I have a trait that uses accessors and mutators to encrypt model values:
trait Encryptable
{
public function getAttribute($key)
{
$value = parent::getAttribute($key);
if (in_array($key, $this->encryptable)) {
$value = Crypt::decrypt($value);
return $value;
} else {
return $value;
}
}
public function setAttribute($key, $value)
{
if (in_array($key, $this->encryptable)) {
$value = Crypt::encrypt($value);
}
return parent::setAttribute($key, $value);
}
}
Comments Model
protected $fillable = ['content','user_id','commentable_id', 'commentable_type'];
protected $encryptable = [
'content'
];
CommentController
public function storePostComment(Request $request, Post $Post)
{
$this->validate($request, [
'content' => 'required',
]);
$comment = $post->comments()->create([
'user_id' => auth()->user()->id,
'content' => $request->content
]);
dd($comment->content);
//return new CommentResource($comment);
}
What's happening is that when I pass the return new CommentResource($comment); gives me the comments content encrypted, but dd($comment->content); decrypts the comments content. How do I decrypt the entire comment object so I can output it in a resource?
Edit For CommentResource
class CommentResource extends JsonResource
{
/**
* Transform the resource into an array.
*
* #param \Illuminate\Http\Request $request
* #return array
*/
public function toArray($request)
{
return [
'id' => $this->id,
'content' => $this->content,
'owner' => $this->owner,
];
}
}
Edit 2 for answer
Here's my attempt:
use App\Comment;
namespace App\Http\Resources;
use Illuminate\Http\Resources\Json\JsonResource;
class CommentResource extends JsonResource
{
public function __construct(Comment $resource)
{
$this->resource = $resource;
}
/**
* Transform the resource into an array.
*
* #param \Illuminate\Http\Request $request
* #return array
*/
public function toArray($request)
{
return [
'id' => $this->id,
'content' => $this->content,
'owner' => $this->owner,
];
}
}
Error:
Argument 1 passed to App\Http\Resources\CommentResource::__construct() must be an instance of App\Http\Resources\Comment, instance of App\Comment given, called in /Applications/MAMP/htdocs/my-app/app/Http/Controllers/Api/CommentController.php on line 31
Edit 3 (final edit)
Here's what I figured out:
I tried a bunch of various combinations along with #Edwin Krause answer. I have another model using this encryptable trait and outputting in a resource that works fine.
To give a bit more context to this question I found out there was a problem using assertJsonFragment in a test:
CommentsTest
/* #test **/
public function a_user_can_comment_on_a_post()
{
$decryptedComment = ['content'=>'A new content']
$response = $this->json('POST', '/api/comment/' . $post->id, $decryptedComment);
$response->assertStatus(201);
$response->assertJsonStructure([
'data' => [
'owner',
'content'
]
])
->assertJsonFragment(['content' => $decryptedContent['content']]);
}
assertJsonFragment was returning the encrypted content and therefore failing because it was being tested against the decrypted comments content.
I used dd(new CommentResource($comment)); in the controller to check to see if it the content was decrypting, it wasn't.
I tried various different things trouble shooting with dd() in the controller method and even testing in the browser. Still nothing. I added #Edwin Krause code and still nothing on dd()
I finally got lucky and got rid of dd() with #Edwin Krause and changing my controller to:
Working code combined with #Edwin Krause answer in my CommentResource
$comment = Comment::create([
'user_id' => auth()->user()->id,
'content' => $request->content,
'commentable_type' => 'App\Post',
'commentable_id' => $post->id,
]);
return new CommentResource($comment);
The tests went green. I tried dd(new CommentResource($comment)); and the content was encrypted still. The content output on the broweser and assertJsonFragment worked. I must've tried so many combinations to try and figure this out and I kind of just got lucky.
I'm unsure as to why this is the way it is, but I've already spent hours on this, so I can't troubleshoot why it's breaking. Maybe someone else can.
Just a suggestion to try and override the constructor of the JsonResource and typecast the $resource parameter to your Modelclass.
It work's for other things, not sure if it fixes your issue, that needs to be tested
namespace App\Http\Resources;
use Illuminate\Http\Resources\Json\JsonResource;
use App\Comment;
class CommentResource extends JsonResource
{
public function __construct(Comment $resource)
{
$this->resource = $resource;
$this->resource->content = $resource->content;
}
....
Edit:
I Played around a bit more with the constructor and the modified version should actually work. I don't have any encrypted data to play with, but logically this should work.
