Merge pull request #2039 from jewome62/feature/better-http-headers

teohhanhui · web-flow · commit 797cea682956 · 2018-07-19T19:42:42.000+02:00
Better HTTP headers
diff --git a/features/main/crud.feature b/features/main/crud.feature
@@ -22,6 +22,8 @@ Feature: Create-Retrieve-Update-Delete
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/dummies/1"
+    And the header "Location" should be equal to "/dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -426,6 +428,7 @@ Feature: Create-Retrieve-Update-Delete
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -465,6 +468,7 @@ Feature: Create-Retrieve-Update-Delete
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/dummies/1"
     And the JSON should be equal to:
     """
     {
diff --git a/features/main/crud_abstract.feature b/features/main/crud_abstract.feature
@@ -16,6 +16,8 @@ Feature: Create-Retrieve-Update-Delete on abstract resource
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/concrete_dummies/1"
+    And the header "Location" should be equal to "/concrete_dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -90,6 +92,7 @@ Feature: Create-Retrieve-Update-Delete on abstract resource
       Then the response status code should be 200
       And the response should be in JSON
       And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+      And the header "Content-Location" should be equal to "/concrete_dummies/1"
       And the JSON should be equal to:
       """
       {
diff --git a/features/main/custom_normalized.feature b/features/main/custom_normalized.feature
@@ -16,6 +16,8 @@ Feature: Using custom normalized entity
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/custom_normalized_dummies/1"
+    And the header "Location" should be equal to "/custom_normalized_dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -40,6 +42,8 @@ Feature: Using custom normalized entity
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/related_normalized_dummies/1"
+    And the header "Location" should be equal to "/related_normalized_dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -68,6 +72,7 @@ Feature: Using custom normalized entity
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/related_normalized_dummies/1"
     And the JSON should be equal to:
     """
     {
@@ -134,6 +139,7 @@ Feature: Using custom normalized entity
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/custom_normalized_dummies/1"
     And the JSON should be equal to:
     """
     {
diff --git a/features/main/custom_writable_identifier.feature b/features/main/custom_writable_identifier.feature
@@ -16,6 +16,8 @@ Feature: Using custom writable identifier on resource
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/custom_writable_identifier_dummies/my_slug"
+    And the header "Location" should be equal to "/custom_writable_identifier_dummies/my_slug"
     And the JSON should be equal to:
     """
     {
@@ -78,6 +80,7 @@ Feature: Using custom writable identifier on resource
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/custom_writable_identifier_dummies/slug_modified"
     And the JSON should be equal to:
     """
     {
diff --git a/features/main/uuid.feature b/features/main/uuid.feature
@@ -16,6 +16,8 @@ Feature: Using uuid identifier on resource
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/uuid_identifier_dummies/41b29566-144b-11e6-a148-3e1d05defe78"
+    And the header "Location" should be equal to "/uuid_identifier_dummies/41b29566-144b-11e6-a148-3e1d05defe78"
 
   Scenario: Get a resource
     When I send a "GET" request to "/uuid_identifier_dummies/41b29566-144b-11e6-a148-3e1d05defe78"
@@ -67,6 +69,7 @@ Feature: Using uuid identifier on resource
     Then the response status code should be 200
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/uuid_identifier_dummies/41b29566-144b-11e6-a148-3e1d05defe78"
     And the JSON should be equal to:
     """
     {
@@ -87,6 +90,8 @@ Feature: Using uuid identifier on resource
     Then the response status code should be 201
     And the response should be in JSON
     And the header "Content-Type" should be equal to "application/ld+json; charset=utf-8"
+    And the header "Content-Location" should be equal to "/custom_generated_identifiers/foo"
+    And the header "Location" should be equal to "/custom_generated_identifiers/foo"
     And the JSON should be equal to:
     """
     {
diff --git a/src/Bridge/Symfony/Bundle/Resources/config/api.xml b/src/Bridge/Symfony/Bundle/Resources/config/api.xml
@@ -152,6 +152,7 @@
 
         <service id="api_platform.listener.view.write" class="ApiPlatform\Core\EventListener\WriteListener">
             <argument type="service" id="api_platform.data_persister" />
+            <argument type="service" id="api_platform.iri_converter" on-invalid="null" />
 
             <tag name="kernel.event_listener" event="kernel.view" method="onKernelView" priority="32" />
         </service>
diff --git a/src/EventListener/RespondListener.php b/src/EventListener/RespondListener.php
@@ -40,15 +40,25 @@ public function onKernelView(GetResponseForControllerResultEvent $event)
             return;
         }
 
