7582727293

Committed 19 Jan 2024 10:45AM UTC coverage: 61.96% (+2.8%) from 59.207%

Build # 7582727293

Build Type

push

github

Committed by

web-flow

Commit Message

feat(symfony): request and view kernel listeners (#6102)

Run Details

133 of 266 new or added lines in 19 files covered. (50.0%)

447 existing lines in 32 files now uncovered.

17435 of 28139 relevant lines covered (61.96%)

32.39 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

60.0

/src/Symfony/EventListener/ErrorListener.php

<?php

/*
 * This file is part of the API Platform project.
 *
 * (c) Kévin Dunglas <dunglas@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

declare(strict_types=1);

namespace ApiPlatform\Symfony\EventListener;

use ApiPlatform\Api\IdentifiersExtractorInterface as LegacyIdentifiersExtractorInterface;
use ApiPlatform\Api\ResourceClassResolverInterface as LegacyResourceClassResolverInterface;
use ApiPlatform\Metadata\Error as ErrorOperation;
use ApiPlatform\Metadata\Exception\HttpExceptionInterface;
use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
use ApiPlatform\Metadata\HttpOperation;
use ApiPlatform\Metadata\IdentifiersExtractorInterface;
use ApiPlatform\Metadata\Operation;
use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
use ApiPlatform\Metadata\ResourceClassResolverInterface;
use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
use ApiPlatform\State\ApiResource\Error;
use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
use ApiPlatform\Symfony\Util\RequestAttributesExtractor;
use ApiPlatform\Validator\Exception\ValidationException;
use Negotiation\Negotiator;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\EventListener\ErrorListener as SymfonyErrorListener;
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;

/**
 * This error listener extends the Symfony one in order to add
 * the `_api_operation` attribute when the request is duplicated.
 * It will later be used to retrieve the exceptionToStatus from the operation ({@see ApiPlatform\Action\ExceptionAction}).
 *
 * @internal since API Platform 3.2
 */
final class ErrorListener extends SymfonyErrorListener
{
    use ContentNegotiationTrait;
    use OperationRequestInitiatorTrait;

    public function __construct(
        object|array|string|null $controller,
        LoggerInterface $logger = null,
        bool $debug = false,
        array $exceptionsMapping = [],
        ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory = null,
        private readonly array $errorFormats = [],
        private readonly array $exceptionToStatus = [],
        /** @phpstan-ignore-next-line we're not using this anymore but keeping for bc layer */
        private readonly null|IdentifiersExtractorInterface|LegacyIdentifiersExtractorInterface $identifiersExtractor = null,
        private readonly null|ResourceClassResolverInterface|LegacyResourceClassResolverInterface $resourceClassResolver = null,
        Negotiator $negotiator = null,
        private readonly bool $problemCompliantErrors = true,
    ) {
        parent::__construct($controller, $logger, $debug, $exceptionsMapping);
        $this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;
        $this->negotiator = $negotiator ?? new Negotiator();
    }

    protected function duplicateRequest(\Throwable $exception, Request $request): Request
    {
        $format = $this->getRequestFormat($request, $this->errorFormats, false);
        // Because ErrorFormatGuesser is buggy in some cases
        $request->setRequestFormat($format);
        $apiOperation = $this->initializeOperation($request);

        // TODO: add configuration flag to:
        //   - always use symfony error handler (skips this listener)
        //   - use symfony error handler if it's not an api error, ie apiOperation is null
        //   - use api platform to handle errors (the default behavior we handle firewall errors for example but they're out of our scope)

        // Let the error handler take this we don't handle HTML nor non-api platform requests
        if ('html' === $format) {
            $this->controller = 'error_controller';

            return parent::duplicateRequest($exception, $request);
        }

        $legacy = $apiOperation ? ($apiOperation->getExtraProperties()['rfc_7807_compliant_errors'] ?? false) : $this->problemCompliantErrors;

        if (!$this->problemCompliantErrors || !$legacy) {
            // TODO: deprecate in API Platform 3.3
            $this->controller = 'api_platform.action.exception';
            $dup = parent::duplicateRequest($exception, $request);
            $dup->attributes->set('_api_operation', $apiOperation);
            $dup->attributes->set('_api_exception_action', true);

            return $dup;
        }

        if ($this->debug) {
            $this->logger?->error('An exception occured, transforming to an Error resource.', ['exception' => $exception, 'operation' => $apiOperation]);
        }

