Sometimes we want to filter some sensitive fields, we can do that with groups:
<?php
namespace App\\Entity;
use ApiPlatform\\Core\\Annotation\\ApiResource;
use App\\Repository\\UserRepository;
use Doctrine\\Common\\Collections\\ArrayCollection;
use Doctrine\\Common\\Collections\\Collection;
use Doctrine\\ORM\\Mapping as ORM;
use Symfony\\Component\\Security\\Core\\User\\PasswordAuthenticatedUserInterface;
use Symfony\\Component\\Serializer\\Annotation\\Groups;
/**
* @ApiResource(
* itemOperations={"get"},
* collectionOperations={},
*** normalizationContext={
* "groups"={"read"}
* }**
* )
* @ORM\\Entity(repositoryClass=UserRepository::class)
*/
class User implements PasswordAuthenticatedUserInterface
{
/**
* @ORM\\Id
* @ORM\\GeneratedValue
* @ORM\\Column(type="integer")
*** @Groups({"read"})**
*/
private $id;
/**
* @ORM\\Column(type="string", length=255)
*** @Groups({"read"})**
*/
private $username;
/**
* @ORM\\Column(type="string", length=255)
*/
private $password;
/**
* @ORM\\Column(type="string", length=255)
*** @Groups({"read"})**
*/
private $name;
/**
* @ORM\\Column(type="string", length=255)
*/
private $email;
/**
* @ORM\\OneToMany(targetEntity="App\\Entity\\BlogPost", mappedBy="author")
*** @Groups({"read"})**
*/
private $posts;
/**
* @ORM\\OneToMany(targetEntity="App\\Entity\\Comment", mappedBy="author")
*** @Groups({"read"})**
*/
private $comments;
public function __construct()
{
$this->posts = new ArrayCollection();
$this->comments = new ArrayCollection();
}
public function getId(): ?int
{
return $this->id;
}
public function getUsername(): ?string
{
return $this->username;
}
public function setUsername(string $username): self
{
$this->username = $username;
return $this;
}
public function getPassword(): ?string
{
return $this->password;
}
public function setPassword(string $password): self
{
$this->password = $password;
return $this;
}
public function getName(): ?string
{
return $this->name;
}
public function setName(string $name): self
{
$this->name = $name;
return $this;
}
public function getEmail(): ?string
{
return $this->email;
}
public function setEmail(string $email): self
{
$this->email = $email;
return $this;
}
/**
* @return Collection
*/
public function getPosts(): Collection
{
return $this->posts;
}
/**
* @return Collection
*/
public function getComments(): Collection
{
return $this->comments;
}
}
<?php
namespace App\\Entity;
use ApiPlatform\\Core\\Annotation\\ApiResource;
use App\\Repository\\UserRepository;
use Doctrine\\Common\\Collections\\ArrayCollection;
use Doctrine\\Common\\Collections\\Collection;
use Doctrine\\ORM\\Mapping as ORM;
use Symfony\\Bridge\\Doctrine\\Validator\\Constraints\\UniqueEntity;
use Symfony\\Component\\Security\\Core\\User\\PasswordAuthenticatedUserInterface;
use Symfony\\Component\\Security\\Core\\User\\UserInterface;
use Symfony\\Component\\Serializer\\Annotation\\Groups;
use Symfony\\Component\\Validator\\Constraints as Assert;
/**
*@ApiResource(
*** normalizationContext={"groups"={"get"}},**
* itemOperations={
* "get"={
* "security"="is_granted('IS_AUTHENTICATED_FULLY')",
* **"normalization_context"={
* "groups"={"get"}
* }**
* },
* "put"={
* "security"="is_granted('IS_AUTHENTICATED_FULLY') and object.getUsername() == user.getUsername()",
* **"denormalization_context"={
* "groups"={"put"}
* }**
* }
* },
* collectionOperations={
* "post"={
* **"denormalization_context"={
* "groups"={"post"}
* }**
* }
* },
* )
*@ORM\\Entity(repositoryClass=UserRepository::class)
*@UniqueEntity("username")
*@UniqueEntity("email")
*/
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
/**
*@ORM\\Id
*@ORM\\GeneratedValue
*@ORM\\Column(type="integer")
***@Groups({"get"})**
*/
private $id;
/**
*@ORM\\Column(type="string", length=255)
***@Groups({"get", "post"})**
*@Assert\\NotBlank()
*@Assert\\Length(min=6, max=255)
*/
private $username;
/**
*@ORM\\Column(type="string", length=255)
***@Groups({"put", "post"})**
*@Assert\\NotBlank()
*@Assert\\Regex(
* pattern="/(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).{7,}/",
* message="Password must be seven characters long and contains at least one digit, one upper case and one lower case letter"
* )
*/
private $password;
/**
***@Groups({"put", "post"})**
*@Assert\\NotBlank
*@Assert\\Expression(
* "this.getPassword() === this.getRetypedPassword()",
* message="Passwords does not match"
* )
*/
private $retypedPassword;
/**
*@ORM\\Column(type="string", length=255)
***@Groups({"get", "post", "put"})**
*@Assert\\NotBlank()
*@Assert\\Length(min=3, max=255)
*/
private $name;
/**
*@ORM\\Column(type="string", length=255)
***@Groups({"post", "put"})**
*@Assert\\NotBlank()
*@Assert\\Email()
*@Assert\\Length(min=6, max=255)
*/
private $email;
/**
*@ORM\\OneToMany(targetEntity="App\\Entity\\BlogPost", mappedBy="author")
***@Groups({"get"})**
*/
private $posts;
/**
*@ORM\\OneToMany(targetEntity="App\\Entity\\Comment", mappedBy="author")
***@Groups({"get"})**
*/
private $comments;
...