fix(doctrine): iri converter injection in search filter (#4688)

* fix(doctrine): iri converter injection in search filter

* fix: cass aliases for backward compatibility

* fix: phpunit as dev dependency

* revert: install phpunit

* try not loading the class?

* try not loading the class?

* try not loading the class?

* fix: typo in class name and xml identation

* fix: rename misleading file

* fix(metada): add aliases for backward compatibility

* fix: load yaml bc metadata if installed

* tes

* move service declarations

* fix: test case classes

* deprec and alias

* fix iri_converter

* temp

* fix searchfilter

* fix tests

* fix graphql not installed

* fixes

* fixes

Co-authored-by: emmanuel <[email protected]>

Author: soyuka

composer.json

@@ -38,8 +38,8 @@
         "doctrine/mongodb-odm": "^2.2",
         "doctrine/mongodb-odm-bundle": "^4.0",
         "doctrine/orm": "^2.6.4",
-        "friends-of-behat/mink-browserkit-driver": "^1.3.1",
         "elasticsearch/elasticsearch": "^7.11.0",
+        "friends-of-behat/mink-browserkit-driver": "^1.3.1",
         "friends-of-behat/mink-extension": "^2.2",
         "friends-of-behat/symfony-extension": "^2.1",
         "guzzlehttp/guzzle": "^6.0 || ^7.0",

phpunit.xml.dist

@@ -29,13 +29,12 @@
             <directory>features</directory>
             <directory>tests</directory>
             <directory>vendor</directory>
-            <directory>src/Bridge/NelmioApiDoc</directory>
-            <directory>src/Bridge/FosUser</directory>
-            <directory>src/Bridge/Symfony/Maker/Resources/skeleton</directory>
-            <directory>src/Core/Bridge/Rector</directory>
+            <directory>src/Core/Bridge/NelmioApiDoc</directory>
+            <directory>src/Core/Bridge/FosUser</directory>
+            <directory>src/Core/Bridge/Symfony/Maker/Resources/skeleton</directory>
             <file>.php-cs-fixer.dist.php</file>
-            <file>src/Symfony/Bundle/DependencyInjection/ApiPlatformExtension.php</file>
             <file>src/Symfony/Bundle/Test/Constraint/ArraySubsetLegacy.php</file>
+            <file>src/Core/Bridge/Symfony/Bundle/Test/Constraint/ArraySubsetLegacy.php</file>
         </exclude>
     </coverage>
 

src/Core/Api/FilterInterface.php renamed to src/Api/FilterInterface.php

@@ -11,7 +11,7 @@
 
 declare(strict_types=1);
 
-namespace ApiPlatform\Core\Api;
+namespace ApiPlatform\Api;
 
 /**
  * Filters applicable on a resource.

src/Api/FilterLocatorTrait.php

@@ -14,7 +14,6 @@
 namespace ApiPlatform\Api;
 
 use ApiPlatform\Core\Api\FilterCollection;
-use ApiPlatform\Core\Api\FilterInterface;
 use ApiPlatform\Exception\InvalidArgumentException;
 use Psr\Container\ContainerInterface;
 

src/Core/Api/ResourceClassResolverInterface.php renamed to src/Api/ResourceClassResolverInterface.php

@@ -11,7 +11,7 @@
 
 declare(strict_types=1);
 
-namespace ApiPlatform\Core\Api;
+namespace ApiPlatform\Api;
 
 use ApiPlatform\Exception\InvalidArgumentException;
 

src/Core/Annotation/ApiFilter.php

@@ -13,7 +13,7 @@
 
 namespace ApiPlatform\Core\Annotation;
 
-use ApiPlatform\Core\Api\FilterInterface;
+use ApiPlatform\Api\FilterInterface;
 use ApiPlatform\Exception\InvalidArgumentException;
 