        $dup = parent::duplicateRequest($exception, $request);
        $operation = $this->initializeExceptionOperation($request, $exception, $format, $apiOperation);

        if (null === $operation->getProvider()) {
            $operation = $operation->withProvider('api_platform.state.error_provider');
        }

        $normalizationContext = $operation->getNormalizationContext() ?? [];
        if (!($normalizationContext['api_error_resource'] ?? false)) {
            $normalizationContext += ['api_error_resource' => true];
        }

        if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {
            $normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = ['trace', 'file', 'line', 'code', 'message', 'traceAsString'];
        }

        $operation = $operation->withNormalizationContext($normalizationContext);

        $dup->attributes->set('_api_resource_class', $operation->getClass());
        $dup->attributes->set('_api_previous_operation', $apiOperation);
        $dup->attributes->set('_api_operation', $operation);
        $dup->attributes->set('_api_operation_name', $operation->getName());
        $dup->attributes->set('exception', $exception);
        // These are for swagger
        $dup->attributes->set('_api_original_route', $request->attributes->get('_route'));
        $dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));
        $dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));
        $dup->attributes->set('_api_platform_disable_listeners', true);

        return $dup;
    }

    /**
     * @return array<int, array<class-string, int>>
     */
    private function getOperationExceptionToStatus(Request $request): array
    {
        $attributes = RequestAttributesExtractor::extractAttributes($request);

        if ([] === $attributes) {
            return [];
        }

        $resourceMetadataCollection = $this->resourceMetadataCollectionFactory->create($attributes['resource_class']);
        $operation = $resourceMetadataCollection->getOperation($attributes['operation_name'] ?? null);

        if (!$operation instanceof HttpOperation) {
            return [];
        }

        $exceptionToStatus = [$operation->getExceptionToStatus() ?: []];

        foreach ($resourceMetadataCollection as $resourceMetadata) {
            /* @var \ApiPlatform\Metadata\ApiResource; $resourceMetadata */
            $exceptionToStatus[] = $resourceMetadata->getExceptionToStatus() ?: [];
        }

        return array_merge(...$exceptionToStatus);
    }

    private function getStatusCode(?HttpOperation $apiOperation, Request $request, ?HttpOperation $errorOperation, \Throwable $exception): int
    {
        $exceptionToStatus = array_merge(
            $this->exceptionToStatus,
            $apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : $this->getOperationExceptionToStatus($request),
            $errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : []
        );

        foreach ($exceptionToStatus as $class => $status) {
            if (is_a($exception::class, $class, true)) {
                return $status;
            }
        }

        if ($exception instanceof SymfonyHttpExceptionInterface) {
            return $exception->getStatusCode();
        }

        if ($exception instanceof ProblemExceptionInterface && $status = $exception->getStatus()) {
            return $status;
        }

        if ($exception instanceof HttpExceptionInterface) {
            return $exception->getStatusCode();
        }

        if ($exception instanceof RequestExceptionInterface) {
            return 400;
        }

        if ($exception instanceof ValidationException) {
            return 422;
        }

        if ($status = $errorOperation?->getStatus()) {
            return $status;
        }

        return 500;
    }

    private function getFormatOperation(?string $format): string
    {
        return match ($format) {
            'json' => '_api_errors_problem',
            'jsonproblem' => '_api_errors_problem',
            'jsonld' => '_api_errors_hydra',
            'jsonapi' => '_api_errors_jsonapi',
            'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider
            default => '_api_errors_problem'
        };
    }

    private function initializeExceptionOperation(?Request $request, \Throwable $exception, string $format, ?HttpOperation $apiOperation): Operation
    {
        if (!$this->resourceMetadataCollectionFactory) {
            $operation = new ErrorOperation(
                name: '_api_errors_problem',
                class: Error::class,
                outputFormats: ['jsonld' => ['application/problem+json']],
                normalizationContext: ['groups' => ['jsonld'], 'skip_null_values' => true]
            );

            return $operation->withStatus($this->getStatusCode($apiOperation, $request, $operation, $exception));
        }

        if ($this->resourceClassResolver?->isResourceClass($exception::class)) {
            $resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);

            $operation = null;
            // TODO: move this to ResourceMetadataCollection?
            foreach ($resourceCollection as $resource) {
                foreach ($resource->getOperations() as $op) {
                    foreach ($op->getOutputFormats() as $key => $value) {
                        if ($key === $format) {
                            $operation = $op;
                            break 3;
                        }
                    }
                }
            }