+        $headers = [
+            'Content-Type' => sprintf('%s; charset=utf-8', $request->getMimeType($request->getRequestFormat())),
+            'Vary' => 'Accept',
+            'X-Content-Type-Options' => 'nosniff',
+            'X-Frame-Options' => 'deny',
+        ];
+
+        if ($request->attributes->has('_api_write_item_iri')) {
+            $headers['Content-Location'] = $request->attributes->get('_api_write_item_iri');
+
+            if ($request->isMethod('POST')) {
+                $headers['Location'] = $request->attributes->get('_api_write_item_iri');
+            }
+        }
+
         $event->setResponse(new Response(
             $controllerResult,
             self::METHOD_TO_CODE[$request->getMethod()] ?? Response::HTTP_OK,
-            [
-                'Content-Type' => sprintf('%s; charset=utf-8', $request->getMimeType($request->getRequestFormat())),
-                'Vary' => 'Accept',
-                'X-Content-Type-Options' => 'nosniff',
-                'X-Frame-Options' => 'deny',
-            ]
+            $headers
         ));
     }
 }
diff --git a/src/EventListener/WriteListener.php b/src/EventListener/WriteListener.php
@@ -13,6 +13,7 @@
 
 namespace ApiPlatform\Core\EventListener;
 
+use ApiPlatform\Core\Api\IriConverterInterface;
 use ApiPlatform\Core\DataPersister\DataPersisterInterface;
 use Symfony\Component\HttpKernel\Event\GetResponseForControllerResultEvent;
 
@@ -25,10 +26,12 @@
 final class WriteListener
 {
     private $dataPersister;
+    private $iriConverter;
 
-    public function __construct(DataPersisterInterface $dataPersister)
+    public function __construct(DataPersisterInterface $dataPersister, IriConverterInterface $iriConverter = null)
     {
         $this->dataPersister = $dataPersister;
+        $this->iriConverter = $iriConverter;
     }
 
     /**
@@ -57,6 +60,10 @@ public function onKernelView(GetResponseForControllerResultEvent $event)
                 }
 
                 $event->setControllerResult($persistResult ?? $controllerResult);
+
+                if (null !== $this->iriConverter) {
+                    $request->attributes->set('_api_write_item_iri', $this->iriConverter->getIriFromItem($controllerResult));
+                }
                 break;
             case 'DELETE':
                 $this->dataPersister->remove($controllerResult);
diff --git a/tests/EventListener/RespondListenerTest.php b/tests/EventListener/RespondListenerTest.php
@@ -67,7 +67,7 @@ public function testCreate201Response()
     {
         $kernelProphecy = $this->prophesize(HttpKernelInterface::class);
 
-        $request = new Request([], [], ['_api_respond' => true]);
+        $request = new Request([], [], ['_api_respond' => true, '_api_write_item_iri' => '/dummy_entities/1']);
         $request->setMethod('POST');
         $request->setRequestFormat('xml');
 
@@ -88,6 +88,8 @@ public function testCreate201Response()
         $this->assertEquals('Accept', $response->headers->get('Vary'));
         $this->assertEquals('nosniff', $response->headers->get('X-Content-Type-Options'));
         $this->assertEquals('deny', $response->headers->get('X-Frame-Options'));
+        $this->assertEquals('/dummy_entities/1', $response->headers->get('Location'));
+        $this->assertEquals('/dummy_entities/1', $response->headers->get('Content-Location'));
     }
 
     public function testCreate204Response()
diff --git a/tests/EventListener/WriteListenerTest.php b/tests/EventListener/WriteListenerTest.php
@@ -13,6 +13,7 @@
 
 namespace ApiPlatform\Core\Tests\EventListener;
 
+use ApiPlatform\Core\Api\IriConverterInterface;
 use ApiPlatform\Core\DataPersister\DataPersisterInterface;
 use ApiPlatform\Core\EventListener\WriteListener;
 use ApiPlatform\Core\Tests\Fixtures\TestBundle\Entity\Dummy;
@@ -35,6 +36,9 @@ public function testOnKernelViewWithControllerResultAndPersist()
         $dataPersisterProphecy->supports($dummy)->willReturn(true)->shouldBeCalled();
         $dataPersisterProphecy->persist($dummy)->willReturn($dummy)->shouldBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->willReturn('/dummy/1')->shouldBeCalled();
+
         $request = new Request();
         $request->attributes->set('_api_resource_class', Dummy::class);
 
@@ -48,8 +52,9 @@ public function testOnKernelViewWithControllerResultAndPersist()
         foreach (['PATCH', 'PUT', 'POST'] as $httpMethod) {
             $request->setMethod($httpMethod);
 
-            (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+            (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
             $this->assertSame($dummy, $event->getControllerResult());
+            $this->assertEquals('/dummy/1', $request->attributes->get('_api_write_item_iri'));
         }
     }
 
@@ -98,6 +103,9 @@ public function testOnKernelViewWithControllerResultAndPersistWithImmutableResou
         $dataPersisterProphecy = $this->prophesize(DataPersisterInterface::class);
         $dataPersisterProphecy->supports($dummy)->willReturn(true)->shouldBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->willReturn('/dummy/1')->shouldBeCalled();
+
         $dataPersisterProphecy
             ->persist($dummy)
             ->willReturn($dummy2) // Persist is not mutating $dummy, but return a brand new technically unrelated object instead
@@ -117,9 +125,10 @@ public function testOnKernelViewWithControllerResultAndPersistWithImmutableResou
 
