fix(laravel): read property type before serialization (#7332)

soyuka · web-flow · commit d1073bc67ca0 · 2025-08-18T11:50:02.000+02:00
fixes #7316
diff --git a/src/Laravel/ApiPlatformProvider.php b/src/Laravel/ApiPlatformProvider.php
@@ -86,6 +86,8 @@
 use ApiPlatform\Laravel\Eloquent\Metadata\ModelMetadata;
 use ApiPlatform\Laravel\Eloquent\Metadata\ResourceClassResolver as EloquentResourceClassResolver;
 use ApiPlatform\Laravel\Eloquent\PropertyAccess\PropertyAccessor as EloquentPropertyAccessor;
+use ApiPlatform\Laravel\Eloquent\PropertyInfo\EloquentExtractor;
+use ApiPlatform\Laravel\Eloquent\Serializer\EloquentNameConverter;
 use ApiPlatform\Laravel\Eloquent\Serializer\SerializerContextBuilder as EloquentSerializerContextBuilder;
 use ApiPlatform\Laravel\GraphQl\Controller\EntrypointController as GraphQlEntrypointController;
 use ApiPlatform\Laravel\GraphQl\Controller\GraphiQlController;
@@ -195,15 +197,16 @@ public function register(): void
     {
         $this->mergeConfigFrom(__DIR__.'/config/api-platform.php', 'api-platform');
 
-        $this->app->singleton(PropertyInfoExtractorInterface::class, function () {
+        $this->app->singleton(PropertyInfoExtractorInterface::class, function (Application $app) {
             $phpstanExtractor = class_exists(PhpDocParser::class) ? new PhpStanExtractor() : null;
             $reflectionExtractor = new ReflectionExtractor();
+            $eloquentExtractor = new EloquentExtractor($app->make(ModelMetadata::class));
 
             return new PropertyInfoExtractor(
                 [$reflectionExtractor],
                 $phpstanExtractor ? [$phpstanExtractor, $reflectionExtractor] : [$reflectionExtractor],
                 [],
-                [$reflectionExtractor],
+                [$eloquentExtractor],
                 [$reflectionExtractor]
             );
         });
@@ -262,10 +265,10 @@ public function register(): void
             return new CachePropertyMetadataFactory(
                 new SchemaPropertyMetadataFactory(
                     $app->make(ResourceClassResolverInterface::class),
-                    new PropertyInfoPropertyMetadataFactory(
-                        $app->make(PropertyInfoExtractorInterface::class),
-                        new SerializerPropertyMetadataFactory(
-                            $app->make(SerializerClassMetadataFactory::class),
+                    new SerializerPropertyMetadataFactory(
+                        $app->make(SerializerClassMetadataFactory::class),
+                        new PropertyInfoPropertyMetadataFactory(
+                            $app->make(PropertyInfoExtractorInterface::class),
                             new AttributePropertyMetadataFactory(
                                 new EloquentAttributePropertyMetadataFactory(
                                     new EloquentPropertyMetadataFactory(
@@ -315,7 +318,7 @@ public function register(): void
             $config = $app['config'];
             $nameConverter = $config->get('api-platform.name_converter', SnakeCaseToCamelCaseNameConverter::class);
             if ($nameConverter && class_exists($nameConverter)) {
-                $nameConverter = $app->make($nameConverter);
+                $nameConverter = new EloquentNameConverter($app->make($nameConverter));
             }
 
             $defaultContext = $config->get('api-platform.serializer', []);
@@ -400,9 +403,13 @@ public function register(): void
         });
         $this->app->bind(SerializerContextBuilderInterface::class, EloquentSerializerContextBuilder::class);
         $this->app->singleton(EloquentSerializerContextBuilder::class, function (Application $app) {
+            /** @var ConfigRepository */
+            $config = $app['config'];
+
             return new EloquentSerializerContextBuilder(
                 $app->make(SerializerContextBuilder::class),
-                $app->make(PropertyNameCollectionFactoryInterface::class)
+                $app->make(PropertyNameCollectionFactoryInterface::class),
+                $config->get('api-platform.name_converter', SnakeCaseToCamelCaseNameConverter::class)
             );
         });
 
