Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 03 13:53
    Travis neomerx/json-api (master) passed (785)
  • Jan 03 13:51

    neomerx on master

    Close #170 (compare)

  • Jan 03 13:44
    Travis neomerx/json-api (develop) fixed (784)
  • Jan 03 13:41

    neomerx on develop

    Close #170 (compare)

  • Jan 03 13:18
    Travis neomerx/json-api (develop) broken (783)
  • Jan 03 13:15

    neomerx on develop

    Close #170 (compare)

  • Dec 25 2019 22:37
    neomerx closed #242
  • Dec 25 2019 22:37
    neomerx commented #242
  • Dec 25 2019 22:37
    neomerx unlabeled #242
  • Dec 25 2019 22:36
    neomerx labeled #242
  • Dec 22 2019 22:37
    neomerx commented #242
  • Dec 22 2019 22:09
    neomerx commented #242
  • Dec 22 2019 22:06
    neomerx reopened #242
  • Dec 22 2019 22:00
    efinder2 closed #242
  • Dec 22 2019 22:00
    efinder2 commented #242
  • Dec 22 2019 21:48
    neomerx commented #242
  • Dec 22 2019 06:01
    efinder2 commented #242
  • Dec 22 2019 06:00
    efinder2 commented #242
  • Dec 22 2019 06:00
    efinder2 commented #242
  • Dec 22 2019 01:33
    neomerx labeled #242
neomerx
@neomerx
@ivaaaan Hi, sorry for Xmas delay in response ) Can you please clarify which your question refers to or open a corresponding issue on github?
JASPER
@ngantingon
@neomerx hi, are there examples for the authorization of flute?
Gourav Sarkar
@Gourav-Sarkar
In insert operation how to convert json-api data to business model?
@neomerx In insert operation how to convert json-api data to business model?
_
neomerx
@neomerx
@ngantingon I'm currently working on adding OAuth 2.0 and then on integration with authorization
JASPER
@ngantingon
@neomerx i saw there are a new commit in limoncello-php/auth. Interested on the user access control authorization. Trying out now.
Any sample implementation on flute?
neomerx
@neomerx
@ngantingon Probably not yet. I'm working on adding OAuth 2 and then integrate it with authorization system which was inspired by XACML
neomerx
@neomerx

We've passed 44 releases and the code base is stable for very long time so it's probably a good moment to release the code as version 1.0

Changes since previous release

  • #169 Added support for serialization to arrays
  • #171 Fixed no top level meta information and jsonapi nodes added for errors.

Upgrade notes

JASPER
@ngantingon
@neomerx it is great to hear neomerx/json-api staged at 1.0!
Bas Kamer
@basz
Hello, I’m trying out this lib and like it very much https://twitter.com/baskamer/status/839109092484481025 ;-).
Bas Kamer
@basz
I’m trying to integrate it into my application and have a question related to Schema::getIncludePaths. part of the json api format is the include=some.rel parameter. What is a good approach to have the Schema::getIncludePaths method return different contents based on that query param? Should I pull that info of my DTO?
Bas Kamer
@basz
    public function getIncludePaths()
    {
        $includeCandidates = [
            'articleGroups' => 'article_groups',
            ‘articles' => 'articles',
        ];

        $include = array_filter($includeCandidates, function (string $include) {
            return in_array($include, $this->resource->_include);
        }, ARRAY_FILTER_USE_KEY);