             $request->setMethod($httpMethod);
 
-            (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+            (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
 
             $this->assertSame($dummy2, $event->getControllerResult());
+            $this->assertEquals('/dummy/1', $request->attributes->get('_api_write_item_iri'));
         }
     }
 
@@ -132,6 +141,9 @@ public function testOnKernelViewWithControllerResultAndRemove()
         $dataPersisterProphecy->supports($dummy)->willReturn(true)->shouldBeCalled();
         $dataPersisterProphecy->remove($dummy)->shouldBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->shouldNotBeCalled();
+
         $request = new Request();
         $request->setMethod('DELETE');
         $request->attributes->set('_api_resource_class', Dummy::class);
@@ -143,7 +155,7 @@ public function testOnKernelViewWithControllerResultAndRemove()
             $dummy
         );
 
-        (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+        (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
     }
 
     public function testOnKernelViewWithSafeMethod()
@@ -156,6 +168,9 @@ public function testOnKernelViewWithSafeMethod()
         $dataPersisterProphecy->persist($dummy)->shouldNotBeCalled();
         $dataPersisterProphecy->remove($dummy)->shouldNotBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->shouldNotBeCalled();
+
         $request = new Request();
         $request->setMethod('HEAD');
         $request->attributes->set('_api_resource_class', Dummy::class);
@@ -180,6 +195,9 @@ public function testOnKernelViewWithPersistFlagOff()
         $dataPersisterProphecy->persist($dummy)->shouldNotBeCalled();
         $dataPersisterProphecy->remove($dummy)->shouldNotBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->shouldNotBeCalled();
+
         $request = new Request();
         $request->setMethod('HEAD');
         $request->attributes->set('_api_resource_class', Dummy::class);
@@ -192,7 +210,7 @@ public function testOnKernelViewWithPersistFlagOff()
             $dummy
         );
 
-        (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+        (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
     }
 
     public function testOnKernelViewWithNoResourceClass()
@@ -205,6 +223,9 @@ public function testOnKernelViewWithNoResourceClass()
         $dataPersisterProphecy->persist($dummy)->shouldNotBeCalled();
         $dataPersisterProphecy->remove($dummy)->shouldNotBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->shouldNotBeCalled();
+
         $request = new Request();
         $request->setMethod('POST');
 
@@ -215,7 +236,7 @@ public function testOnKernelViewWithNoResourceClass()
             $dummy
         );
 
-        (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+        (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
     }
 
     public function testOnKernelViewWithNoDataPersisterSupport()
@@ -228,6 +249,9 @@ public function testOnKernelViewWithNoDataPersisterSupport()
         $dataPersisterProphecy->persist($dummy)->shouldNotBeCalled();
         $dataPersisterProphecy->remove($dummy)->shouldNotBeCalled();
 
+        $iriConverterProphecy = $this->prophesize(IriConverterInterface::class);
+        $iriConverterProphecy->getIriFromItem($dummy)->shouldNotBeCalled();
+
         $request = new Request();
         $request->setMethod('POST');
         $request->attributes->set('_api_resource_class', 'Dummy');
@@ -239,6 +263,6 @@ public function testOnKernelViewWithNoDataPersisterSupport()
             $dummy
         );
 
-        (new WriteListener($dataPersisterProphecy->reveal()))->onKernelView($event);
+        (new WriteListener($dataPersisterProphecy->reveal(), $iriConverterProphecy->reveal()))->onKernelView($event);
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ public function testCreate201Response()`
`67`	`67`	`{`
`68`	`68`	`$kernelProphecy = $this->prophesize(HttpKernelInterface::class);`
`69`	`69`
`70`		`- $request = new Request([], [], ['_api_respond' => true]);`
	`70`	`+ $request = new Request([], [], ['_api_respond' => true, '_api_write_item_iri' => '/dummy_entities/1']);`
`71`	`71`	`$request->setMethod('POST');`
`72`	`72`	`$request->setRequestFormat('xml');`
`73`	`73`
`@@ -88,6 +88,8 @@ public function testCreate201Response()`
`88`	`88`	`$this->assertEquals('Accept', $response->headers->get('Vary'));`
`89`	`89`	`$this->assertEquals('nosniff', $response->headers->get('X-Content-Type-Options'));`
`90`	`90`	`$this->assertEquals('deny', $response->headers->get('X-Frame-Options'));`
	`91`	`+ $this->assertEquals('/dummy_entities/1', $response->headers->get('Location'));`
	`92`	`+ $this->assertEquals('/dummy_entities/1', $response->headers->get('Content-Location'));`
`91`	`93`	`}`
`92`	`94`
`93`	`95`	`public function testCreate204Response()`