diff --git a/src/Laravel/Eloquent/Metadata/Factory/Property/EloquentPropertyMetadataFactory.php b/src/Laravel/Eloquent/Metadata/Factory/Property/EloquentPropertyMetadataFactory.php
@@ -64,7 +64,7 @@ public function create(string $resourceClass, string $property, array $options =
         }
 
         if ($model->getKeyName() === $property) {
-            $propertyMetadata = $propertyMetadata->withIdentifier(true)->withWritable($propertyMetadata->isWritable() ?? false);
+            $propertyMetadata = $propertyMetadata->withIdentifier(true);
         }
 
         foreach ($this->modelMetadata->getAttributes($model) as $p) {
@@ -89,17 +89,6 @@ public function create(string $resourceClass, string $property, array $options =
             $propertyMetadata = $propertyMetadata
                 ->withBuiltinTypes([$type]);
 
-            // If these are set let the SerializerPropertyMetadataFactory do the work
-            if (!isset($options['denormalization_groups'])) {
-                $propertyMetadata = $propertyMetadata
-                    ->withWritable($propertyMetadata->isWritable() ?? true === $p['fillable']);
-            }
-
-            if (!isset($options['normalization_groups'])) {
-                $propertyMetadata = $propertyMetadata
-                    ->withReadable($propertyMetadata->isReadable() ?? false === $p['hidden']);
-            }
-
             return $propertyMetadata;
         }
 
diff --git a/src/Laravel/Eloquent/PropertyInfo/EloquentExtractor.php b/src/Laravel/Eloquent/PropertyInfo/EloquentExtractor.php
@@ -0,0 +1,91 @@
+<?php
+
+/*
+ * This file is part of the API Platform project.
+ *
+ * (c) Kévin Dunglas <dunglas@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace ApiPlatform\Laravel\Eloquent\PropertyInfo;
+
+use ApiPlatform\Laravel\Eloquent\Metadata\ModelMetadata;
+use Illuminate\Database\Eloquent\Model;
+use Symfony\Component\PropertyInfo\PropertyAccessExtractorInterface;
+
+class EloquentExtractor implements PropertyAccessExtractorInterface
+{
+    public function __construct(private readonly ModelMetadata $modelMetadata)
+    {
+    }
+
+    /**
+     * @param array<string, mixed> $context
+     */
+    public function isReadable(string $class, string $property, array $context = []): ?bool
+    {
+        if (!is_a($class, Model::class, true)) {
+            return null;
+        }
+
+        try {
+            $refl = new \ReflectionClass($class);
+            $model = $refl->newInstanceWithoutConstructor();
+        } catch (\ReflectionException) {
+            return null;
+        }
+
+        foreach ($this->modelMetadata->getAttributes($model) as $p) {
+            if ($p['name'] !== $property) {
+                continue;
+            }
+
+            if (($visible = $model->getVisible()) && \in_array($property, $visible, true)) {
+                return true;
+            }
+
+            if (($hidden = $model->getHidden()) && \in_array($property, $hidden, true)) {
+                return false;
+            }
+
+            return true;
+        }
+
+        return null;
+    }
+
+    /**
+     * @param array<string, mixed> $context
+     */
+    public function isWritable(string $class, string $property, array $context = []): ?bool
+    {
+        if (!is_a($class, Model::class, true)) {
+            return null;
+        }
+
+        try {
+            $refl = new \ReflectionClass($class);
+            $model = $refl->newInstanceWithoutConstructor();
+        } catch (\ReflectionException) {
+            return null;
+        }
+
+        foreach ($this->modelMetadata->getAttributes($model) as $p) {
+            if ($p['name'] !== $property) {
+                continue;
+            }
+
+            if ($fillable = $model->getFillable()) {
+                return \in_array($property, $fillable, true);
+            }
+
+            return true;
+        }
+
+        return null;
+    }
+}
diff --git a/src/Laravel/Eloquent/Serializer/EloquentNameConverter.php b/src/Laravel/Eloquent/Serializer/EloquentNameConverter.php
@@ -0,0 +1,48 @@
+<?php
+
+/*
+ * This file is part of the API Platform project.
+ *
+ * (c) Kévin Dunglas <dunglas@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace ApiPlatform\Laravel\Eloquent\Serializer;
+
+use Symfony\Component\Serializer\Exception\UnexpectedPropertyException;
+use Symfony\Component\Serializer\NameConverter\NameConverterInterface;
+
+final class EloquentNameConverter implements NameConverterInterface
+{
+    public function __construct(private readonly NameConverterInterface $nameConverter)
+    {
+    }
+
+    /**
+     * @param array<string, mixed> $context
+     */
+    public function normalize(string $propertyName, ?string $class = null, ?string $format = null, array $context = []): string
+    {
+        try {
+            return $this->nameConverter->normalize($propertyName, $class, $format, $context); // @phpstan-ignore-line
+        } catch (UnexpectedPropertyException $e) {
+            return $this->nameConverter->denormalize($propertyName, $class, $format, $context); // @phpstan-ignore-line
+        }
+    }
+
+    /**
+     * @param array<string, mixed> $context
+     */
+    public function denormalize(string $propertyName, ?string $class = null, ?string $format = null, array $context = []): string
+    {
+        try {
+            return $this->nameConverter->denormalize($propertyName, $class, $format, $context); // @phpstan-ignore-line
+        } catch (UnexpectedPropertyException $e) {
+            return $this->nameConverter->normalize($propertyName, $class, $format, $context); // @phpstan-ignore-line
+        }
+    }
+}
diff --git a/src/Laravel/Eloquent/Serializer/SerializerContextBuilder.php b/src/Laravel/Eloquent/Serializer/SerializerContextBuilder.php
@@ -17,13 +17,19 @@
 use ApiPlatform\State\SerializerContextBuilderInterface;
 use Illuminate\Database\Eloquent\Model;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Serializer\NameConverter\CamelCaseToSnakeCaseNameConverter;
+use Symfony\Component\Serializer\NameConverter\SnakeCaseToCamelCaseNameConverter;
 use Symfony\Component\Serializer\Normalizer\AbstractNormalizer;
 