 /**

src/Core/Bridge/Doctrine/MongoDbOdm/Filter/SearchFilter.php

@@ -0,0 +1,223 @@
+<?php
+
+/*
+ * This file is part of the API Platform project.
+ *
+ * (c) Kévin Dunglas <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace ApiPlatform\Core\Bridge\Doctrine\MongoDbOdm\Filter;
+
+use ApiPlatform\Core\Api\IdentifiersExtractorInterface;
+use ApiPlatform\Core\Api\IriConverterInterface;
+use ApiPlatform\Core\Exception\InvalidArgumentException;
+use ApiPlatform\Doctrine\Common\Filter\SearchFilterInterface;
+use ApiPlatform\Doctrine\Common\Filter\SearchFilterTrait;
+use ApiPlatform\Doctrine\Odm\Filter\AbstractFilter;
+use Doctrine\ODM\MongoDB\Aggregation\Builder;
+use Doctrine\ODM\MongoDB\Mapping\ClassMetadata as MongoDBClassMetadata;
+use Doctrine\ODM\MongoDB\Types\Type as MongoDbType;
+use Doctrine\Persistence\ManagerRegistry;
+use Doctrine\Persistence\Mapping\ClassMetadata;
+use MongoDB\BSON\Regex;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\PropertyAccess\PropertyAccess;
+use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
+use Symfony\Component\Serializer\NameConverter\NameConverterInterface;
+
+/**
+ * Filter the collection by given properties.
+ *
+ * @experimental
+ *
+ * @author Kévin Dunglas <[email protected]>
+ * @author Alan Poulain <[email protected]>
+ */
+final class SearchFilter extends AbstractFilter implements SearchFilterInterface
+{
+    use SearchFilterTrait;
+
+    public const DOCTRINE_INTEGER_TYPE = [MongoDbType::INTEGER, MongoDbType::INT];
+
+    public function __construct(ManagerRegistry $managerRegistry, IriConverterInterface $iriConverter, IdentifiersExtractorInterface $identifiersExtractor, PropertyAccessorInterface $propertyAccessor = null, LoggerInterface $logger = null, array $properties = null, NameConverterInterface $nameConverter = null)
+    {
+        parent::__construct($managerRegistry, $logger, $properties, $nameConverter);
+
+        $this->iriConverter = $iriConverter;
+        $this->propertyAccessor = $propertyAccessor ?: PropertyAccess::createPropertyAccessor();
+        $this->identifiersExtractor = $identifiersExtractor;
+    }
+
+    protected function getIriConverter(): IriConverterInterface
+    {
+        return $this->iriConverter;
+    }
+
+    protected function getPropertyAccessor(): PropertyAccessorInterface
+    {
+        return $this->propertyAccessor;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function filterProperty(string $property, $value, Builder $aggregationBuilder, string $resourceClass, string $operationName = null, array &$context = [])
+    {
+        if (
+            null === $value ||
+            !$this->isPropertyEnabled($property, $resourceClass) ||
+            !$this->isPropertyMapped($property, $resourceClass, true)
+        ) {
+            return;
+        }
+
+        $matchField = $field = $property;
+
+        $values = $this->normalizeValues((array) $value, $property);
+        if (null === $values) {
+            return;
+        }
+
+        $associations = [];
+        if ($this->isPropertyNested($property, $resourceClass)) {
+            [$matchField, $field, $associations] = $this->addLookupsForNestedProperty($property, $aggregationBuilder, $resourceClass);
+        }
+
+        $caseSensitive = true;
+        $strategy = $this->properties[$property] ?? self::STRATEGY_EXACT;
+
+        // prefixing the strategy with i makes it case insensitive
+        if (0 === strpos($strategy, 'i')) {
+            $strategy = substr($strategy, 1);
+            $caseSensitive = false;
+        }
+
+        /** @var MongoDBClassMetadata */
+        $metadata = $this->getNestedMetadata($resourceClass, $associations);
+
+        if ($metadata->hasField($field) && !$metadata->hasAssociation($field)) {
+            if ('id' === $field) {
+                $values = array_map([$this, 'getIdFromValue'], $values);
+            }
+
+            if (!$this->hasValidValues($values, $this->getDoctrineFieldType($property, $resourceClass))) {
+                $this->logger->notice('Invalid filter ignored', [
+                    'exception' => new InvalidArgumentException(sprintf('Values for field "%s" are not valid according to the doctrine type.', $field)),