Related
I'm a little bit confused to how I can store data in my api controller,
My json looks like this:
[
{ a: 1 },
{ a: 2 }
]
I have my rules
$rules = [
'*.a' => 'required',
];
I have my validation
$validator = Validator::make($request->all(), $rules);
if ($validator->fails()) {
$error = $validator->messages()->toJson();
return response($error, 200);
}
and now there's my "problem": I would like to make a cleaner code.
My old option was pass the request->all() to a variable , json decode the contenent and make a foreach cycle to store data as here:
foreach ($datas as $data) {
$data = new rawData([
'a' => $data->a,
]);
$newrawData->save();
}
can I do a cleaner thing?? and How?
You can put your validation logic in a custom form request validator.
First, create the validator
php artisan make:request ExampleRequest
You can find the newly created a new class in app/Http/Requests/ExampleRequest.php and you can add your rules as follows
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class ExampleRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*
* #return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* #return array
*/
public function rules()
{
return [
'*.a' => 'required',
];
}
}
Now your controller method/action will not be executed unless the request passes the validation rules. you can use it in your controller method as follows:
In app/Http/Controllers/ExampleController.php
public function store(ExampleRequest $request)
{
// Your normal code.
}
that looks quite good. There is only one small thing I would have done differently. But it's a matter of taste.
foreach ($datas as $data) {
rawData::create($data->toArray());
}
And you can you use the request object directly to validate. or you implement an custom Request Object what you pass as parameter in your function.
$request->validate([
'*.a' => 'required',
]);
Right now I'm using Laravel 8.26 and Pusher 4.1.
This is my event:
class NotifSeller implements ShouldBroadcast
{
use Dispatchable, InteractsWithSockets, SerializesModels;
public $fields;
public function __construct($fields)
{
$this->fields = $fields->toArray();
}
/**
* Get the channels the event should broadcast on.
*
* #return \Illuminate\Broadcasting\Channel|array
*/
public function broadcastOn()
{
// return new PrivateChannel('notif-seller.'.$this->fields->seller_id);
return new PrivateChannel('notif-seller.'.$this->fields->seller_id);
}
public function broadcastWith()
{
$message = $this->fields;
return $message;
}
}
And this is my controller:
$t = new Transaksi();
$t->item_id = $request->item_id;
$t->seller_id = $request->seller_id;
$t->buyer_id = $request->buyer_id;
$t->category = 'merchandise';
$t->amount = $request->amount;
$t->save();
event(new NotifSeller($t));
return redirect()->back()->with('status', 'Success');
and it will show an error message
array_merge(): Expected parameter 1 to be an array, object given
Did I have wrong code here? I checked so many tutorial, in their tutorial they can use collection as event parameter, but when I tried it, it turn like this.
Sorry if my English is bad, I'm not an English native and this is my first time asking a question on Stack Overflow, so I hope you can understand this. Thanks in advance.
Most likely because you are using SerializesModels Laravel tries to serialize your public $fields; prop because it contains a model.
Different potential solutions:
Try typing the prop public array $fields;
Save the entire model there public Transaksi $fields;
Remove SerializesModels trait, technically not needed.
You can transform a collection to array by calling (chaining) the toArray() method in Laravel.
For example:
$collection = collect(['name' => 'Desk', 'price' => 200]);
$array = $collection->toArray();
Or
$array = collect(['name' => 'Desk', 'price' => 200])->toArray();
/* result
[
['name' => 'Desk', 'price' => 200],
]
*/
I'm trying to validate a POST request using Laravel's FormRequest.
The customer is submitting an order, which has an array of items. We are requiring the user to indicate whether the item needs special_delivery only if the asking_price > 500 and the quantity > 10.
The following are my intended rules:
public function rules() {
'customer_id' => 'required|integer|exists:customers,id',
'items' => 'required|array',
'items.*.name' => 'required|string',
'items.*.asking_price' => 'required|numeric',
'items.*.quantity' => 'required|numeric',
'items.*.special_delivery' // required if price > 500 && quantity > 10
}
I've attempted to do something along these lines:
Rule::requiredIf($this->input('item.*.asking_price') > 500 && $this->input('item.*.quantity' > 10));
The problem with this is that I can't find a way to access the current items iteration index to indicate which item to validate against.
I also tried the following custom validation:
function ($attribute, $value, $fail) {
preg_match('/\d+/', $attribute, $m);
$askingPrice = $this->input('items')[$m[0]]['asking_price'];
$quantity= $this->input('items')[$m[0]]['quantity'];
if ($askingPrice > 500 && $quantity > 10) {
$fail("$attribute is required");
}
}
Although this function gives me access to the current $attribute,the problem is that it will only run if special_delivery exists. Which defeats the entire purpose!