 final class SerializerContextBuilder implements SerializerContextBuilderInterface
 {
+    /**
+     * @param class-string $nameConverterClass
+     */
     public function __construct(
         private readonly SerializerContextBuilderInterface $decorated,
         private readonly PropertyNameCollectionFactoryInterface $propertyNameCollectionFactory,
+        private readonly ?string $nameConverterClass = null,
     ) {
     }
 
@@ -37,6 +43,12 @@ public function createFromRequest(Request $request, bool $normalization, ?array
             return $context;
         }
 
+        if (SnakeCaseToCamelCaseNameConverter::class === $this->nameConverterClass) {
+            $context[SnakeCaseToCamelCaseNameConverter::REQUIRE_CAMEL_CASE_PROPERTIES] = true;
+        } elseif (CamelCaseToSnakeCaseNameConverter::class === $this->nameConverterClass) {
+            $context[CamelCaseToSnakeCaseNameConverter::REQUIRE_SNAKE_CASE_PROPERTIES] = true;
+        }
+
         if (!isset($context[AbstractNormalizer::ATTRIBUTES])) {
             // isWritable/isReadable is checked later on
             $context[AbstractNormalizer::ATTRIBUTES] = iterator_to_array($this->propertyNameCollectionFactory->create($context['resource_class'], ['serializer_groups' => $context['groups'] ?? null]));
diff --git a/src/Laravel/Tests/JsonLdTest.php b/src/Laravel/Tests/JsonLdTest.php
@@ -369,4 +369,13 @@ public function testResourceWithOptionModel(): void
             '@type' => 'Collection',
         ]);
     }
+
+    public function testCustomRelation(): void
+    {
+        $response = $this->get('/api/home', headers: ['accept' => ['application/ld+json']]);
+        $home = $response->json();
+        $this->assertArrayHasKey('order', $home);
+        $this->assertArrayHasKey('id', $home['order']);
+        $this->assertArrayHasKey('number', $home['order']);
+    }
 }
diff --git a/src/Laravel/Tests/ValidationTest.php b/src/Laravel/Tests/ValidationTest.php
@@ -48,6 +48,16 @@ public function testValidationCamelCase(): void
         $response->assertStatus(422);
     }
 