            // No operation found for the requested format, we take the first available
            $operation ??= $resourceCollection->getOperation();

            if ($exception instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {
                return $operation->withStatus($this->getStatusCode($apiOperation, $request, $operation, $exception));
            }

            return $operation;
        }

        // Create a generic, rfc7807 compatible error according to the wanted format
        $operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));
        // status code may be overriden by the exceptionToStatus option
        $statusCode = 500;
        if ($operation instanceof HttpOperation) {
            $statusCode = $this->getStatusCode($apiOperation, $request, $operation, $exception);
            $operation = $operation->withStatus($statusCode);
        }

        return $operation;
    }
}

1	<?php
2
3	/*
4	* This file is part of the API Platform project.
5	*
6	* (c) Kévin Dunglas <dunglas@gmail.com>
7	*
8	* For the full copyright and license information, please view the LICENSE
9	* file that was distributed with this source code.
10	*/
11
12	declare(strict_types=1);
13
14	namespace ApiPlatform\Symfony\EventListener;
15
16	use ApiPlatform\Api\IdentifiersExtractorInterface as LegacyIdentifiersExtractorInterface;
17	use ApiPlatform\Api\ResourceClassResolverInterface as LegacyResourceClassResolverInterface;
18	use ApiPlatform\Metadata\Error as ErrorOperation;
19	use ApiPlatform\Metadata\Exception\HttpExceptionInterface;
20	use ApiPlatform\Metadata\Exception\ProblemExceptionInterface;
21	use ApiPlatform\Metadata\HttpOperation;
22	use ApiPlatform\Metadata\IdentifiersExtractorInterface;
23	use ApiPlatform\Metadata\Operation;
24	use ApiPlatform\Metadata\Resource\Factory\ResourceMetadataCollectionFactoryInterface;
25	use ApiPlatform\Metadata\ResourceClassResolverInterface;
26	use ApiPlatform\Metadata\Util\ContentNegotiationTrait;
27	use ApiPlatform\State\ApiResource\Error;
28	use ApiPlatform\State\Util\OperationRequestInitiatorTrait;
29	use ApiPlatform\Symfony\Util\RequestAttributesExtractor;
30	use ApiPlatform\Validator\Exception\ValidationException;
31	use Negotiation\Negotiator;
32	use Psr\Log\LoggerInterface;
33	use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
34	use Symfony\Component\HttpFoundation\Request;
35	use Symfony\Component\HttpKernel\EventListener\ErrorListener as SymfonyErrorListener;
36	use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface as SymfonyHttpExceptionInterface;
37	use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
38
39	/**
40	* This error listener extends the Symfony one in order to add
41	* the `_api_operation` attribute when the request is duplicated.
42	* It will later be used to retrieve the exceptionToStatus from the operation ({@see ApiPlatform\Action\ExceptionAction}).
43	*
44	* @internal since API Platform 3.2
45	*/
46	final class ErrorListener extends SymfonyErrorListener
47	{
48	use ContentNegotiationTrait;
49	use OperationRequestInitiatorTrait;
50
51	public function __construct(
52	object\|array\|string\|null $controller,
53	LoggerInterface $logger = null,
54	bool $debug = false,
55	array $exceptionsMapping = [],
56	ResourceMetadataCollectionFactoryInterface $resourceMetadataCollectionFactory = null,
57	private readonly array $errorFormats = [],
58	private readonly array $exceptionToStatus = [],
59	/** @phpstan-ignore-next-line we're not using this anymore but keeping for bc layer */
60	private readonly null\|IdentifiersExtractorInterface\|LegacyIdentifiersExtractorInterface $identifiersExtractor = null,
61	private readonly null\|ResourceClassResolverInterface\|LegacyResourceClassResolverInterface $resourceClassResolver = null,
62	Negotiator $negotiator = null,
63	private readonly bool $problemCompliantErrors = true,
64	) {
65	parent::__construct($controller, $logger, $debug, $exceptionsMapping);	108✔
66	$this->resourceMetadataCollectionFactory = $resourceMetadataCollectionFactory;	108✔
67	$this->negotiator = $negotiator ?? new Negotiator();	108✔