Any help will be much appreciated!
Thank you!
I might've come up with a solution to your problem, a index aware sometimes if you so will.
Since it's unfortunately not possible to add macros to the Validator, you would either have to override the validation factory (that's what I suggest) and use your own custom validation class or make a helper function based off the method, pass the Validator instance as an additional parameter and use this instead of $this.
Sauce first: the indexAwareSometimes validation function
function indexAwareSometimes(
\Illuminate\Contracts\Validation\Validator $validator,
string $parent,
$attribute,
$rules,
\Closure $callback
) {
foreach (Arr::get($validator->getData(), $parent) as $index => $item) {
if ($callback($validator->getData(), $index)) {
foreach ((array) $attribute as $key) {
$path = $parent.'.'.$index.'.'.$key;
$validator->addRules([$path => $rules]);
}
}
}
}
A lot of inspiration obviously came from the sometimes method and not much has changed. We're basically iterating through the array (the $parent array, in your case items) containing all our other arrays (items.*) with actual data to validate and adding the $rules (required) to $attribute (special_delivery) in the current index if $callback evaluates to true.
The callback closure requires two parameters, first being the form $data of your parent validation instance, retrieved by Validator::getData(), second the $index the outer foreach was at the time it called the callback.
In your case the usage of the function would look a little like this:
use Illuminate\Support\Arr;
class YourFormRequest extends FormRequest
{
public function rules()
{
return [
'customer_id' => 'required|integer|exists:customers,id',
'items' => 'required|array',
'items.*.name' => 'required|string',
'items.*.asking_price' => 'required|numeric',
'items.*.quantity' => 'required|numeric',
];
}
public function getValidatorInstance()
{
$validator = parent::getValidatorInstance();
indexAwareSometimes(
$validator,
'items',
'special_delivery',
'required',
fn ($data, $index) => Arr::get($data, 'items.'.$index.'.asking_price') > 500 &&
Arr::get($data, 'items.'.$index.'.quantity') > 10
);
}
}
Extending the native Validator class
Extending Laravel's native Validator class isn't as hard as it sounds. We're creating a custom ValidationServiceProvider and inherit Laravel's Illuminate\Validation\ValidationServiceProvider as a parent. Only the registerValidationFactory method needs to be replaced by a copy of it where we specify our custom Validator resolver that should be used by the factory instead:
<?php
namespace App\Providers;
use App\Validation\CustomValidator;
use Illuminate\Contracts\Translation\Translator;
use Illuminate\Validation\Factory;
use Illuminate\Validation\ValidationServiceProvider as ParentValidationServiceProvider;
class ValidationServiceProvider extends ParentValidationServiceProvider
{
protected function registerValidationFactory(): void
{
$this->app->singleton('validator', function ($app) {
$validator = new Factory($app['translator'], $app);
$resolver = function (
Translator $translator,
array $data,
array $rules,
array $messages = [],
array $customAttributes = []
) {
return new CustomValidator($translator, $data, $rules, $messages, $customAttributes);
};
$validator->resolver($resolver);
if (isset($app['db'], $app['validation.presence'])) {
$validator->setPresenceVerifier($app['validation.presence']);
}
return $validator;
});
}
}
The custom validator inherits Laravel's Illuminate\Validation\Validator and adds the indexAwareSometimes method:
<?php
namespace App\Validation;
use Closure;
use Illuminate\Support\Arr;
use Illuminate\Validation\Validator;
class CustomValidator extends Validator
{
/**
* #param string $parent
* #param string|array $attribute
* #param string|array $rules
* #param Closure $callback
*/
public function indexAwareSometimes(string $parent, $attribute, $rules, Closure $callback)
{
foreach (Arr::get($this->data, $parent) as $index => $item) {
if ($callback($this->data, $index)) {
foreach ((array) $attribute as $key) {
$path = $parent.'.'.$index.'.'.$key;
$this->addRules([$path => $rules]);
}
}
}
}
}
Then we just need to replace Laravel's Illuminate\Validation\ValidationServiceProvider with your own custom service provider in config/app.php and you're good to go.
