In Symfony5 security Roles are plain strings. So, a User entity generally has a $roles array that stores the role name strings, for example:
class User {
/** @ORM\Column(type="json") */
protected array $roles = ['ROLE_USER'];
// ...
}
However, in my environment I want to enrich Roles with descriptions and other meta data, so I have a Role class, and I want to be able to fetch a list of roles for a single user using the api-platform framework (note: fetching a collection of Roles is not an issue and can be done out-of-the-box).
CodePudding user response:
This can be accomplished by defining a custom Subresource DataProvider in Api-Platform. And the beautiful part is all filters and pagination will work naturally (however, the filters will not show up in the API Docs; I'm not sure how to fix that).
- Define the
@ApiSubresourceon your User::$roles property:
/**
* @ApiSubresource(maxDepth=1)
* @ORM\Column(type="json")
*/
protected array $roles = [];
- Create your DataProvider. This is what I use but could use some improvements to be more generic.
<?php
namespace App\DataProvider;
use ApiPlatform\Core\Bridge\Doctrine\Orm\Extension\QueryResultCollectionExtensionInterface;
use ApiPlatform\Core\Bridge\Doctrine\Orm\Util\QueryNameGenerator;
use ApiPlatform\Core\DataProvider\RestrictedDataProviderInterface;
use ApiPlatform\Core\DataProvider\SubresourceDataProviderInterface;
use ApiPlatform\Core\Exception\InvalidResourceException;
use ApiPlatform\Core\Exception\RuntimeException;
use App\Entity\Role;
use App\Entity\User;
use Doctrine\ORM\EntityManagerInterface;
use Doctrine\ORM\QueryBuilder;
use Doctrine\Persistence\ManagerRegistry;
/**
* Converts the User::$roles plain array into a collection of Role entities.
*/
class UserRoleDataProvider implements SubresourceDataProviderInterface, RestrictedDataProviderInterface
{
private iterable $collectionExtensions;
private ManagerRegistry $managerRegistry;
public function __construct(ManagerRegistry $managerRegistry, iterable $collectionExtensions = [])
{
$this->managerRegistry = $managerRegistry;
$this->collectionExtensions = $collectionExtensions;
}
public function getSubresource(string $resourceClass, array $identifiers, array $context, string $operationName = null)
{
$manager = $this->managerRegistry->getManagerForClass(Role::class);
$repository = $manager->getRepository(Role::class);
if (!method_exists($repository, 'createQueryBuilder')) {
throw new RuntimeException('The repository class must have a "createQueryBuilder" method.');
}
/** @var User $user */
$user = $this->managerRegistry->getManagerForClass(User::class)->getRepository(User::class)->find($identifiers['id']['id']);
if (!$user) {
throw new InvalidResourceException('Resource not found');
}
/** @var QueryBuilder $queryBuilder */
$queryBuilder = $repository->createQueryBuilder('o');
$queryNameGenerator = new QueryNameGenerator();
$param = $queryNameGenerator->generateParameterName('roleNames');
$queryBuilder->where(sprintf('o.name IN (:%s)', $param))->setParameter($param, $user->getRoles());
foreach ($this->collectionExtensions as $extension) {
$extension->applyToCollection($queryBuilder, $queryNameGenerator, Role::class, $operationName, $context);
if ($extension instanceof QueryResultCollectionExtensionInterface && $extension->supportsResult(Role::class, $operationName, $context)) {
return $extension->getResult($queryBuilder, $resourceClass, $operationName, $context);
}
}
return $queryBuilder;
}
public function supports(string $resourceClass, string $operationName = null, array $context = []): bool
{
return User::class === $resourceClass
&& $context['property'] === 'roles'
&& $this->managerRegistry->getManagerForClass($resourceClass) instanceof EntityManagerInterface;
}
}
- Configure the service
App\DataProvider\UserRoleDataProvider:
arguments:
$collectionExtensions: !tagged api_platform.doctrine.orm.query_extension.collection
- You can now call your route:
path('api_users_roles_get_subresource', {id: user.id})
It took me a bit to figure this out, so I hope this helps someone.