68	}
69
70	protected function duplicateRequest(\Throwable $exception, Request $request): Request
71	{
72	$format = $this->getRequestFormat($request, $this->errorFormats, false);	8✔
73	// Because ErrorFormatGuesser is buggy in some cases
74	$request->setRequestFormat($format);	8✔
75	$apiOperation = $this->initializeOperation($request);	8✔
76
77	// TODO: add configuration flag to:
78	// - always use symfony error handler (skips this listener)
79	// - use symfony error handler if it's not an api error, ie apiOperation is null
80	// - use api platform to handle errors (the default behavior we handle firewall errors for example but they're out of our scope)
81
82	// Let the error handler take this we don't handle HTML nor non-api platform requests
83	if ('html' === $format) {	8✔
84	$this->controller = 'error_controller';	×
85
86	return parent::duplicateRequest($exception, $request);	×
87	}
88
89	$legacy = $apiOperation ? ($apiOperation->getExtraProperties()['rfc_7807_compliant_errors'] ?? false) : $this->problemCompliantErrors;	8✔
90
91	if (!$this->problemCompliantErrors \|\| !$legacy) {	8✔
92	// TODO: deprecate in API Platform 3.3
93	$this->controller = 'api_platform.action.exception';	4✔
94	$dup = parent::duplicateRequest($exception, $request);	4✔
95	$dup->attributes->set('_api_operation', $apiOperation);	4✔
96	$dup->attributes->set('_api_exception_action', true);	4✔
97
98	return $dup;	4✔
99	}
100
101	if ($this->debug) {	4✔
102	$this->logger?->error('An exception occured, transforming to an Error resource.', ['exception' => $exception, 'operation' => $apiOperation]);	4✔
103	}
104
105	$dup = parent::duplicateRequest($exception, $request);	4✔
106	$operation = $this->initializeExceptionOperation($request, $exception, $format, $apiOperation);	4✔
107
108	if (null === $operation->getProvider()) {	4✔
UNCOV 109	$operation = $operation->withProvider('api_platform.state.error_provider');	×
110	}
111
112	$normalizationContext = $operation->getNormalizationContext() ?? [];	4✔
113	if (!($normalizationContext['api_error_resource'] ?? false)) {	4✔
114	$normalizationContext += ['api_error_resource' => true];	4✔
115	}
116
117	if (!isset($normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES])) {	4✔
118	$normalizationContext[AbstractObjectNormalizer::IGNORED_ATTRIBUTES] = ['trace', 'file', 'line', 'code', 'message', 'traceAsString'];	4✔
119	}
120
121	$operation = $operation->withNormalizationContext($normalizationContext);	4✔
122
123	$dup->attributes->set('_api_resource_class', $operation->getClass());	4✔
124	$dup->attributes->set('_api_previous_operation', $apiOperation);	4✔
125	$dup->attributes->set('_api_operation', $operation);	4✔
126	$dup->attributes->set('_api_operation_name', $operation->getName());	4✔
127	$dup->attributes->set('exception', $exception);	4✔
128	// These are for swagger
129	$dup->attributes->set('_api_original_route', $request->attributes->get('_route'));	4✔
130	$dup->attributes->set('_api_original_route_params', $request->attributes->get('_route_params'));	4✔
131	$dup->attributes->set('_api_requested_operation', $request->attributes->get('_api_requested_operation'));	4✔
132	$dup->attributes->set('_api_platform_disable_listeners', true);	4✔
133
134	return $dup;	4✔
135	}
136
137	/**
138	* @return array<int, array<class-string, int>>
139	*/
140	private function getOperationExceptionToStatus(Request $request): array
141	{
142	$attributes = RequestAttributesExtractor::extractAttributes($request);	4✔
143
144	if ([] === $attributes) {	4✔
145	return [];	4✔
146	}
147
148	$resourceMetadataCollection = $this->resourceMetadataCollectionFactory->create($attributes['resource_class']);	×
UNCOV 149	$operation = $resourceMetadataCollection->getOperation($attributes['operation_name'] ?? null);	×
150
NEW 151	if (!$operation instanceof HttpOperation) {	×
NEW 152	return [];	×
153	}
154
UNCOV 155	$exceptionToStatus = [$operation->getExceptionToStatus() ?: []];	×
156
157	foreach ($resourceMetadataCollection as $resourceMetadata) {	×
158	/* @var \ApiPlatform\Metadata\ApiResource; $resourceMetadata */