        return $include;
    }
This works : when the resource ->_include = [‘articleGroups’] only those are included, but feels a little hacky
neomerx
@neomerx
@basz getIncludePaths return default include paths. For dynamic include paths second parameter of type EncodingParametersInterface in encode method could be used. Have a look at https://github.com/neomerx/json-api/wiki#encoding
Bas Kamer
@basz
ok, thats kind of obvious once it has been pointed out. thank you!
dreamsbond
@dreamsbond
@neomerx limoncello use doctrine, does it cover all orm functionality?
neomerx
@neomerx
@dreamsbond limoncello uses DBAL and do not limit you to use ORM
bot4343
@bot4343
Hi. Help me please to understand how to map JSON API answer to array with all included:, 'relationships:'
I use php. Thank you
neomerx
@neomerx
@bot4343 Your question is a bit generic. I can recommend you to have a look at an example application and wiki pages. I hope it will help to clarify.
Bas Kamer
@basz
What’s the way to respond to request with sparse documents? As I understand it when a client request a fieldsset only those fields should be returned in the response. How does a fieldsset name to a resourcetype? I can’t see any references to fieldsets or sparse in the SchemaProvider… thx
Bas Kamer
@basz
I was hoping passing the incoming fieldSet request to the encoder would be enough;
return new JsonApiResponse($this->encoder
    ->withMeta($result->meta($this->defaultMeta))
    ->encodeData($result->data(), new EncodingParameters($includePaths, $fieldSets)));
Daniel
@antosdaniel
Hey guys, I'm catching up with all json api/graphql/falcor stuff. Reading though your wiki I was wondering if the is a tooling to generate graphs from json api?
Bas Kamer
@basz
@neomerx Is there a recommended way to generated related links to resources from within an other resource? I noticed by default they are /somepath/resource/related/relName but my relName resource is on a different url that is known by the schema of that resource. So my question is can I access the public getSelfSubUrl method of a different schema? thanks
neomerx
@neomerx
@basz I think you might confuse related URIs '/PARENT_RESOURCE_PATH/related/relName' (which is optinal btw) with resource own URI 'which_can_be_very_different/123id'. They can perfectly coexist together.
Bas Kamer
@basz
Thanks have solved it
dreamsbond
@dreamsbond
@neomerx is it capable to define scope to user?
dreamsbond
@dreamsbond
@neomerx could you explain the workflow of scoped authorization and the use of resourceauthorizationruletrait?
neomerx
@neomerx
@dreamsbond limoncello has integrated support for OAuth 2. So scopes mean there exactly what they mean in OAuth 2. It's just a list of strings which you could assosiate with user. For example 'can_admin_xyz', 'can_view_zyx', and etc. Those are permissions basically.
OAuth 2 has a few authentication ways but they all end up with a token given to application which is basically an equivalent for login and password but it's limited by time and could be revoked independently from the login/password.
neomerx
@neomerx
Now to authorization. Limoncello under the hood uses concepts from XACML (https://en.wikipedia.org/wiki/XACML). However XACML is rather complex so limoncello introduces a much simplier concept to authorization.
neomerx
@neomerx
API level ask Authorization level if current account (which could be a user or 3rd party client/service) is allowed for action 'XYZ' for resource (type ..., id ...). If Authoirztion says 'yes' the API proceeds further.
Any extra information could also be sent to authorization level so it implement any logic.
Authorization can for example use OAuth scopes associated with user to decide if the action is permitted.
neomerx
@neomerx
For example \App\Authorization\CommentRules from demo app allows posting new comments only for logged in users, viewing for all and editing (update/delete) only for comment author or admin (a user with 'manage_messages' scope).
Feel free ask. If I don't reply for longer than a day don't hesitate to use github to knock )
Philip Larsson
@philiplarsson
Hey guys!
I don't quite understand how to hide the link member in my response. The wiki mentions that you can hide it but doesn't go into more details https://github.com/neomerx/json-api/wiki/Schemas#showhide-data
Philip Larsson
@philiplarsson
What I really would like to do is to disable them on all of my Schemas. Is this possible to do on the encoder object similar to the way one can add jsonapi-version?
neomerx
@neomerx
@philiplarsson it's quite easy. There you can add to a relationship property self::SHOW_SELF or self::SHOW_RELATED set to false or true. For example,
class PostSchema extends SchemaProvider
{
   ...
    public function getRelationships($post, $isPrimary, array $includeList)
    {
        /** @var Post $post */
        return [
            'author'   => [self::DATA => $post->author, self::SHOW_RELATED => false, self::SHOW_SELF => false],
            'comments' => [self::DATA => $post->comments],
        ];
    }
}
@philiplarsson I was on vacation till today so sorry for late response. Don't hesitate to send questions via github if no response in a day or two. Github sends notifications so I tend to notice them :smile:
Philip Larsson
@philiplarsson
@neomerx thanks for your response. Just to make sure I'm on the right page, by using getRelationships I would have to set self::SHOW_RELATED and self::SHOW_SELF to false on all of my schemas? The solution I have as of now is to override getResourceLinks (and return an empty array) on a class that extends SchemaProvider and let all of my Schemas extend this class instead.
neomerx
@neomerx
@philiplarsson There is more than way to design application :smile: and the library do not limit you. You can use either simple approach of setting SHOW_ in your Schemes or develop more generic solution with class inheritance. Surely you'd better to use what feels better for you.
bluebaroncanada
@bluebaroncanada
Please excuse my naivety, but what does it mean when they say return ...
            case AnalysisResultInterface::ERR_NO_HOST_HEADER:
            case AnalysisResultInterface::ERR_ORIGIN_NOT_ALLOWED:
            case AnalysisResultInterface::ERR_METHOD_NOT_SUPPORTED:
            case AnalysisResultInterface::ERR_HEADERS_NOT_SUPPORTED:
                // return 4XX HTTP error
                return ...;
Julián Gutiérrez
@juliangut
Just a quick question @neomerx , do you know of any annotation mapping library (Doctrine annotations) to map entities/documents to SchemaProvider??
Bas Kamer
@basz
Q. Hi there neomerx. Is there a build-in way I can use to hydrate a EncodingParamInterface instance from an array instead of a request object? My params are send through a message bus and I would like to create a EncodingParamInterface instance on the other side (where there is no request) (new Factory())->createQueryParametersParser()->parse($request) Or would I need to implement a QueryParametersParser myself? Would you be interested in a PR towards this?
Q2. Is there a way I could apply filter on param names? I would like my API to be able to respond to ?someParam=xxx or some_param=xxx and currenty i do that behind the message bus, but it would be better if I could do that before that so messages are always in the expected format and I can do analises on messages going through.
Marwan Rabbâa
@waghanza
Hi,
I have a question regarding relationships*.
I have defined getRelationships in my schema, but I want to make relationships optional
I mean having relationships when calling /entity?include=relation and not having them when calling relationships
Bas Kamer
@basz
Doesnt getRelationships have a include param you can conditionally Inspect?
Marwan Rabbâa
@waghanza
hi, how can I decode a json-api request from a POST ?