrors): Card
{
if ($validationErrors->count() > 0) {
throw new ValidationHttpException($validationErrors);
}as you can see my asserts don't have any groups specified which means validation on them is running for every deserialization group which is symfony doing correctly since I don't have explicit validationContext groups defined. But your current solution is not accounting for those asserts and therefore they are not generated in documentation as required properties.
I thought so too, but as you can see property |
Are you sure your constraints are running because wahtever handles That's just a guess though, you'd have to look at whatever deals with |
|
Ah the handler for that is in Validator: |
|
About the docs, I added #1997 which should now lint the docs so that they compile on symfony.com (it comes from part of the CI used by symfony/symfony-docs). To use this action, rebasing your pull request on |
|
Looks like it worked @GuilhemN !! |
|
@chrisguitarguy ye you are right, I've got little confused there. So when can you see this merged? For now we are just going to use a fork, but we would like to use proper package versioning. |
There was a problem hiding this comment.
It's all good for me. @chrisguitarguy is this finalized for you?
|
Yep! I'll merge it. |
Should close #1857
I added a configuration option to enable this as it seems like a fairly large BC break to just turn it on. A user's entire OpenAPI doc could change underneath them.
One thing that I"m not sure I handled correclty is the default constraint group. There's a special constant for it in the constraint class as well as some handling on it with
__{isset,get,set}, but the docs also mention that the class's short name is the default group as well.There's also some things around group sequences that are not dealt with here, but the
@Modelannotation does not support them either.This also fixes a deprecated call to
getCollectionKeyTypeon Symfony 5.3+.