159	$exceptionToStatus[] = $resourceMetadata->getExceptionToStatus() ?: [];	×
160	}
161
162	return array_merge(...$exceptionToStatus);	×
163	}
164
165	private function getStatusCode(?HttpOperation $apiOperation, Request $request, ?HttpOperation $errorOperation, \Throwable $exception): int
166	{
167	$exceptionToStatus = array_merge(	4✔
168	$this->exceptionToStatus,	4✔
169	$apiOperation ? $apiOperation->getExceptionToStatus() ?? [] : $this->getOperationExceptionToStatus($request),	4✔
170	$errorOperation ? $errorOperation->getExceptionToStatus() ?? [] : []	4✔
171	);	4✔
172
173	foreach ($exceptionToStatus as $class => $status) {	4✔
174	if (is_a($exception::class, $class, true)) {	4✔
175	return $status;	×
176	}
177	}
178
179	if ($exception instanceof SymfonyHttpExceptionInterface) {	4✔
180	return $exception->getStatusCode();	4✔
181	}
182
UNCOV 183	if ($exception instanceof ProblemExceptionInterface && $status = $exception->getStatus()) {	×
UNCOV 184	return $status;	×
185	}
186
UNCOV 187	if ($exception instanceof HttpExceptionInterface) {	×
188	return $exception->getStatusCode();	×
189	}
190
UNCOV 191	if ($exception instanceof RequestExceptionInterface) {	×
192	return 400;	×
193	}
194
UNCOV 195	if ($exception instanceof ValidationException) {	×
196	return 422;	×
197	}
198
UNCOV 199	if ($status = $errorOperation?->getStatus()) {	×
UNCOV 200	return $status;	×
201	}
202
203	return 500;	×
204	}
205
206	private function getFormatOperation(?string $format): string
207	{
208	return match ($format) {	4✔
209	'json' => '_api_errors_problem',	4✔
210	'jsonproblem' => '_api_errors_problem',	4✔
211	'jsonld' => '_api_errors_hydra',	4✔
212	'jsonapi' => '_api_errors_jsonapi',	4✔
213	'html' => '_api_errors_problem', // This will be intercepted by the SwaggerUiProvider	4✔
214	default => '_api_errors_problem'	4✔
215	};	4✔
216	}
217
218	private function initializeExceptionOperation(?Request $request, \Throwable $exception, string $format, ?HttpOperation $apiOperation): Operation
219	{
220	if (!$this->resourceMetadataCollectionFactory) {	4✔
NEW 221	$operation = new ErrorOperation(	×
NEW 222	name: '_api_errors_problem',	×
NEW 223	class: Error::class,	×
NEW 224	outputFormats: ['jsonld' => ['application/problem+json']],	×
NEW 225	normalizationContext: ['groups' => ['jsonld'], 'skip_null_values' => true]	×
NEW 226	);	×
227
NEW 228	return $operation->withStatus($this->getStatusCode($apiOperation, $request, $operation, $exception));	×
229	}
230
231	if ($this->resourceClassResolver?->isResourceClass($exception::class)) {	4✔
NEW 232	$resourceCollection = $this->resourceMetadataCollectionFactory->create($exception::class);	×
233
NEW 234	$operation = null;	×
235	// TODO: move this to ResourceMetadataCollection?
NEW 236	foreach ($resourceCollection as $resource) {	×
NEW 237	foreach ($resource->getOperations() as $op) {	×
NEW 238	foreach ($op->getOutputFormats() as $key => $value) {	×
NEW 239	if ($key === $format) {	×
NEW 240	$operation = $op;	×
NEW 241	break 3;	×
242	}
243	}
244	}
245	}
246
247	// No operation found for the requested format, we take the first available
NEW 248	$operation ??= $resourceCollection->getOperation();	×
249
NEW 250	if ($exception instanceof ProblemExceptionInterface && $operation instanceof HttpOperation) {	×
NEW 251	return $operation->withStatus($this->getStatusCode($apiOperation, $request, $operation, $exception));	×
252	}
253
NEW 254	return $operation;	×
255	}
256
257	// Create a generic, rfc7807 compatible error according to the wanted format
258	$operation = $this->resourceMetadataCollectionFactory->create(Error::class)->getOperation($this->getFormatOperation($format));	4✔
259	// status code may be overriden by the exceptionToStatus option
260	$statusCode = 500;	4✔
261	if ($operation instanceof HttpOperation) {	4✔
262	$statusCode = $this->getStatusCode($apiOperation, $request, $operation, $exception);	4✔
263	$operation = $operation->withStatus($statusCode);	4✔
264	}
265
266	return $operation;	4✔
267	}
268	}

api-platform / core / 7582727293

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous