Skip to content

feat(validator): uuid/ulid parameter validation #7649

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
soyuka merged 2 commits into from
Jan 16, 2026
Merged

feat(validator): uuid/ulid parameter validation #7649

soyuka merged 2 commits into from
Jan 16, 2026
+103 −6

Conversation

@aaa2000
Copy link
Contributor

@aaa2000 aaa2000 commented Jan 5, 2026

Q A
Branch main for features
License MIT

Adds Symfony validation constraints (Uuid or Ulid) to query parameters whose OpenAPI schema specifies format: uuid or format: ulid

@soyuka soyuka changed the title fix(validator): uuid/ulid parameter validation feat(validator): uuid/ulid parameter validation Jan 5, 2026
@soyuka
Copy link
Member

soyuka commented Jan 5, 2026

I'll fix the CI on the main branch asap.

@aaa2000 aaa2000 mentioned this pull request Jan 6, 2026
Merged
@aaa2000 aaa2000 force-pushed the add-uuid-ulid-validation-constraint branch from 1711403 to b342dd5 Compare January 9, 2026 09:47
@aaa2000
Copy link
Contributor Author

aaa2000 commented Jan 9, 2026

I think the PR requires changes because the uuid constraint is not add when the UuidFilter is used because the following schema is not supported

{
    "oneOf": [
        {
            "type": "string",
            "format": "uuid"
        },
        {
            "type": "array",
            "items": {
                "type": "string",
                "format": "uuid"
            }
        }
    ]
}

Filtering by an invalid uuid should return a 422 response and not a 400 response

https://github.com/api-platform/core/blob/main/tests/Functional/Uuid/UuidFilterBaseTestCase.php#L151C55-L151C71

@soyuka
Copy link
Member

soyuka commented Jan 9, 2026

sure let me know when I should review

@aaa2000 aaa2000 force-pushed the add-uuid-ulid-validation-constraint branch from b342dd5 to 13addbd Compare January 14, 2026 16:25
@aaa2000 aaa2000 force-pushed the add-uuid-ulid-validation-constraint branch from 13addbd to 5469d7f Compare January 14, 2026 16:28
@aaa2000
Copy link
Contributor Author

aaa2000 commented Jan 14, 2026

@soyuka ready for review

Filter by invalid uuid

curl -X 'GET' \
  'http://127.0.0.1:8000/symfony_uuid_devices?page=1&itemsPerPage=3&id=invaliduuid' \ 
  -H 'accept: application/ld+json'

{"@context":"\/contexts\/ConstraintViolation","@id":"\/validation_errors\/f27e6d6c-261a-4056-b391-6673a623531c","@type":"ConstraintViolation","status":422,"violations":[{"propertyPath":"id","message":"This value should satisfy at least one of the following constraints: [1] This value is not a valid UUID. [2] Each element of this collection should satisfy its own set of constraints.","code":"f27e6d6c-261a-4056-b391-6673a623531c"}],"detail":"id: This value should satisfy at least one of the following constraints: [1] This value is not a valid UUID. [2] Each element of this collection should satisfy its own set of constraints.","type":"\/validation_errors\/f27e6d6c-261a-4056-b391-6673a623531c","hydra:description":"id: This value should satisfy at least one of the following constraints: [1] This value is not a valid UUID. [2] Each element of this collection should satisfy its own set of constraints.","hydra:title":"An error occurred"}

Filter by many invalid uuid

curl -X 'GET' \                                                 
  'http://127.0.0.1:8000/symfony_uuid_devices?page=1&itemsPerPage=3&id[]=invaliduuid&id[]=fsdfsdfs' \
  -H 'accept: application/ld+json'

{"@context":"\/contexts\/ConstraintViolation","@id":"\/validation_errors\/f27e6d6c-261a-4056-b391-6673a623531c","@type":"ConstraintViolation","status":422,"violations":[{"propertyPath":"id","message":"This value should satisfy at least one of the following constraints: [1] This value should be of type string. [2] Each element of this collection should satisfy its own set of constraints.","code":"f27e6d6c-261a-4056-b391-6673a623531c"}],"detail":"id: This value should satisfy at least one of the following constraints: [1] This value should be of type string. [2] Each element of this collection should satisfy its own set of constraints.","type":"\/validation_errors\/f27e6d6c-261a-4056-b391-6673a623531c","hydra:description":"id: This value should satisfy at least one of the following constraints: [1] This value should be of type string. [2] Each element of this collection should satisfy its own set of constraints.","hydra:title":"An error occurred"}

@soyuka soyuka requested a review from Copilot January 16, 2026 15:42
Copilot AI reviewed Jan 16, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds UUID and ULID validation support to API Platform's parameter validation system. When query or header parameters specify format: uuid or format: ulid in their OpenAPI schema, Symfony's Uuid and Ulid validation constraints are automatically applied.

Changes:

  • Added UUID/ULID validation constraints for string parameters with uuid/ulid format specifications
  • Updated test assertions to expect HTTP 422 (Unprocessable Entity) instead of 400 (Bad Request) for invalid UUID inputs
  • Added test coverage for both single and array UUID/ULID parameter validation in query and header contexts

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
src/Validator/Util/ParameterValidationConstraints.php Implements validation logic for uuid/ulid formats in both single values and oneOf array scenarios
tests/Functional/Uuid/UuidFilterBaseTestCase.php Updates expected status codes from 400 to 422 for invalid UUID validation failures
tests/Functional/Parameters/ParameterTest.php Adds test cases for valid and invalid UUID/ULID values in both query and header parameters
tests/Fixtures/TestBundle/ApiResource/WithParameter.php Adds API resource configurations for testing UUID/ULID parameters in queries and headers

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@soyuka
Apply suggestions from code review
71a5526 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@soyuka soyuka merged commit fe63dde into api-platform:main Jan 16, 2026
147 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@soyuka soyuka soyuka approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aaa2000 @soyuka