+                ]);
+
+                return;
+            }
+
+            $this->addEqualityMatchStrategy($strategy, $aggregationBuilder, $field, $matchField, $values, $caseSensitive, $metadata);
+
+            return;
+        }
+
+        // metadata doesn't have the field, nor an association on the field
+        if (!$metadata->hasAssociation($field)) {
+            return;
+        }
+
+        $values = array_map([$this, 'getIdFromValue'], $values);
+        $doctrineTypeField = $this->getDoctrineFieldType($property, $resourceClass);
+
+        if (null !== $this->identifiersExtractor) {
+            $associationResourceClass = $metadata->getAssociationTargetClass($field);
+            $associationFieldIdentifier = $this->identifiersExtractor->getIdentifiersFromResourceClass($associationResourceClass)[0];
+            $doctrineTypeField = $this->getDoctrineFieldType($associationFieldIdentifier, $associationResourceClass);
+        }
+
+        if (!$this->hasValidValues($values, $doctrineTypeField)) {
+            $this->logger->notice('Invalid filter ignored', [
+                'exception' => new InvalidArgumentException(sprintf('Values for field "%s" are not valid according to the doctrine type.', $property)),
+            ]);
+
+            return;
+        }
+
+        $this->addEqualityMatchStrategy($strategy, $aggregationBuilder, $field, $matchField, $values, $caseSensitive, $metadata);
+    }
+
+    /**
+     * Add equality match stage according to the strategy.
+     *
+     * @param mixed $values
+     */
+    private function addEqualityMatchStrategy(string $strategy, Builder $aggregationBuilder, string $field, string $matchField, $values, bool $caseSensitive, ClassMetadata $metadata): void
+    {
+        $inValues = [];
+        foreach ($values as $inValue) {
+            $inValues[] = $this->getEqualityMatchStrategyValue($strategy, $field, $inValue, $caseSensitive, $metadata);
+        }
+
+        $aggregationBuilder
+            ->match()
+            ->field($matchField)
+            ->in($inValues);
+    }
+
+    /**
+     * Get equality match value according to the strategy.
+     *
+     * @param mixed $value
+     *
+     * @throws InvalidArgumentException If strategy does not exist
+     *
+     * @return Regex|string
+     */
+    private function getEqualityMatchStrategyValue(string $strategy, string $field, $value, bool $caseSensitive, ClassMetadata $metadata)
+    {
+        $type = $metadata->getTypeOfField($field);
+
+        if (!MongoDbType::hasType($type)) {
+            return $value;
+        }
+        if (MongoDbType::STRING !== $type) {
+            return MongoDbType::getType($type)->convertToDatabaseValue($value);
+        }
+
+        $quotedValue = preg_quote($value);
+
+        switch ($strategy) {
+            case null:
+            case self::STRATEGY_EXACT:
+                return $caseSensitive ? $value : new Regex("^$quotedValue$", 'i');
+            case self::STRATEGY_PARTIAL:
+                return new Regex($quotedValue, $caseSensitive ? '' : 'i');
+            case self::STRATEGY_START:
+                return new Regex("^$quotedValue", $caseSensitive ? '' : 'i');
+            case self::STRATEGY_END:
+                return new Regex("$quotedValue$", $caseSensitive ? '' : 'i');
+            case self::STRATEGY_WORD_START:
+                return new Regex("(^$quotedValue.*|.*\s$quotedValue.*)", $caseSensitive ? '' : 'i');
+            default:
+                throw new InvalidArgumentException(sprintf('strategy %s does not exist.', $strategy));
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getType(string $doctrineType): string
+    {
+        switch ($doctrineType) {
+            case MongoDbType::INT:
+            case MongoDbType::INTEGER:
+                return 'int';
+            case MongoDbType::BOOL:
+            case MongoDbType::BOOLEAN:
+                return 'bool';
+            case MongoDbType::DATE:
+                return \DateTimeInterface::class;
+            case MongoDbType::FLOAT:
+                return 'float';
+        }
+
+        return 'string';
+    }
+}