Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
Working on #2403307: RPC endpoints for user authentication: log in, check login status, log out I need to create a login resource. As discussed with @klausi, in this case, we only need to send the username/pass using post method and probably makes no sense to denormalize/normalize.
Proposed resolution
Avoid denormalization by default and fallback to decode otherwise
Comment | File | Size | Author |
---|---|---|---|
#40 | 2419825-40.patch | 5.11 KB | Wim Leers |
Comments
Comment #1
klausiWell, the deserialization should always happen, right? You just don't need to register a custom normalizer in the serializer chain, but you still want the JSON for example to be converted to arrays. So this should work as is, or do you get an exception?
Comment #2
marthinal CreditAttribution: marthinal commentedYes, I need a serialization_class.
Trying to use directly jsonEncoder:
Not sure if I'm missing something...
Comment #3
marthinal CreditAttribution: marthinal commentedComment #4
klausiso this means that the serialization_class key is now optional in the plugin definition. We should add documentation to the RestResource.php annotation class what keys there are and that this one is optional.
And if it is optional you will get a PHP notice here, because it is not defined in $definition['serialization_class'], correct?
So we should check if serialization_class is set.
And we need a test case here. Either we add one to DBLogResource.php or we create our own simple rest_test module with the test plugin to check this.
Otherwise I do think that this approach is a good idea by just using the decode() method of the serializer.
Comment #5
marthinal CreditAttribution: marthinal commentedUsing "serialization_class" annotation to reproduce the error.
Comment #7
Wim Leers\Drupal\rest\Annotation\RestResource
is not yet updated with this documentation. Marking NW for that.The issue title & summary are also not very descriptive. It'd be great if you could make them more specific/descriptive.
Comment #9
bigjim CreditAttribution: bigjim commentedrerolled for 8.1.x
Comment #10
bigjim CreditAttribution: bigjim commentedforgot attachment ;)
Comment #11
Wim LeersMarking
so testbot tests it.Comment #12
Wim LeersThanks for picking this up again! :)
Here's a review. There are lots and lots of small problems with this patch. Fortunately, they're all super easy to fix :)
80 cols violation.
This example is unclear.
This sentence does not actually make sense.
No service is being enabled here.
There is only one resource. This foreach is overkill.
json
vs.hal_json
I don't think this is necessary anymore.
These comments are all unnecessary. (And each contains grammatical errors.)
Both of these messages actually are more harmful than they help: the assert methods they use already provide far better messages.
Finally, #7 also still needs to be addressed.
Comment #14
Wim LeersComment #15
marthinal CreditAttribution: marthinal commentedThank you Wim! yeah needs love. Finally I have time today to work a little bit on this :)
#10fails because we need to add the resource(
Drupal\rest_test\Plugin\rest\resource\SerializationClassTestResource
)1) Done.
2) Removed.
3) Done.
4) Done.
5) Done.
6) Done.
7) Well, it is necessary. I need to understand why... but sure you have more knowledge about the cache :)
8) Done.
9) Done. Yes, we don't need to add these messages.
#7 still needs to be addressed.
Comment #16
dawehnerLooks great for me. We still need a change record though according to the issue.
Comment #17
Wim LeersLooks much, much better :) Very close to ready IMO. Just a few more small things, then this is RTBC.
Why not use
$this->enableService()
?This should not be necessary?
I'd call this
NoSerializationClassTestResource
.Comment #19
dawehnerIMHO we just just return the array, so that we check arrays as well
Comment #20
Wim Leers#19++
Comment #21
marthinal CreditAttribution: marthinal commentedOk! let's try again
17.1 Done
17.2 Removed
17.3 Done
19 Done
Thanks!!
Comment #22
marthinal CreditAttribution: marthinal commentedComment #24
dawehner@marthinal
You uploaded the wrong patch ...
Comment #25
marthinal CreditAttribution: marthinal commentedOops yeah sorry :)
Comment #26
dawehnerNitpick: Its weird that we use '200' and not 200, but feel free to fix that on commit.
Comment #27
Wim LeersThis is dead code, can be removed.
Nit: s/$array/$data/
Comment #28
alexpott@Wim Leers I can't see the code referred to in #27.1 - what am I missing.
Comment #29
marthinal CreditAttribution: marthinal commented@alexpott #27.1 was fixed in #25 but appears in #21. Ok let's fix these nitpicks
Comment #30
dawehnerThis is perfect for me now
Comment #31
alexpottStill needs a change record
Comment #32
Wim Leers#28: Weird, sorry regarding #27.1, I have no idea how that happened!
#31: agreed, CR is missing. But … that points to another problem in REST's current code:
\Drupal\rest\Annotation\RestResource
doesn't list thisserialization_class
annotation attribute at all. I think this issue should fix that, and then immediately document it on the annotation class as being optional. If you want to see an example of how to do that, see\Drupal\Core\Annotation\Action
.Almost there! :)
Comment #33
dawehnerHere is a CR: https://www.drupal.org/node/2736393
Comment #34
Wim LeersDo we still need this now that the user login functionality will no longer be a REST resource?
Comment #35
dawehnerWell, it won't be longer a blocker (as we already realized) but others kind of code might have the same problem.
Comment #36
Wim LeersFair.
However, that makes this a normal feature request IMO.
Comment #37
dawehnerI would argue its a normal bug.
Comment #38
Wim LeersPrescient words, because #2662284 is now blocked on this, see #2662284-55: Return complete entity after successful PATCH.
Comment #39
Wim LeersThis is an API addition, should go into 8.2.
Comment #40
Wim LeersAll that's missing from this patch is an update to the annotation class, like I said in #32. Adding that brings it back to RTBC. My addition is mind-bogglingly trivial, so I think it's fine to re-RTBC.
Comment #41
alexpottCommitted b3d0a73 and pushed to 8.2.x. Thanks!
Comment #42
Wim LeersWow, that was incredibly fast!
However, the commit has not yet been pushed. Could you do that? :) Thanks!
Comment #44
andypostlooks that backportable to 8.1
Comment #45
Wim Leers#44: but it's an API addition.
It wouldn't harm 8.1 in any way, but we don't do API additions to the current version unless absolutely necessary.