+    public function testCamelCaseValid(): void
+    {
+        $data = [
+            'surName' => 'ok',
+        ];
+
+        $response = $this->postJson('/api/issue_6932', $data, ['accept' => 'application/ld+json', 'content-type' => 'application/ld+json']);
+        $response->assertStatus(201);
+    }
+
     public function testValidationSnakeCase(): void
     {
         $data = [
diff --git a/src/Laravel/workbench/app/ApiResource/Home.php b/src/Laravel/workbench/app/ApiResource/Home.php
@@ -0,0 +1,49 @@
+<?php
+
+/*
+ * This file is part of the API Platform project.
+ *
+ * (c) Kévin Dunglas <dunglas@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace Workbench\App\ApiResource;
+
+use ApiPlatform\Metadata\ApiProperty;
+use ApiPlatform\Metadata\ApiResource;
+use ApiPlatform\Metadata\Get;
+use ApiPlatform\Metadata\Operation;
+use Symfony\Component\Serializer\Annotation\Groups;
+use Workbench\App\Models\Order;
+use Workbench\Database\Factories\OrderFactory;
+
+#[ApiResource(
+    operations: [
+        new Get(
+            uriTemplate: '/home',
+            normalizationContext: ['groups' => ['home:read']],
+            provider: [self::class, 'provide'],
+        ),
+    ],
+)]
+class Home
+{
+    #[ApiProperty(identifier: true)]
+    public int $id = 1;
+
+    #[Groups(['home:read'])]
+    public ?Order $order = null;
+
+    public static function provide(Operation $operation, array $uriVariables = [], array $context = []): object|array|null
+    {
+        $order = OrderFactory::new()->create();
+        $home = new self();
+        $home->order = $order;
+
+        return $home;
+    }
+}
diff --git a/src/Laravel/workbench/app/Models/Order.php b/src/Laravel/workbench/app/Models/Order.php
@@ -0,0 +1,32 @@
+<?php
+
+/*
+ * This file is part of the API Platform project.
+ *
+ * (c) Kévin Dunglas <dunglas@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+declare(strict_types=1);
+
+namespace Workbench\App\Models;
+
+use ApiPlatform\Metadata\ApiProperty;
+use ApiPlatform\Metadata\ApiResource;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+use Symfony\Component\Serializer\Attribute\Groups;
+
+#[ApiResource()]
+#[ApiProperty(property: 'id', serialize: [new Groups(['home:read'])])]
+#[ApiProperty(property: 'number', serialize: [new Groups(['home:read'])])]
+class Order extends Model
+{
+    use HasFactory;
+
+    protected $fillable = [
+        'number',
+    ];
+}
diff --git a/src/Laravel/workbench/database/factories/OrderFactory.php b/src/Laravel/workbench/database/factories/OrderFactory.php
diff --git a/src/Laravel/workbench/database/migrations/2025_05_08_000000_create_orders_table.php b/src/Laravel/workbench/database/migrations/2025_05_08_000000_create_orders_table.php
diff --git a/tests/Fixtures/TestBundle/State/SerializableProvider.php b/tests/Fixtures/TestBundle/State/SerializableProvider.php

Original file line number	Diff line number	Diff line change
`@@ -369,4 +369,13 @@ public function testResourceWithOptionModel(): void`
`369`	`369`	`'@type' => 'Collection',`
`370`	`370`	`]);`
`371`	`371`	`}`
	`372`	`+`
	`373`	`+ public function testCustomRelation(): void`
	`374`	`+ {`
	`375`	`+ $response = $this->get('/api/home', headers: ['accept' => ['application/ld+json']]);`
	`376`	`+ $home = $response->json();`
	`377`	`+ $this->assertArrayHasKey('order', $home);`
	`378`	`+ $this->assertArrayHasKey('id', $home['order']);`
	`379`	`+ $this->assertArrayHasKey('number', $home['order']);`
	`380`	`+ }`
`372`	`381`	`}`