GraphQl-如何将当前用户添加到对象
我正试图将当前用户添加到一个GraphQl-如何将当前用户添加到对象,graphql,symfony4,api-platform.com,Graphql,Symfony4,Api Platform.com,我正试图将当前用户添加到一个create变体中,方法是按照修改graphql阶段 这是一项允许用户阻止消息系统中其他用户的功能,仅供参考 它应满足以下访问控制: “访问控制”=”已被授予(“已完全验证”)且对象为.getBlocker()==用户“ 这意味着阻塞的用户是当前经过身份验证的用户 如果我将上述内容修改为: “访问控制”=“已被授予(“完全认证”)” 通过如下方式装饰反序列化阶段: 应用程序/阶段/反序列化阶段 /** * @param object|null $objectToPo
create
变体中,方法是按照修改graphql阶段
这是一项允许用户阻止消息系统中其他用户的功能,仅供参考
它应满足以下访问控制:
“访问控制”=”已被授予(“已完全验证”)且对象为.getBlocker()==用户“
这意味着阻塞的用户是当前经过身份验证的用户
如果我将上述内容修改为:
“访问控制”=“已被授予(“完全认证”)”
通过如下方式装饰反序列化阶段
:
应用程序/阶段/反序列化阶段
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
<?php
namespace App\Stage;
use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
* @var TokenStorageInterface
*/
private $tokenStorage;
public function __construct(
DeserializeStageInterface $deserializeStage,
TokenStorageInterface $tokenStorage)
{
$this->deserializeStage = $deserializeStage;
$this->tokenStorage = $tokenStorage;
}
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
}
据我所知,为了让它完全满足访问控制的要求,我需要修饰读取阶段
,它位于安全阶段
之前,并将当前经过身份验证的用户插入到对象中
这样,它将满足访问控制的第二部分,即,
和object.getBlocker()==user
我尝试按如下方式执行,但得到了一个NULL
对象:
App/Stage/ReadStage
/**
* @return object|iterable|null
*/
public function __invoke(?string $resourceClass, ?string $rootClass, string $operationName, array $context)
{
$readObject = ($this->readStage)($resourceClass, $rootClass, $operationName, $context);
var_dump($readObject->getBlocked()->getUsername()); // throws error 'method getBlocked on NULL
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$userId = $this->tokenStorage->getToken()->getUser();
$readObject->setBlocker($user);
}
return $readObject;
}
嗯,在重新启动应用程序后,它似乎在
反序列化
阶段正常工作。这可能是缓存或其他方面的问题
我仍然不确定它为什么会在反序列化
阶段工作,也不确定这是否是修改对象的正确位置
在任何情况下,它都能正常工作,所以
因此,我张贴完整的代码供参考
应用程序/阶段/反序列化阶段
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
<?php
namespace App\Stage;
use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
* @var TokenStorageInterface
*/
private $tokenStorage;
public function __construct(
DeserializeStageInterface $deserializeStage,
TokenStorageInterface $tokenStorage)
{
$this->deserializeStage = $deserializeStage;
$this->tokenStorage = $tokenStorage;
}
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
}
嗯,在重新启动应用程序后,它似乎在
反序列化
阶段正常工作。这可能是缓存或其他方面的问题
我仍然不确定它为什么会在反序列化
阶段工作,也不确定这是否是修改对象的正确位置
在任何情况下,它都能正常工作,所以
因此,我张贴完整的代码供参考
应用程序/阶段/反序列化阶段
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
<?php
namespace App\Stage;
use ApiPlatform\Core\GraphQl\Resolver\Stage\DeserializeStageInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
final class DeserializeStage implements DeserializeStageInterface
{
private $deserializeStage;
/**
* @var TokenStorageInterface
*/
private $tokenStorage;
public function __construct(
DeserializeStageInterface $deserializeStage,
TokenStorageInterface $tokenStorage)
{
$this->deserializeStage = $deserializeStage;
$this->tokenStorage = $tokenStorage;
}
/**
* @param object|null $objectToPopulate
*
* @return object|null
*/
public function __invoke($objectToPopulate, string $resourceClass, string $operationName, array $context)
{
// Call the decorated serialized stage (this syntax calls the __invoke method).
$deserializeObject = ($this->deserializeStage)($objectToPopulate, $resourceClass, $operationName, $context);
if ($resourceClass === 'App\Entity\BlockedUser' && $operationName === 'create') {
$user = $this->tokenStorage->getToken()->getUser();
$deserializeObject->setBlocker($user);
}
return $deserializeObject;
}
}