It even works with Barry vd. Heuvel's laravel-ide-helper package.
return [
'providers' => [
//Illuminate\Validation\ValidationServiceProvider::class,
App\Providers\ValidationServiceProvider::class,
]
]
Going back to the example above, you only need to change the getValidatorInstance() method of your form request:
public function getValidatorInstance()
{
$validator = parent::getValidatorInstance();
$validator->indexAwareSometimes(
'items',
'special_delivery',
'required',
fn ($data, $index) => Arr::get($data, 'items.'.$index.'.asking_price') > 500 &&
Arr::get($data, 'items.'.$index.'.quantity') > 10
);
}
I have this test in my feature folder and I've imported model on top of the class but it keeps failing and I think $event is null!
namespace Tests\Feature\Events;
use App\Models\Event;
use Tests\TestCase;
use Illuminate\Foundation\Testing\RefreshDatabase;
class EventManagementTest extends TestCase
{
use RefreshDatabase;
/**
* #test
* #group event
* A basic feature test to check event registration
*
*/
public function an_event_can_be_registered()
{
$this->withoutExceptionHandling();
$response = $this->post('/events',$this->data());
$event = Event::first();
$this->assertCount(1,Event::all());
$response->assertRedirect('/events/' . $event->event_id);
}
private function data()
{
return[
'event_title' => 'Internet Businesses',
'event_location' => 'Milad Tower',
'event_description' => 'In this event Amin will present you the most recent methods in Internet Businesses',
'event_start_date' => '2020-06-01',
'event_end_date' => '2020-06-05',
];
}
...
}
And this is the results:
FAIL Tests\Feature\Events\EventManagementTest ✕ an event can be registered
Tests: 1 failed
Failed asserting that two strings are equal.
....
--- Expected
+++ Actual
## ##
-'http://localhost/events/1'
+'http://localhost/events'
these two URIs are different and I think that's because $event is null and I don't know why?!
UPDATE: I've added the Route and the controller:
Route::post('/events','Web\EventsController#store');
and the controller is:
public function store(){
$event = Event::create($this->validateRequest());
return redirect('/events/'.$event->event_id);
}
protected function validateRequest(){
return request()->validate([
'event_title' => 'required',
'event_location' => 'required',
'event_description' => 'required',
'event_start_date' => 'required',
'event_end_date' => 'required',
]);
}
Your do not use the standard primary id column, therefor you need to define it in your model. If it is not defined, it will not set it on create().
class Event extends Model {
protected $primaryKey = 'event_id';
}
I've built a simple form model & view, a simple AR model, and a simple controller. The form model assigns the correct values to the AR instance, but when I call save(), none of those values are saved in the DB. Any ideas?
The form model:
<?php
namespace app\models;
use Yii;
use yii\base\Model;
class PromptForm extends Model
{
public $name;
public $intro;
public $prompt;
public $notes;
public $questions;
public function attributeLabels()
{
return [
'name' => 'Prompt title',
'intro' => 'Intro',
'prompt' => 'Prompt body',
'notes' => 'Closing notes',
'questions' => 'Exploration questions',
];
}
/**
* #return array the validation rules.
*/
public function rules()
{
return [
[['name', 'prompt'], 'required'],
['name', 'filter', 'filter' => 'trim'],
['name', 'string', 'max' => 255],
[['intro', 'prompt', 'notes', 'questions'], 'default'],
];
}
public function post()
{
if ($this->validate()) {
$prompt = new Prompt();
$prompt->name = $this->name;
$prompt->intro = $this->intro;
$prompt->prompt = $this->prompt;
$prompt->notes = $this->notes;
$prompt->questions = $this->questions;
$prompt->author = \Yii::$app->user->getId();
//die(print_r($prompt, TRUE));
$prompt->save();
return $prompt;
}
return null;
}
}
The AR model:
<?php
namespace app\models;
use Yii;
use yii\db\ActiveRecord;
/**
* Prompt is the model behind the prompt item.
*/
class Prompt extends ActiveRecord
{
public $name;
public $intro;
public $prompt;
public $notes;
public $questions;
public $status;
public $author;
public $id;
/**
* #return string the name of the table associated with this ActiveRecord class.
*/
public static function tableName()
{
return 'prompt';
}
/**
* #return array the attribute labels.
