Fatal编程技术网
  • graphql/
  • GraphQl-如何将当前用户添加到对象

GraphQl-如何将当前用户添加到对象

graphql

GraphQl-如何将当前用户添加到对象,graphql,symfony4,api-platform.com,Graphql,Symfony4,Api Platform.com,我正试图将当前用户添加到一个create变体中,方法是按照修改graphql阶段 这是一项允许用户阻止消息系统中其他用户的功能,仅供参考 它应满足以下访问控制: “访问控制”=”已被授予(“已完全验证”)且对象为.getBlocker()==用户“ 这意味着阻塞的用户是当前经过身份验证的用户 如果我将上述内容修改为: “访问控制”=“已被授予(“完全认证”)” 通过如下方式装饰反序列化阶段: 应用程序/阶段/反序列化阶段 /** * @param object|null $objectToPo

我正试图将当前用户添加到一个
create
变体中,方法是按照修改graphql阶段

这是一项允许用户阻止消息系统中其他用户的功能,仅供参考

它应满足以下访问控制:

“访问控制”=”已被授予(“已完全验证”)且对象为.getBlocker()==用户“

这意味着阻塞的用户是当前经过身份验证的用户

如果我将上述内容修改为:

“访问控制”=“已被授予(“完全认证”)”
通过如下方式装饰
反序列化阶段

应用程序/阶段/反序列化阶段

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}

<?php

namespace App\Stage;

use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
 * @var TokenStorageInterface
 */
private $tokenStorage;

public function __construct(
    DeserializeStageInterface $deserializeStage,
    TokenStorageInterface $tokenStorage)
{
    $this->deserializeStage = $deserializeStage;
    $this->tokenStorage = $tokenStorage;
}

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}
}
据我所知,为了让它完全满足访问控制的要求,我需要修饰
读取阶段
,它位于
安全阶段
之前,并将当前经过身份验证的用户插入到对象中

这样,它将满足访问控制的第二部分,即, 
和object.getBlocker()==user

我尝试按如下方式执行,但得到了一个
NULL
对象:

App/Stage/ReadStage

/**
 * @return object|iterable|null
 */
public function __invoke(?string $resourceClass, ?string $rootClass, string $operationName, array $context)
{
    $readObject = ($this->readStage)($resourceClass, $rootClass, $operationName, $context);

    var_dump($readObject->getBlocked()->getUsername()); // throws error 'method getBlocked on NULL

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $userId = $this->tokenStorage->getToken()->getUser();
        $readObject->setBlocker($user);
    }

    return $readObject;
}
嗯,在重新启动应用程序后,它似乎在
反序列化
阶段正常工作。这可能是缓存或其他方面的问题

我仍然不确定它为什么会在
反序列化
阶段工作,也不确定这是否是修改对象的正确位置

在任何情况下,它都能正常工作,所以

因此,我张贴完整的代码供参考

应用程序/阶段/反序列化阶段

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}

<?php

namespace App\Stage;

use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
 * @var TokenStorageInterface
 */
private $tokenStorage;

public function __construct(
    DeserializeStageInterface $deserializeStage,
    TokenStorageInterface $tokenStorage)
{
    $this->deserializeStage = $deserializeStage;
    $this->tokenStorage = $tokenStorage;
}

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}
}
嗯,在重新启动应用程序后,它似乎在
反序列化
阶段正常工作。这可能是缓存或其他方面的问题

我仍然不确定它为什么会在
反序列化
阶段工作,也不确定这是否是修改对象的正确位置

在任何情况下,它都能正常工作,所以

因此,我张贴完整的代码供参考

应用程序/阶段/反序列化阶段

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}

<?php

namespace App\Stage;

use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;

final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
 * @var TokenStorageInterface
 */
private $tokenStorage;

public function __construct(
    DeserializeStageInterface $deserializeStage,
    TokenStorageInterface $tokenStorage)
{
    $this->deserializeStage = $deserializeStage;
    $this->tokenStorage = $tokenStorage;
}

/**
 * @param object|null $objectToPopulate
 *
 * @return object|null
 */
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
    // Call the decorated serialized stage (this syntax calls the __invoke method).
    $deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);

    if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
        $user = $this->tokenStorage->getToken()->getUser();
        $deserializeObject->setBlocker($user);
    }

    return $deserializeObject;
}
}