*/
public function attributeLabels()
{
return [
'name' => 'Prompt title',
'intro' => 'Intro',
'prompt' => 'Prompt body',
'notes' => 'Closing notes',
'questions' => 'Exploration questions',
'status' => 'Status',
'author' => 'Author ID',
];
}
}
The controller:
<?php
namespace app\controllers;
use Yii;
use yii\filters\AccessControl;
use yii\web\Controller;
use yii\filters\VerbFilter;
use app\models\PromptForm;
use app\models\Prompt;
class PromptsController extends Controller
{
public function actionIndex()
{
// Return a list of all prompts:
return $this->render('index');
}
public function actionNew()
{
if (\Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new PromptForm();
if ($model->load(Yii::$app->request->post())) {
if ($prompt = $model->post()) {
Yii::$app->getSession()->setFlash('success', 'Your prompt was created successfully!');
return $this->goHome();
} else {
Yii::$app->getSession()->setFlash('error', 'Error while submitting your prompt.');
}
}
return $this->render('create', [
'model' => $model,
]);
}
}
Okay, I figured it out. Turns out that if you declare public attributes in your ActiveRecord model, they obscure the automatic attributes that are created by AR. Data gets assigned to your obscuring attributes but doesn't get sent into the database.
The correct AR model should have been simply this:
<?php
namespace app\models;
use Yii;
use yii\db\ActiveRecord;
class Prompt extends ActiveRecord
{
/**
* #return string the name of the table associated with this ActiveRecord class.
*/
public static function tableName()
{
return 'prompt';
}
}
Use
$prompt->save(false);
If that works that means that some validation rule fails.
Try
if ($model->load(Yii::$app->request->post())) {
if ($prompt = $model->post()) {
$model->save()
Yii::$app->getSession()->setFlash('success', 'Your prompt was created successfully!');
return $this->goHome();
} else {
Yii::$app->getSession()->setFlash('error', 'Error while submitting your prompt.');
}
}
In controller, change your if condition as follow :
if ($prompt = $model->post() !== null) {
This will validate that the value which is return is not null.
Your current validation condition is only validating where value is get assigned to variable $prompt or not. And that's why it's always returns true.
I ran across the same problem recently, when I combine the Active Record class with The Model class. Cause I know that AR actually extends Model in Yii2. Why not write less code.So I move the code from the Model to the AR.
$model = new User();
$model->load(Yii::$app->request->post())
But the AR's _attribute didn't get the post data in the form. the form data is actually in a Model object.
object(app\models\User)#39 (12) { ["password"]=> string(6) "google"
["newpass"]=> NULL ["name"]=> string(5) "Jane1" ["email"]=> string(16)
"jane#outlook.com" ["_attributes":"yii\db\BaseActiveRecord":private]=>
array(2) { ["password_hash"]=> string(60)
"$2y$13$.vNKpmosLjW/oYAhIezOZOj8rIG6QJvQj8tGHN2x78.75poXVn6Yi"
["auth_key"]=> string(32) "4XggNakVd-oeU28ny7obdw7gOmZJ-Rbu" }
simply delete the public attribute you want mass assign to the AR instance will make it work.
For who is struggling with this problem, I would remember to check the beforeSave method, if present. I mistakenly commented out the return statement.
public function beforeSave($insert)
{
// never toggle comment on this!!!
return parent::beforeSave( $insert);
}
How to Troubleshoot
First thing you should add while developing to your _form.php is errorSummary():
<?php $form = ActiveForm::begin(); ?>
// Some input fields
...
<?= $form->errorSummary($model); ?> // <--- Add this
...
<?php ActiveForm::end(); ?>
Simplify
Why not use scenarios instead if there is some minimal variation form to form:
In your model:
public function rules()
{
return [
[['field_1'], 'required', 'on' => self::SCENARIO_ADD], // only on add
[['field_2'], 'required', 'on' => self::SCENARIO_UPDATE], // only on update
[['field_3', 'field_4'], 'required'], // required all the time
];
}
In your controller:
public function actionAdd()
{
$model = new Model();
$model->scenario = Model::SCENARIO_ADD;
if ($model->load(Yii::$app->request->post())) {
return $this->redirect(['view', 'id' => $model->id]);
}
return $this->render('add', ['model' => $model]);
}
Behaviors
Alternatively, rather than assign the user directly in your model, you could use a behavior like so:
https://www.yiiframework.com/doc/api/2.0/yii-behaviors-blameablebehavior
/**
* {#inheritdoc}
*/
public function behaviors()
{
return [
[
'class' => \yii\behaviors\BlameableBehavior::className(),
'value' => Yii::$app->user->identity->username,
],
[
'class' => \yii\behaviors\TimestampBehavior::className(),
'value' => new \yii\db\Expression('NOW()'),
],
[
'class' => 'sammaye\audittrail\LoggableBehavior',
'userAttribute' => 'updated_by', //blameable attribute of the current model.
'ignored' => ['updated_by', 'updated_at'], // This ignores fields from a selection of all fields, not needed with allowed
],
];
}